Details
-
Type:
extRequest
-
Status: Closed
-
Priority:
Major
-
Resolution: Done
-
Fix Version/s: 2021
-
Component/s: FIWARE-TECH-HELP
-
Labels:None
-
HD-Chapter:Data
-
HD-Enabler:Cosmos
Description
Hi, please find hereafter a snipped python code to use OAuth2 on Cosmos,
but the services always replies 401, even if token is used.
Username and password for getting the token is the ones of a FIWARE LAB
user.
May you help us?
Thanks in advance for your help,
P.
------------------------------------
import requests
def get_oauth_token():
OAUTH_SERVER = "https://130.206.80.46:13000/cosmos-auth/v1/token"
OAUTH_CONTENT = "grant_type=password&username=XXX&password=XXX"
req_headers =
{'Content-Type': 'application/x-www-form-urlencoded'} r = requests.post(OAUTH_SERVER, data=OAUTH_CONTENT,
headers=req_headers, verify=False)
res = r.json()
return res['access_token']
if _name_ == "_main_":
headers = None
t = get_oauth_token()
if not headers:
headers = {}
headers['X-Auth-Token'] = t
print headers
TEST_GET = "http://130.206.80.46:14000/webhdfs/v1/user/XXXXXX.txt"
TEST_GET_PARAMS = "op=getfilestatus&user.name=XXXX"
response = requests.get(TEST_GET, data=TEST_GET_PARAMS,
headers=headers)
print response
--------------
Pasquale Andriani
Direzione Ricerca e Innovazione - Research & Development Lab
pasquale.andriani@eng.it
Engineering Ingegneria Informatica spa
Via Riccardo Morandi, 32 - 00148 Roma
Tel. +39-06.87594138
Mob. +39 3924698746
Fax. +39-06.83074408
www.eng.it
_______________________________________________
Fiware-lab-help mailing list
Fiware-lab-help@lists.fi-ware.org
https://lists.fi-ware.org/listinfo/fiware-lab-help
Activity
Hi,
1) [root@finesce-wp4-orion-cb ~]# curl -X POST "
https://130.206.80.46:13000/cosmos-auth/v1/token" -H "Content-Type:
application/x-www-form-urlencoded" -d
"grant_type=password&username=XXXX&password=XXXX" -k
2) [root@finesce-wp4-orion-cb ~]# curl -X GET "
http://130.206.80.46:14000/webhdfs/v1/user/FINESCE-WP4/XX/XXX/XXXX-Meter.txt"
-H "X-Auth-Token: DsZo8FwrWQ3NpCHUwLMjv994rFs25x" -d "op=getfilestatus&
user.name=FINESCE-WP4" -k
User token not authorized
There is some XXX here and there to obscure sensitive data. I may add it if
we switch to a private discussion.
Thanks for your help,
P.
Pasquale Andriani
Direzione Ricerca e Innovazione - Research & Development Lab
pasquale.andriani@eng.it
Engineering Ingegneria Informatica spa
Via Riccardo Morandi, 32 - 00148 Roma
Tel. +39-06.87594138
Mob. +39 3924698746
Fax. +39-06.83074408
www.eng.it
On Tue, Jul 14, 2015 at 3:36 PM, Francisco Romero (JIRA) <
Hi Francisco, any news on this?
We're losing smart metering data till we are not able to fix this.
Thanks in advance,
P.
Pasquale Andriani
Direzione Ricerca e Innovazione - Research & Development Lab
pasquale.andriani@eng.it
Engineering Ingegneria Informatica spa
Via Riccardo Morandi, 32 - 00148 Roma
Tel. +39-06.87594138
Mob. +39 3924698746
Fax. +39-06.83074408
www.eng.it
On Tue, Jul 14, 2015 at 4:41 PM, Pasquale Andriani <pasquale.andriani@eng.it
Hi Pasquale,
I think I know what is happening. Currently, cosmos accounts are created
based on the registered email at FIWARE Lab. For instance, my own user
francisco.romerobueno@telefonica.com is related to the
francisco.romerobueno account, and the most important, to the
/user/francisco.romerobueno/ HDFS userspace. This is because we automated
the account creation process. Nevertheless, at the beginning of the
enabler, Cosmos accounts were created manually and usernames were
arbitrarily assigned. Most probably, your registered email is not
FIWARE-WP4@something, right?
Since the new authorization mechanism checks is your Cosmos username
matches the accessed HDFS path, and the Cosmos username is related to the
registered email you use to obtain the token, then the ³unauthorized
message² is gotten.
I think everything would be fixed if I rename your current HDFS userspace
/user/FIWARE-WP4/ to /user/<your_username_got_from_registered_email>.
Tell me the registered email by private message and I¹ll do the change.
Regards,
Francisco
El 16/7/15 10:55, "Pasquale Andriani (JIRA)" <jira-help-desk@fi-ware.org>
________________________________
Este mensaje y sus adjuntos se dirigen exclusivamente a su destinatario, puede contener información privilegiada o confidencial y es para uso exclusivo de la persona o entidad de destino. Si no es usted. el destinatario indicado, queda notificado de que la lectura, utilización, divulgación y/o copia sin autorización puede estar prohibida en virtud de la legislación vigente. Si ha recibido este mensaje por error, le rogamos que nos lo comunique inmediatamente por esta misma vía y proceda a su destrucción.
The information contained in this transmission is privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this transmission in error, do not read it. Please immediately reply to the sender that you have received this communication in error and then delete it.
Esta mensagem e seus anexos se dirigem exclusivamente ao seu destinatário, pode conter informação privilegiada ou confidencial e é para uso exclusivo da pessoa ou entidade de destino. Se não é vossa senhoria o destinatário indicado, fica notificado de que a leitura, utilização, divulgação e/ou cópia sem autorização pode estar proibida em virtude da legislação vigente. Se recebeu esta mensagem por erro, rogamos-lhe que nos o comunique imediatamente por esta mesma via e proceda a sua destruição
This was fixed by private email. Closing.
Hi,
It sounds well what you are doing... Can you confirm a valid token is gotten when accessing https://cosmos.lab.fiware.org:13000/cosmos-auth/token ? I mean, try everything with a curl before any coding. Just to know if it is a problem of the server or the coding. Paste here the results of the curl, please.
Regards,
Francisco