Details
-
Type:
extRequest
-
Status: Closed
-
Priority:
Critical
-
Resolution: Done
-
Fix Version/s: 2021
-
Component/s: FIWARE-TECH-HELP
-
Labels:None
-
Sender Email:
-
HD-Chapter:Security
-
HD-Enabler:KeyRock
Description
Dear Ilknur, fiware tech team,
We have tried to contact Keyrock GE responsible (Joaquin and Alvaro) to
support one of our SMEs with this GE (see email below).
As you know they should have finish this month implementation of prototype
for SmartAgriFood accelerator, so the help is really needed asap to avoid
delays. Would you be able to help them with their issue.
If you can provide them with a working practical example of keyrock
authentication with the code that would be really helpful.
Thanks in advance,
Best Regards,
Raul
From: Raul Palma <rpalma@man.poznan.pl>
Date: Monday 10 August 2015 13:41
To: Milos Vranic <milos.vranic@panonit.com>, <jsalvachua@dit.upm.es>,
<aalonsog@dit.upm.es>
Cc: <ssladojevic@gmail.com>, Sam <sbrahma@man.poznan.pl>
Subject: KeyRock GE
Dear Joaquin/Alvaro,
Im contacting you from the technical team of SmartAgriFood accelerator.
One of our SMEs (in cc), is having a question regarding KeyRock GE.
They are using the global instance, i.e., FIWARE Lab Account Portal
(https://account.lab.fiware.org), and they are able to pass the
authorisation from their code, but they cannot retrieve the user.
See test UI: http://panonit.com:8802 (code:
https://github.com/ging/oauth2-example-client)
Their config.js content is below.
Could you please confirm if they are using the correct endpoint, or if there
is some other issue?
Thanks in advance,
Best Regards,
—
Raul Palma, PhD
Network Services Department
Poznań Supercomputing and Networking Center
ul. Dąbrowskiego 79a
60-529 Poznań
phone: (+48 61) 858-21-61
fax: (+48 61) 858-21-51
---config.js------
var config = {}
config.idmURL = 'https://account.lab.fiware.org/';
config.client_id = 'f9b5940d67a741a38039690e4d6e6c6f';
config.client_secret = 'c9f854c96c9e4c70a0d402bce3233a17';
config.callbackURL = 'http://panonit.com:8802/user_info';
// Depending on Grant Type:
// Authorization Code Grant: code
// Implicit Grant: token
config.response_type = 'code';
module.exports = config;
_______________________________________________
Fiware-tech-help mailing list
Fiware-tech-help@lists.fi-ware.org
https://lists.fi-ware.org/listinfo/fiware-tech-help
[Created via e-mail received from: Raul Palma <rpalma@man.poznan.pl>]
Activity
Answered via email
Good Morning Raul,
As far as I've checked their implementation below, there is this missing user retrieval part.
After a successful authentication(doing a post to IDM_URL/oauth2/token) they will have a json response back from the server.
they need to make a get request to the access_token part in this json to the IDM_URL/user path in order to get the user json as a response
These are missing in this implementation below.
Kind regards
Omer
From: Raul Palma <rpalma@man.poznan.pl<rpalma@man.poznan.pl
>>
>>, <jsalvachua@dit.upm.es<jsalvachua@dit.upm.es
>>, <aalonsog@dit.upm.es<aalonsog@dit.upm.es
>>
>>, Sam <sbrahma@man.poznan.pl<sbrahma@man.poznan.pl
>>
Date: Monday 10 August 2015 13:41
To: Milos Vranic <milos.vranic@panonit.com<milos.vranic@panonit.com
Cc: <ssladojevic@gmail.com<ssladojevic@gmail.com
Subject: KeyRock GE
Dear Joaquin/Alvaro,
Im contacting you from the technical team of SmartAgriFood accelerator.
One of our SMEs (in cc), is having a question regarding KeyRock GE.
They are using the global instance, i.e., FIWARE Lab Account Portal (https://account.lab.fiware.org), and they are able to pass the authorisation from their code, but they cannot retrieve the user.
See test UI: http://panonit.com:8802 (code: https://github.com/ging/oauth2-example-client)
Their config.js content is below.
Could you please confirm if they are using the correct endpoint, or if there is some other issue?
Thanks in advance,
Best Regards,
—
Raul Palma, PhD
Network Services Department
Poznań Supercomputing and Networking Center
ul. Dąbrowskiego 79a
60-529 Poznań
phone: (+48 61) 858-21-61
fax: (+48 61) 858-21-51
——config.js-------
var config = {}
config.idmURL = 'https://account.lab.fiware.org/';
config.client_id = 'f9b5940d67a741a38039690e4d6e6c6f';
config.client_secret = 'c9f854c96c9e4c70a0d402bce3233a17';
config.callbackURL = 'http://panonit.com:8802/user_info';
// Depending on Grant Type:
// Authorization Code Grant: code
// Implicit Grant: token
config.response_type = 'code';
module.exports = config;
Bu mesaj ve ekleri gönderilen kişiye özeldir ve gizli bilgiler içerebilir. Eğer mesajın gönderilmek istendiği kişi değilseniz lütfen kopyalamayınız, başkalarına göndermeyiniz ve göndericiyi bilgilendiriniz. Internet üzerinden gönderilen mesajların güvenli ve hatasız olduğunun garantisi olmadığından Atos grubu mesajın içeriğinden sorumlu tutulamaz. Göndericinin bilgisayarı anti-virüs sistemleri tarafından taranmaktadır, ancak yine de mesajın virüs içermediği garanti edilemez ve gönderici, meydana gelebilecek zararlardan sorumlu tutulamaz.
This e-mail and the documents attached are confidential and intended solely for the addressee; it may also be privileged. If you receive this e-mail in error, please notify the sender immediately and destroy it. As its integrity cannot be secured on the Internet, the Atos group liability cannot be triggered for the message content. Although the sender endeavors to maintain a computer virus-free network, the sender does not warrant that this transmission is virus-free and will not be liable for any damages resulting from any virus transmitted.