Uploaded image for project: 'Help-Desk'
  1. Help-Desk
  2. HELP-6368

FIWARE.Request.Tech.Security.IDM-KeyRock.FIWARE IdM KeyRock - user resource does not support CORS

        Details

        • HD-Chapter:
          Security
        • HD-Enabler:
          KeyRock

          Description

          It seems that the POI client cannot ask the KeyRock server about user, e.g. the name, making it difficult to show the name or other information of the logged-in user as customary. This seems to be due to missing CORS (cross-origin resource sharing) support in the /user resource.

          More information: https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS

          Code snippet from the CORS support of the POI server for reference (PHP):

          ...
if ($_SERVER['REQUEST_METHOD'] == 'GET' )
{
    /*
       Prepare here response data to $response_struct   
    */
    ...
    $return_val = json_encode($response_struct);

    header("Content-type: application/json");
    // CORS header
    header("Access-Control-Allow-Origin: *");
    echo $return_val;
}

else if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
    // Reply with headers allowing CORS
    header("Access-Control-Allow-Origin: *");
    if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
        header("Access-Control-Allow-Methods: GET, OPTIONS");

    if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
        header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");

    exit(0);
}
...

            Activity

            Descending order - Click to sort in ascending order
            fla Fernando Lopez made changes -
            Fix Version/s 2021 [ 12600 ]
            slusallek0 Philipp Slusallek made changes -
            Link This issue relates to TCOR-271 [ TCOR-271 ]
            slusallek0 Philipp Slusallek made changes -
            Link This issue relates to TCOR-271 [ TCOR-271 ]
            ariokkon Ari Okkonen made changes -
            Link This issue blocks WEB-900 [ WEB-900 ]
            aalonsog Alvaro Alonso made changes -
            Resolution Done [ 10000 ]
            Status Answered [ 10104 ] Closed [ 6 ]
            aalonsog Alvaro Alonso made changes -
            Status In Progress [ 3 ] Answered [ 10104 ]
            ariokkon Ari Okkonen made changes -
            Resolution Done [ 10000 ]
            Status Closed [ 6 ] In Progress [ 3 ]
            aalonsog Alvaro Alonso made changes -
            Resolution Done [ 10000 ]
            Status Answered [ 10104 ] Closed [ 6 ]
            aalonsog Alvaro Alonso made changes -
            Status In Progress [ 3 ] Answered [ 10104 ]
            ariokkon Ari Okkonen made changes -
            Resolution Done [ 10000 ]
            Status Closed [ 6 ] In Progress [ 3 ]
            aalonsog Alvaro Alonso made changes -
            Resolution Done [ 10000 ]
            Status Answered [ 10104 ] Closed [ 6 ]
            aalonsog Alvaro Alonso made changes -
            Status In Progress [ 3 ] Answered [ 10104 ]
            ariokkon Ari Okkonen made changes -
            Resolution Done [ 10000 ]
            Status Closed [ 6 ] In Progress [ 3 ]
            backlogmanager Backlog Manager made changes -
            Summary FIWARE IdM KeyRock - user resource does not support CORS FIWARE.Request.Tech.Security.IDM-KeyRock.FIWARE IdM KeyRock - user resource does not support CORS
            aalonsog Alvaro Alonso made changes -
            Resolution Done [ 10000 ]
            Status Answered [ 10104 ] Closed [ 6 ]
            aalonsog Alvaro Alonso made changes -
            Status In Progress [ 3 ] Answered [ 10104 ]
            aalonsog Alvaro Alonso made changes -
            Status Open [ 1 ] In Progress [ 3 ]
            backlogmanager Backlog Manager made changes -
            Assignee Alvaro Alonso [ aalonsog ]
            backlogmanager Backlog Manager made changes -
            HD-Chapter Security [ 10841 ]
            mev Manuel Escriche made changes -
            Assignee Manuel Escriche [ mev ]
            mev Manuel Escriche made changes -
            HD-Enabler KeyRock [ 10889 ]
            ariokkon Ari Okkonen made changes -
            Priority Major [ 3 ] Blocker [ 1 ]
            ariokkon Ari Okkonen made changes -
            Link This issue blocks WEB-900 [ WEB-900 ]
            ariokkon Ari Okkonen made changes -
            Field Original Value New Value
            Description It seems that the POI client cannot ask the KeyRock server about user, e.g. the name. This seems to be due to *missing CORS* (cross-origin resource sharing) support in the */user* resource.

            More information: https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS

            Code snippet from the CORS support of the POI server for reference (PHP):
            {code:java}
            ...
            if ($_SERVER['REQUEST_METHOD'] == 'GET' )
            {
                /*
                   Prepare here response data to $response_struct
                */
                ...
                $return_val = json_encode($response_struct);

                header("Content-type: application/json");
                // CORS header
                header("Access-Control-Allow-Origin: *");
                echo $return_val;
            }

            else if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
                // Reply with headers allowing CORS
                header("Access-Control-Allow-Origin: *");
                if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
                    header("Access-Control-Allow-Methods: GET, OPTIONS");

                if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
                    header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");

                exit(0);
            }
            ...
            {code}
            		 It seems that the POI client cannot ask the KeyRock server about user, e.g. the name, making it difficult to show the name or other information of the logged-in user as customary. This seems to be due to *missing CORS* (cross-origin resource sharing) support in the */user* resource.

            More information: https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS

            Code snippet from the CORS support of the POI server for reference (PHP):
            {code:java}
            ...
            if ($_SERVER['REQUEST_METHOD'] == 'GET' )
            {
                /*
                   Prepare here response data to $response_struct
                */
                ...
                $return_val = json_encode($response_struct);

                header("Content-type: application/json");
                // CORS header
                header("Access-Control-Allow-Origin: *");
                echo $return_val;
            }

            else if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
                // Reply with headers allowing CORS
                header("Access-Control-Allow-Origin: *");
                if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
                    header("Access-Control-Allow-Methods: GET, OPTIONS");

                if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
                    header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");

                exit(0);
            }
            ...
            {code}
            ariokkon Ari Okkonen created issue -

              People

              • Assignee:
                aalonsog Alvaro Alonso
                Reporter:
                ariokkon Ari Okkonen
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: