Uploaded image for project: 'Help-Desk'
  1. Help-Desk
  2. HELP-8210

[Fiware-lab-help] Reporting Fiware Lab OAUTH2 API issues

        Details

        • Type: extRequest
        • Status: Closed
        • Priority: Major
        • Resolution: Done
        • Fix Version/s: 2021
        • Component/s: FIWARE-TECH-HELP
        • Labels:
          None

          Description

          Greetings

          I'm sending this email to report a few issues I've come across while attempting to use Fiware lab as a OAUTH2 provider. This is following up from a previous email I've sent, after some additional testing on my end:

          • The API endpoint /user described in the doc http://fiware-idm.readthedocs.io/en/latest/oauth2.html never seems to return anything under the organisations field. Even if the app that provided the token has organisations allowed, and my user is a member of said organisation, the organisations field always returns an empty array.
          • The API endpoint /user seems to have an issue where it seems to treat any endpoint that begins with "/user" the same way, meaning that if I try the endpoint /userbhjsjhjhsfj it would still end up giving me the /user endpoint with no errors reported, as if it's being resolved as a regex that goes /user.* by the server. This causes conflicts with this other documented API endpoint /users/:id http://fiware-idm.readthedocs.io/en/latest/user_guide.html#get-a-single-user which should in theory allow me to specify a user to retrieve info about without the need of an access token.
          • Not exactly an issue to report, but it would be immensely convenient if, similar to Github's OAUTH, there was a /orgs endpoint to retrieve organisations directly rather than individual users.

          Best regards

          Gabriele
          __________________________________________________________________________________________

          You can get more information about our cookies and privacy policies on the following links:

          Fiware-lab-help mailing list
          Fiware-lab-help@lists.fiware.org
          https://lists.fiware.org/listinfo/fiware-lab-help

          [Created via e-mail received from: gabriele.cerfoglio@martel-innovate.com]

            Activity

            Descending order - Click to sort in ascending order
            Transition Time In Source Status Execution Times Last Executer Last Execution Date
            Open Open In Progress In Progress
            		1d 54m 1 Alvaro Alonso 02/Feb/17 2:58 PM
            In Progress In Progress Answered Answered
            		1s 1 Alvaro Alonso 02/Feb/17 2:58 PM
            Answered Answered Closed Closed
            		1s 1 Alvaro Alonso 02/Feb/17 2:58 PM
            fla Fernando Lopez made changes -
            Fix Version/s 2021 [ 12600 ]
            aalonsog Alvaro Alonso made changes -
            Resolution Done [ 10000 ]
            Status Answered [ 10104 ] Closed [ 6 ]
            aalonsog Alvaro Alonso made changes -
            Status In Progress [ 3 ] Answered [ 10104 ]
            aalonsog Alvaro Alonso made changes -
            Status Open [ 1 ] In Progress [ 3 ]
            Hide
            Permalink
            aalonsog Alvaro Alonso added a comment -

            Hi again Gabriele,

            • When getting information about a user from an OAuth2 token, Keyrock returns those organizations that only returns those organizations that satisfy two requirements: 1) the user is a member of the organization and 2) the user has a role assigned as a member of the organization. To assign roles to a user as a member of an organization, the owner has to loggin in the platform as the organization (using the dropdown in the right top corner) and there assign the roles.
            • We have created a bug report (SEC-1039) regarding the /user endpoint. It will be fixed in the next release.
            • We will study the possibility of /orgs endpoint. Many thanks for the suggestion.

            Hope this helps.

            Show
            aalonsog Alvaro Alonso added a comment - Hi again Gabriele, When getting information about a user from an OAuth2 token, Keyrock returns those organizations that only returns those organizations that satisfy two requirements: 1) the user is a member of the organization and 2) the user has a role assigned as a member of the organization. To assign roles to a user as a member of an organization, the owner has to loggin in the platform as the organization (using the dropdown in the right top corner) and there assign the roles. We have created a bug report (SEC-1039) regarding the /user endpoint. It will be fixed in the next release. We will study the possibility of /orgs endpoint. Many thanks for the suggestion. Hope this helps.
            backlogmanager Backlog Manager made changes -
            Component/s FIWARE-TECH-HELP [ 10278 ]
            Component/s FIWARE-LAB-HELP [ 10279 ]
            fla Fernando Lopez made changes -
            Assignee Alvaro Alonso [ aalonsog ]
            fla Fernando Lopez made changes -
            HD-Chapter Security [ 10841 ]
            HD-Enabler KeyRock [ 10889 ]
            backlogmanager Backlog Manager made changes -
            Field Original Value New Value
            Component/s FIWARE-LAB-HELP [ 10279 ]
            fw.ext.user FW External User created issue -

              People

              • Assignee:
                aalonsog Alvaro Alonso
                Reporter:
                fw.ext.user FW External User
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: