Uploaded image for project: 'Help-Desk'
  1. Help-Desk
  2. HELP-9253

[fiware-stackoverflow] Keyrock doesn't accept user, even when using admin

        Details

          Description

          Created question in FIWARE Q/A platform on 08-09-2015 at 18:09
          Please, ANSWER this question AT https://stackoverflow.com/questions/32462583/keyrock-doesnt-accept-user-even-when-using-admin

          Question:
          Keyrock doesn't accept user, even when using admin

          Description:
          I got two users created by me, admin, with admin permissions, and another user, now with admin permissions too, but initially community (i'll be referring to this account as community).

          I've registered an application with the community user and associated the admin later. As callbackUrl i've registered the address below in my keyrock instance

          <keystone ip>:/oauth2/token

          The request i am making to get oauth2 follows below, it uses https://raw.githubusercontent.com/Bitergia/fiware-chanchan-docker/master/images/pep-wilma/4.3.0/auth-token.sh as a guideline. I've changed the user,pass, host, client id and app secret

          curl -s --insecure -i --header "Authorization: Basic NmJjODMyMWMzNDQwNGVlYzkwYzNhNzhlYTU0ZTE2NjY6M2YwMzQyZjE4ZTM1NGI0ZDg5YjhlYWVkNTZmNGI5Mjc=" --header "Content-Type: application/x-www-form-urlencoded" -X POST http://&lt;keyrock IP>/oauth2/token -d 'grant_type=password&username=<user>&password=<pass>&client_id=<clientID>&client_secret=<secret>'

          The request reaches the keystone and it replies with a 404 (access token not found).

          When i try to get oauth2 tokens from keyrock for both the admin and the community, it says

          Error: Root - User access-token not authorized

          I can login in horizon with both users.

          What did i miss in order to get a oauth2 token from idm?

          Edit: Code used to create users:

          users_default_pass = '...'
          user0 = _register_user(keystone,"user0",passwd=users_default_pass)
          keystone.roles.grant(user=user0.id,role=keystone.roles.find(name='community'), project=user0.default_project_id)

          Edit2: raw response and response from keystone captured with tcpflow

          request:

          POST /oauth2/token HTTP/1.1
          User-Agent: curl/7.35.0
          Host: 130.206.118.xxx:5000
          Accept: /
          Authorization: Basic ZWU2YmFjMWNjOTQ3NDdhNmI4MTU3NDdiNDk5NmVhZjQ6NTRkY2NjMjgxODhhNDMxYTk4OTY3MjkwN2UxYjIxYzY=
          Content-Type: application/x-www-form-urlencoded
          Content-Length: 143

          grant_type=password&username=admin&password=admin&client_id=ee6bac1cc94747a6b815747b4996eaf4&client_secret=54dccc28188a431a989672907e1b21c6
          write error to stdout

          response:

          HTTP/1.1 404 Not Found
          Vary: X-Auth-Token
          Content-Type: application/json
          Content-Length: 93
          Date: Wed, 09 Sep 2015 09:46:19 GMT

          {"error": {"message": "The resource could not be found.", "code": 404, "title": "Not Found"}}
          write error to stdout

            Activity

            Transition Time In Source Status Execution Times Last Executer Last Execution Date
            Open Open In Progress In Progress
            		2h 59m 1 Fernando Lopez 26/May/17 9:03 PM
            In Progress In Progress Answered Answered
            		2s 1 Fernando Lopez 26/May/17 9:03 PM
            Answered Answered Closed Closed
            		2s 1 Fernando Lopez 26/May/17 9:03 PM

              People

              • Assignee:
                backlogmanager Backlog Manager
                Reporter:
                backlogmanager Backlog Manager
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: