Cosmos-gui application crashes after authentication with keystone
Question
I have a problem. My cosmos gui application crashes after trying to authorize with keystone. Horizon application is running on https://192.168.4.33:443 , while cosmos-gui is running on http://192.168.4.180:81 . My gui config file looks like this:
"oauth2": {
"idmURL": "https://192.168.4.33",
"client_id": "***********************************",
"client_secret": "*********************************",
"callbackURL": "http://192.168.4.180:81/auth",
"response_type": "code"
},
and inside horizon i registered application Cosmos Big data with parameters:
Description
Cosmos Big data
URL
https://192.168.4.33
Callback URL
http://192.168.4.180:81/auth
So afterwards i start cosmos-gui application and after clicking on login it redirects me to this url:
https://192.168.4.33/oauth2/authorize/?response_type=code&client_id=0434fdf60897479588c3c31cfc957b6d&state=xyz&redirect_uri=http://192.168.4.180:81/auth
And that is ok.But then, when i click on button authorize it leads me to this url:
http://192.168.4.180:81/auth?state=xyz&code=NVfyZUov1KuQ8yTw498oItHgYC2l9Z
and at that moment cosmos-gui application crashes and everything that i get from the log is this:
/home/cosmos-gui/fiware-cosmos/cosmos-gui/src/app.js:138
req.session.access_token = results.access_token;
^
TypeError: Cannot read property 'access_token' of undefined
at /home/cosmos-gui/fiware-cosmos/cosmos-gui/src/app.js:138:43
at /home/cosmos-gui/fiware-cosmos/cosmos-gui/src/oauth2.js:168:22
at ClientRequest.<anonymous> (/home/cosmos-gui/fiware-cosmos/cosmos- gui/src/oauth2.js:140:9)
at ClientRequest.emit (events.js:95:17)
at CleartextStream.socketErrorListener (http.js:1548:9)
at CleartextStream.emit (events.js:95:17)
at SecurePair.<anonymous> (tls.js:1400:19)
at SecurePair.emit (events.js:92:17)
at SecurePair.maybeInitFinished (tls.js:980:10)
at CleartextStream.read [as _read] (tls.js:472:13)
On the side of keystone everything looks ok.This is from keystones log:
2015-08-24 16:34:02.604 27693 INFO keystone.contrib.oauth2.controllers [-] OAUTH2: Created Authorization Code to consumer 0434fdf60897479588c3c31cfc957b6d for user idm with scope [u'all_info']. Redirecting to http://192.168.4.180:81/auth?state=xyz&code=NVfyZUov1KuQ8yTw498oItHgYC2l9Z
2015-08-24 16:34:02.606 27693 INFO eventlet.wsgi.server [-] 127.0.0.1 - - [24/Aug/2015 16:34:02] "POST /v3/OS-OAUTH2/authorize HTTP/1.1" 302 208 0.121336
2 answers
solution1
1 ACCPTED 2015-08-25 10:36:17
After a bit of debugging and printing arguments that were going into the app.get('/auth', function(req, res)
i found this Error: DEPTH_ZERO_SELF_SIGNED_CERT
It seems it doesn't recognize self signed certificates as valid. Anyway as first line in file:
cosmos-gui/src/app.js i added
process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';
and now it is working.
solution2
1 2015-08-25 20:59:06
When you authorize the Cosmos app in Keystone, the callback URL is called and this piece of software is executed:
// Handles requests from IDM with the access code
app.get('/auth', function(req, res) {
// Using the access code goes again to the IDM to obtain the access_token
oa.getOAuthAccessToken(req.query.code, function (e, results){
// Stores the access_token in a session cookie
req.session.access_token = results.access_token;
res.redirect('/');
});
});
Ie Keystone calls the callback with an access code (a soft piece of security) that can be used to retrieve the final access token (a hard security element).
It seems your Keystone is generating the access code but it is not returning the access token when asked for it. Can you check the Keystone logs in order to find the access token request? May you print any error returned by this call?
oa.getOAuthAccessToken(req.query.code, function (e, results)
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.