Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update_site command sometimes fails if setup_client is using #127

Closed
yuriyz opened this issue Dec 7, 2017 · 3 comments
Closed

update_site command sometimes fails if setup_client is using #127

yuriyz opened this issue Dec 7, 2017 · 3 comments
Assignees
@yuriyz
Labels
bug
Milestone
3.1.2

Comments

@yuriyz
Copy link
Contributor

yuriyz commented Dec 7, 2017

failed_update.log
@yuriyz yuriyz added the bug label Dec 7, 2017
@yuriyz yuriyz added this to the 3.1.2 milestone Dec 7, 2017
@yuriyz yuriyz self-assigned this Dec 7, 2017
@yuriyz yuriyz changed the title update_site command fails if setup_client is using update_site command sometimes fails if setup_client is using Dec 7, 2017
@yuriyz yuriyz modified the milestone: 3.1.2 Dec 19, 2017
@yuriyz
Copy link
Contributor Author

yuriyz commented Dec 20, 2017

It's bug in oxd-python, for some reason oxd-python tries to register setup client_id. In logs you can find following points:

  1. Setup client
    2017-12-07 23:54:55,918 TRACE [org.xdi.oxd.server.Processor] Command: {"params": {"authorization_redirect_uri": "https://client.example.com/callback", "client_name": "oxdpython openid socket test script", "grant_types": ["authorization_code"], "post_logout_redirect_uri": "https://client.example.com/post_logout/", "client_frontchannel_logout_uris": ["https://client.example.com/logout_callback/"], "scope": ["openid", "profile"], "op_host": "https://ce-dev4.gluu.org"}, "command": "setup_client"}

  2. Setup client creates two clients : a) for oxd-https-extension protection b) oxdId for normal usage
    2017-12-07 23:55:01,542 TRACE [org.xdi.oxd.server.Processor] Send back response: {"status":"ok","data":{"oxd_id":"db4a1b0c-4979-4423-9133-840725322dfb","op_host":"https://ce-dev4.gluu.org","client_id":"@!38D4.410C.1D43.8932!0001!37F2.B744!0008!248B.4641.926B.1902","client_secret":"8b044abd-d9c5-47d4-8795-ccb494996867","client_registration_access_token":"58b62720-9dcd-41b3-afbf-1eac3ea7d380","client_registration_client_uri":"https://ce-dev4.gluu.org/oxauth/restv1/register?client_id=@!38D4.410C.1D43.8932!0001!37F2.B744!0008!248B.4641.926B.1902","client_id_issued_at":1512671098,"client_secret_expires_at":1512757498}}

  3. oxd-python tries to register setup client
    2017-12-07 23:55:03,050 TRACE [org.xdi.oxd.server.Processor] Command: {"params": {"authorization_redirect_uri": "https://client.example.com/callback", "client_name": "oxdpython openid socket test script", "grant_types": ["authorization_code"], "protection_access_token": "e6b18645-7e06-4ec1-a39a-07d108c74b41", "post_logout_redirect_uri": "https://client.example.com/post_logout/", "client_frontchannel_logout_uris": ["https://client.example.com/logout_callback/"], "client_id": "@!38D4.410C.1D43.8932!0001!37F2.B744!0008!248B.4641.926B.1902", "client_secret": "8b044abd-d9c5-47d4-8795-ccb494996867", "op_host": "https://ce-dev4.gluu.org", "scope": ["openid", "profile"]}, "command": "register_site"}

  4. Update fails
    2017-12-07 23:55:05,024 INFO [org.xdi.oxd.server.op.RegisterSiteOperation] RP created: Rp{oxdId='32245833-8e1e-4b68-a8a1-7003ab3a91cf', opHost='https://ce-dev4.gluu.org', opDiscoveryPath='null', idToken='null', accessToken='null', authorizationRedirectUri='https://client.example.com/callback', postLogoutRedirectUri='https://client.example.com/post_logout/', applicationType='web', redirectUris=[https://client.example.com/callback], claimsRedirectUri=[], responseTypes=[code], clientId='@!38D4.410C.1D43.8932!0001!37F2.B744!0008!248B.4641.926B.1902', clientSecret='8b044abd-d9c5-47d4-8795-ccb494996867', clientRegistrationAccessToken='null', clientRegistrationClientUri='null', clientIdIssuedAt=null, clientSecretExpiresAt=null, clientName='null', sectorIdentifierUri='null', clientJwksUri='', setupOxdId='32245833-8e1e-4b68-a8a1-7003ab3a91cf', setupClientId='@!38D4.410C.1D43.8932!0001!37F2.B744!0008!248B.4641.926B.1902', scope=[openid, profile], uiLocales=[en], claimsLocales=[en], acrValues=[], grantType=[authorization_code], contacts=[], userId='null', userSecret='null', pat='65bd8d3c-5059-4d71-ba3b-fc632819cae7', patExpiresIn=299, patCreatedAt=Thu Dec 07 23:55:04 IST 2017, patRefreshToken='null', umaProtectedResources=[], rpt='null', rptTokenType='null', rptPct='null', rptExpiresAt=null, rptCreatedAt=null, rptUpgraded=null, oxdRpProgrammingLanguage=null}

@yuriyz
Copy link
Contributor Author

yuriyz commented Dec 20, 2017

however from other side we may allow to pass client_registration_access_token and client_registration_client_uri and thus update the client in this case. Implementing this approach just to make oxd more powerful.

yuriyz added a commit that referenced this issue Dec 20, 2017
@yuriyz
#127 : Allowed to pass client_registration_access_token and `client…
7f8ba4d 
…_registration_client_uri` together with client_id and client_secret to register_client command
@yuriyz
Copy link
Contributor Author

yuriyz commented Dec 20, 2017

implemented. However again it is rather something abnormal then usual flow to register setup client again in the system. It can be used to update some properties of the setup client via oxd.

@yuriyz yuriyz closed this as completed Dec 20, 2017
yuriyz added a commit to GluuFederation/docs-oxd-prod that referenced this issue Dec 20, 2017
@yuriyz
documented addition of client_registration_access_token and client_re…
4622b37 
…gistration_client_uri parameters

 GluuFederation/oxd#127
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@yuriyz yuriyz

Labels
bug
Projects
None yet
Milestone
3.1.2
Development

No branches or pull requests
1 participant
@yuriyz