openid-connect/token ; status 400 (Bad Request) #71
Comments
|
@ccsmart Actually i cannot login in https://dev.gawati.org Something is blown .... |
|
You report problems second time (of two tries?) you see trying to log in. However, since reporting availability i never had. Can you check if you have DNS overrides in your hosts file ? |
|
login as test/ test, logs in successfully but on redirect i get an alert box:
however, I do think the updated auth client implementation will fix these issues. |
|
Aha. Well actually that is what i believe to be this issue #71. That is, i believe it happens immediately after login. |
|
Should be possibly fixed by an updated gawati-auth implementation (from the gawati-client). Merging that shortly |
|
@ccsmart intermediate fix committed, resolves the problem for now; but needs a better longer term fix. |
|
@ccsmart committed a longer term fix in the branch auth-wrapper-indexjs which makes use of keycloak sign on, needs a bit more cleanup / testing before merging into dev . |
request
POST /auth/realms/gawati.org/protocol/openid-connect/token HTTP/1.1
Host: auth.gawati.org
Authorization: Basic Z2F3YXRpLXBvcnRhbC11aTphYTNmMjFhYS01NTY1LTQxODQtYjZiYi0xMWY4YzY0MmU2MWE=
Origin: https://dev.gawati.org
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36
Content-type: application/x-www-form-urlencoded
Accept: /
Referer: https://dev.gawati.org/_lang/en/
Accept-Encoding: gzip, deflate, br
Accept-Language: en,en-US;q=0.9,de-DE;q=0.8,de;q=0.7
Cookie: AUTH_SESSION_ID=ba0775f1-a6db-4df5-959d-d4a67162efb1.alldev; KEYCLOAK_IDENTITY=eyJhbGciOiJIUzI1NiIsImtpZCIgOiAiOWNiY2FlZGYtYTk3NS00MDk0LWExYjItNjViODUyN
2E0NDczIn0.eyJqdGkiOiIxZDRiZjRhYS0xYzVmLTRiZmYtYTVkMi1lM2E3YzUxOTcwM2MiLCJleHAiOjE1MjM2NTQyNjQsIm5iZiI6MCwiaWF0IjoxNTIzNjE4MjY0LCJpc3MiOiJodHRwczovL2F1dGguZ2F3Y
XRpLm9yZy9hdXRoL3JlYWxtcy9nYXdhdGkub3JnIiwic3ViIjoiZGM3Yjk4OGQtNjI0OS00NmJlLTg3MzktZTg2Y2Y5ZWI1YWM1IiwiYXV0aF90aW1lIjowLCJzZXNzaW9uX3N0YXRlIjoiYmEwNzc1ZjEtYTZkY
i00ZGY1LTk1OWQtZDRhNjcxNjJlZmIxIiwicmVzb3VyY2VfYWNjZXNzIjp7fSwic3RhdGVfY2hlY2tlciI6IjV4UkZiTXFSYlUxYjZ2aTNfdkJSTHI1RHdzc041aktHNDdKcGdoaGJkT0EifQ.SzMR0tO3gQevYA
sbmQx30kyXxeWGOK4OmnnnPgA1Guk; KEYCLOAK_SESSION=gawati.org/dc7b988d-6249-46be-8739-e86cf9eb5ac5/ba0775f1-a6db-4df5-959d-d4a67162efb1
X-Forwarded-Proto: https
X-Forwarded-Port: 443
X-Forwarded-For: 109.164.203.165
X-Forwarded-Host: auth.gawati.org
X-Forwarded-Server: auth.gawati.org
response
HTTP/1.1 400 Bad Request
Connection: keep-alive
Content-Type: application/json
Content-Length: 75
Date: Fri, 13 Apr 2018 11:17:44 GMT
{"error":"unauthorized_client","error_description":"Invalid client secret"}
The text was updated successfully, but these errors were encountered: