New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[management] Unable to lookup user with reference sometimes #1174

Closed
fabMrc opened this Issue Mar 26, 2018 · 3 comments

Comments

Projects
None yet
3 participants
@fabMrc

fabMrc commented Mar 26, 2018

Hi

With the 1.14.3 my admin local user with no ID but a reference ID works.
Now when a want to transfer ownership to a SSO user (hosted in a Keycloak) using the Reference ID it fails. The user is not found.

Please keep me in touch

sample request that failed :

GET '/management/search/users/?q=foo@domain.com'
[ {
  "reference" : "ZXlKamRIa2lPaUpLVjFRaUxDSmxibU1pT2lKQk1qVTJSME5OSWl3aVlXeG5Jam9pWkdseUluMC4uYThETXRSZjlBNHhJQWpmdi45Z1Y5VHZPQmNxaGEtUmJQcWhiZHIxdGpSZUF0TnFkZ01INVFSX01hWnF2QUkxQ1NDX1VEcWlfMF9vLVhBMHZGR3NIRzdMeFp0bE10Yjd0bE93NTFuaGl3UmwxUlFWYk5hR0l3QkFkVHVKT3dnb0xUc2dyXzZvNC5MTUJwazkzMmpjRzVCLVFveHFPWlhR",
  "displayName" : "foo foo",
  "firstname" : "foo",
  "lastname" : "foo",
  "id" : "09c92aaa-998d-5db5-e79b-add2a7e5ad4e"
} ]

now I inject reference id to transfer the owner :

POST '/management/apis/fe62ca95-1003-403b-a2ca-951003d03b6b/members/transfer_ownership'

body:

{
'reference': 'ZXlKamRIa2lPaUpLVjFRaUxDSmxibU1pT2lKQk1qVTJSME5OSWl3aVlXeG5Jam9pWkdseUluMC4uYThETXRSZjlBNHhJQWpmdi45Z1Y5VHZPQmNxaGEtUmJQcWhiZHIxdGpSZUF0TnFkZ01INVFSX01hWnF2QUkxQ1NDX1VEcWlfMF9vLVhBMHZGR3NIRzdMeFp0bE10Yjd0bE93NTFuaGl3UmwxUlFWYk5hR0l3QkFkVHVKT3dnb0xUc2dyXzZvNC5MTUJwazkzMmpjRzVCLVFveHFPWlhR', 
'role': 'OWNER'
}

=>

{"message" : "User [ZXlKamRIa2lPaUpLVjFRaUxDSmxibU1pT2lKQk1qVTJSME5OSWl3aVlXeG5Jam9pWkdseUluMC4uYThETXRSZjlBNHhJQWpmdi45Z1Y5VHZPQmNxaGEtUmJQcWhiZHIxdGpSZUF0TnFkZ01INVFSX01hWnF2QUkxQ1NDX1VEcWlfMF9vLVhBMHZGR3NIRzdMeFp0bE10Yjd0bE93NTFuaGl3UmwxUlFWYk5hR0l3QkFkVHVKT3dnb0xUc2dyXzZvNC5MTUJwazkzMmpjRzVCLVFveHFPWlhR] can not be found.",  "http_status" : 404}
@aelamrani

This comment has been minimized.

Member

aelamrani commented Mar 27, 2018

Hi @fabMrc,

Is your OAuth2 provider correctly configured on both management-api instances?
Could you please provide the Java version for both environnement?

@fabMrc

This comment has been minimized.

fabMrc commented Mar 27, 2018

I have a single api server for my dev env but a cluster of two gateway

    - type: oauth2
      clientId: foo
      clientSecret: 4b46fab0-c905-4522-86bc-17863fc408b8
      tokenEndpoint: https://www.company.com/auth/realms/developer_community/protocol/openid-connect/token
      userInfoEndpoint: https://www.company.com/auth/realms/developer_community/protocol/openid-connect/userinfo
      accessTokenProperty: access_token
      authorizationHeader: "Bearer %s"
      mapping:
        id: sub
        email: email
        lastname: family_name
        firstname: given_name
        picture: picture

openjdk version "1.8.0_102"

@aelamrani

This comment has been minimized.

Member

aelamrani commented Mar 27, 2018

Thanks for the info, i'm able to reproduce...

I have the fix locally, i will make a PR soon

@aelamrani aelamrani changed the title from User not found on transfer owner passing Oauth2 user referenceid to [management] Unable to lookup user with reference sometimes Mar 27, 2018

@aelamrani aelamrani self-assigned this Mar 27, 2018

@aelamrani aelamrani added the type: bug label Mar 27, 2018

@aelamrani aelamrani added this to the 1.14.4 milestone Mar 27, 2018

aelamrani added a commit to gravitee-io/gravitee-management-rest-api that referenced this issue Mar 27, 2018

NicolasGeraud added a commit to gravitee-io/gravitee-management-rest-api that referenced this issue Mar 27, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment