Error Token Invalid with Bizmarket, keyrock and Accounting proxy

[osfrance]

Hi, I try to use the Accounting proxy with Bizmarket and Keyrock, but when I try to add the accountable service in Bizmarket/Stock/Product/Assets I had an error in the Accounting Proxy Log and keyrock :

Accounting Proxy Log : {"level":"warn","message":" Token Ff3QCuQGFZymMSe7sbGXcdTlEHYPpy invalid","timestamp":"2017-11-16T12:56:40.838Z"} {"res":{"statusCode":401},"req":{"url":"/accounting_proxy/urls","headers":{"host":"acct_proxy:8082","connection":"keep-alive","accept-encoding":"gzip, deflate","accept":"/","user-agent":"python-requests/2.13.0","x-api-key":"eff4f269-7a37-4c47-b0b5-1a41f2aaf8a8","authorization":"bearer Ff3QCuQGFZymMSe7sbGXcdTlEHYPpy","content-length":"56","content-type":"application/json"},"method":"POST","httpVersion":"1.1","originalUrl":"/accounting_proxy/urls","query":{}},"responseTime":43,"level":"info","message":"HTTP POST /accounting_proxy/urls","timestamp":"2017-11-16T12:56:40.837Z"}

keyrock Log : 2017-11-16 12:56:40.820 97 WARNING keystone.common.wsgi [-] Authorization failed. The request you have made requires authentication. from 127.0.0.1 2017-11-16 12:56:40.824 97 INFO eventlet.wsgi.server [-] 127.0.0.1 - - [16/Nov/2017 12:56:40] "GET /v3/access-tokens/Ff3QCuQGFZymMSe7sbGXcdTlEHYPpy HTTP/1.1" 401 333 0.015254

I think the problem is the accounting proxy try a GET /user?access_token=Ff3QCuQGFZymMSe7sbGXcdTlEHYPpy but there are no user connected in the accounting proxy session.

Accounting Proxy HTTP request : GET /user?access_token=Ff3QCuQGFZymMSe7sbGXcdTlEHYPpy HTTP/1.1 Authorization: Basic OGY0MGYyZTJiNmI3NDVjYjk3MzY4NzNhNTI1NDYzYmM6MjRlNDRhOWRmN2U5NDhkNjg1OTcyNDc2MTVjN2JhYTk= Host: keyrock:8000 User-Agent: Node-oauth Content-length: 0 Connection: close

Keyrock HTTP response : HTTP/1.1 401 Unauthorized Date: Thu, 16 Nov 2017 10:18:24 GMT Server: Apache/2.4.7 (Ubuntu) Vary: Accept-Language,Cookie X-Frame-Options: SAMEORIGIN Content-Language: en Connection: close Transfer-Encoding: chunked Content-Type: application/json 72 {"error": {"message": "The request you have made requires authentication.", "code": 401, "title": "Unauthorized"}}

Thanks for help !

[fdelavega]

Hi,

Keyrock should be able to return user info using the API without session. I have tried with postman and it returned user info.

The weird stuff is that with an invalid token the error is:

Access Token 6gIoUte34Rh3T0Q6wld0ntzv5IoAfQi not found

So the problem is not the credentials.

Could you tell me the versions (or instances) you are using?

[osfrance]

Hi, thanks for reply,

I used the Docker images with sources : git clone https://github.com/ging/keystone tags/keyrock-5.4.0 git clone https://github.com/ging/horizon tags/keyrock-5.4.1 Docker image FIWARE-TMForum/Business-API-Ecosystem:latest git clone https://github.com/FIWARE-TMForum/Accounting-Proxy.git

Thanks for help,

-Olivier.

[osfrance]

Hi, We changed the API key and now we don't have 401 error, but now we have a 500 error code in DSProduct Catalog when we try to Add a product with accounting proxy service:

Apache2 other_vhosts_access.log log : POST /charging/api/assetManagement/assets/validateJob HTTP/1.1" 500 257 "-" "-"

Docker Container log: POST: /DSProductCatalog/api/catalogManagement/v2/productSpecification - Pre-Validation (DSProductCatalog): The server has failed validating the product specification WARN: Server - 8cf44367-75bd-46e0-adb4-13189533515a - ::ffff:10.12.8.16 - user1 - POST: /DSProductCatalog/api/catalogManagement/v2/productSpecification - Status: 500

Thanks for help, -Olivier.

[fdelavega]

Hi,

Did you update the Business Ecosystem? Or it is giving the error with the same version?

Regarding the 401 error, I notice that the IdM gives that error when the Authorization: Basic header is not valid, can you check that the client Id and client secret of the app are correct?