Closed MohitMaliFtechiz closed 1 year ago
@MohitMaliFtechiz can you check you really have user with mail mohit.mali@google.com
in persistence ? (logs shows (&(&(objectClass=gluuPerson))(mail=mohit.mali@google.com))
)
Otherwise I don't see any errors or exceptions in logs which you attached.
@MohitMaliFtechiz Is it only couchbase problem ? Does it work with LDAP ?
hi @yuriyz yes on LDAP its works fine.
Then it must be something related to couchbase only. @yurem any idea ?
@MohitMaliFtechiz can you send us all logs for check?
passport_oxauth.txt here is the full oxauth log
There are few stack traces with:
2021-12-13 16:36:52,167 ERROR [qtp1831477404-14] [org.gluu.oxauth.uma.service.UmaRptService] (UmaRptService.java:121) - Failed to find entry: tknCde=d08915bcbd7d3cac0adf8b71084c905376e11ff7f0c7015f9528d316b696c892,ou=uma_rpt,ou=tokens,o=gluu
org.gluu.persist.exception.EntryPersistenceException: Failed to find entry: tknCde=d08915bcbd7d3cac0adf8b71084c905376e11ff7f0c7015f9528d316b696c892,ou=uma_rpt,ou=tokens,o=gluu
at org.gluu.orm.couchbase.impl.CouchbaseEntryManager.find(CouchbaseEntryManager.java:376) ~[gluu-orm-couchbase-4.3.1-SNAPSHOT.jar:?]
Is it maybe due to missed token attributes ? In jans @mbaser fixed schema as
"sup": [
"jansToken"
],
https://github.com/JanssenProject/jans-setup/commit/fe9b47704e237d28d16b455d775543a0c19a959b
@mbaser can we do the same for Gluu ?
mysql> show columns from oxAuthUmaRPT;
+-----------------+--------------+------+-----+---------+-------+
| Field | Type | Null | Key | Default | Extra |
+-----------------+--------------+------+-----+---------+-------+
| doc_id | varchar(64) | NO | PRI | NULL | |
| objectClass | varchar(48) | YES | | NULL | |
| dn | varchar(128) | YES | | NULL | |
| authnTime | datetime(3) | YES | | NULL | |
| clnId | varchar(64) | YES | | NULL | |
| iat | datetime(3) | YES | | NULL | |
| exp | datetime(3) | YES | | NULL | |
| del | smallint | YES | | NULL | |
| tknCde | varchar(80) | YES | | NULL | |
| usrId | varchar(64) | YES | | NULL | |
| ssnId | varchar(64) | YES | | NULL | |
| oxUmaPermission | json | YES | | NULL | |
| uuid | varchar(64) | YES | | NULL | |
| authzCode | varchar(64) | YES | | NULL | |
| grtId | varchar(64) | YES | | NULL | |
| grtTyp | varchar(64) | YES | | NULL | |
| jwtReq | text | YES | | NULL | |
| nnc | text | YES | | NULL | |
| scp | text | YES | | NULL | |
| tknTyp | varchar(32) | YES | | NULL | |
| acr | varchar(48) | YES | | NULL | |
| chlng | varchar(64) | YES | | NULL | |
| chlngMth | varchar(64) | YES | | NULL | |
| clms | varchar(64) | YES | | NULL | |
| attr | text | YES | | NULL | |
| tknBndCnf | tinytext | YES | | NULL | |
+-----------------+--------------+------+-----+---------+-------+
26 rows in set (0.00 sec)
@mbaser nice, thank you! @MohitMaliFtechiz can you try it with Mustafa's changes ?
This seems to be the same problem described here 2 years ago:
@yurem and @mbaser i tested the fix. it is still same as it was in couchbase.
fixed
Describe the issue
Passport authentication failed on first attempt throws oxauth error (works on second attempt with same userid)
How to reproduce
Expected behaviour
authentication must be successful through passport
Actual behaviour
Authentication failed and get to oxauth error on first attempt however authentication works on second attempt with same user ID.
config
Gluu-server 4.3.1 + couchbase
OS Ubuntu 20.04
logs