search

GuillaumeCz / sylow

Efficient, simple, encrypted personal data store and sharing system.
GNU Affero General Public License v3.0
0 stars 0 forks source link

Authentification from Postman is not working #2

Closed GuillaumeCz closed 6 years ago

GuillaumeCz commented 6 years ago

From @andre-lima on December 15, 2017 18:25

It may be that i'm not using the right configuration, but i'm not managing to make requests to sylow from Postman.

STEPS TO REPRODUCE

  1. Create an user with the CLI
  2. Open Postman
  3. Import collection from here: https://github.com/SylowTech/sylow/pull/95
  4. Click Create Entity request from collection
  5. Choose Authorization type OAuth 2.0
  6. Click Get New Access Token
  7. Fill information as in Screenshot fill_information
  8. Click Request Token
  9. See open window
  10. Fill login/pwd and login
  11. See the error displayed, as copied below.

DISPLAYED ON THE LOGIN WINDOW

{"message":"Forbidden","stack":"APIError: Unauthorized client\n at new ExtendableError (/home/adantas/Documents/sylow/dist/server/helpers/ExtendableError.js:18:11)\n at new APIError (/home/adantas/Documents/sylow/dist/server/helpers/APIError.js:29:5)\n at app.use (/home/adantas/Documents/sylow/dist/config/express.js:171:22)\n at Layer.handle_error (/home/adantas/Documents/sylow/node_modules/express/lib/router/layer.js:71:5)\n at trim_prefix (/home/adantas/Documents/sylow/node_modules/express/lib/router/index.js:310:13)\n at /home/adantas/Documents/sylow/node_modules/express/lib/router/index.js:280:7\n at Function.process_params (/home/adantas/Documents/sylow/node_modules/express/lib/router/index.js:330:12)\n at next (/home/adantas/Documents/sylow/node_modules/express/lib/router/index.js:271:10)\n at /home/adantas/Documents/sylow/node_modules/express/lib/router/index.js:618:15\n at next (/home/adantas/Documents/sylow/node_modules/express/lib/router/index.js:256:14)\n at next (/home/adantas/Documents/sylow/node_modules/express/lib/router/route.js:121:14)\n at Layer.handle_error (/home/adantas/Documents/sylow/node_modules/express/lib/router/layer.js:67:12)\n at next (/home/adantas/Documents/sylow/node_modules/express/lib/router/route.js:129:13)\n at validated (/home/adantas/Documents/sylow/node_modules/oauth2orize/lib/middleware/authorization.js:135:31)\n at _client2.default.findOne.then.client (/home/adantas/Documents/sylow/dist/server/helpers/OAuth.js:123:23)\n at tryCatcher (/home/adantas/Documents/sylow/node_modules/bluebird/js/release/util.js:16:23)\n at Promise._settlePromiseFromHandler (/home/adantas/Documents/sylow/node_modules/bluebird/js/release/promise.js:510:31)\n at Promise._settlePromise (/home/adantas/Documents/sylow/node_modules/bluebird/js/release/promise.js:567:18)\n at Promise._settlePromise0 (/home/adantas/Documents/sylow/node_modules/bluebird/js/release/promise.js:612:10)\n at Promise._settlePromises (/home/adantas/Documents/sylow/node_modules/bluebird/js/release/promise.js:691:18)\n at Async._drainQueue (/home/adantas/Documents/sylow/node_modules/bluebird/js/release/async.js:138:16)\n at Async._drainQueues (/home/adantas/Documents/sylow/node_modules/bluebird/js/release/async.js:148:10)"}

DISPLAYED ON THE SERVER


{
  "date": "Fri Dec 15 2017 13:00:08 GMT-0500 (EST)",
  "process": {
    "pid": 23031,
    "uid": 1000,
    "gid": 1000,
    "cwd": "/home/adantas/Documents/sylow",
    "execPath": "/home/adantas/.nvm/versions/node/v8.9.0/bin/node",
    "version": "v8.9.0",
    "argv": [
      "/home/adantas/.nvm/versions/node/v8.9.0/bin/node",
      "/home/adantas/Documents/sylow/dist/index.js"
    ],
    "memoryUsage": {
      "rss": 75997184,
      "heapTotal": 38387712,
      "heapUsed": 34285000,
      "external": 18451218
    }
  },
  "os": {
    "loadavg": [
      0.33251953125,
      0.60791015625,
      0.61328125
    ],
    "uptime": 358087
  },
  "trace": [
    {
      "column": 11,
      "file": "/home/adantas/Documents/sylow/dist/server/helpers/ExtendableError.js",
      "function": "new ExtendableError",
      "line": 18,
      "method": null,
      "native": false
    },
    {
      "column": 5,
      "file": "/home/adantas/Documents/sylow/dist/server/helpers/APIError.js",
      "function": "new APIError",
      "line": 29,
      "method": null,
      "native": false
    },
    {
      "column": 22,
      "file": "/home/adantas/Documents/sylow/dist/config/express.js",
      "function": "app.use",
      "line": 171,
      "method": "use",
      "native": false
    },
    {
      "column": 5,
      "file": "/home/adantas/Documents/sylow/node_modules/express/lib/router/layer.js",
      "function": "Layer.handle_error",
      "line": 71,
      "method": "handle_error",
      "native": false
    },
    {
      "column": 13,
      "file": "/home/adantas/Documents/sylow/node_modules/express/lib/router/index.js",
      "function": "trim_prefix",
      "line": 310,
      "method": null,
      "native": false
    },
    {
      "column": 7,
      "file": "/home/adantas/Documents/sylow/node_modules/express/lib/router/index.js",
      "function": null,
      "line": 280,
      "method": null,
      "native": false
    },
    {
      "column": 12,
      "file": "/home/adantas/Documents/sylow/node_modules/express/lib/router/index.js",
      "function": "Function.process_params",
      "line": 330,
      "method": "process_params",
      "native": false
    },
    {
      "column": 10,
      "file": "/home/adantas/Documents/sylow/node_modules/express/lib/router/index.js",
      "function": "next",
      "line": 271,
      "method": null,
      "native": false
    },
    {
      "column": 15,
      "file": "/home/adantas/Documents/sylow/node_modules/express/lib/router/index.js",
      "function": null,
      "line": 618,
      "method": null,
      "native": false
    },
    {
      "column": 14,
      "file": "/home/adantas/Documents/sylow/node_modules/express/lib/router/index.js",
      "function": "next",
      "line": 256,
      "method": null,
      "native": false
    },
    {
      "column": 14,
      "file": "/home/adantas/Documents/sylow/node_modules/express/lib/router/route.js",
      "function": "next",
      "line": 121,
      "method": null,
      "native": false
    },
    {
      "column": 12,
      "file": "/home/adantas/Documents/sylow/node_modules/express/lib/router/layer.js",
      "function": "Layer.handle_error",
      "line": 67,
      "method": "handle_error",
      "native": false
    },
    {
      "column": 13,
      "file": "/home/adantas/Documents/sylow/node_modules/express/lib/router/route.js",
      "function": "next",
      "line": 129,
      "method": null,
      "native": false
    },
    {
      "column": 31,
      "file": "/home/adantas/Documents/sylow/node_modules/oauth2orize/lib/middleware/authorization.js",
      "function": "validated",
      "line": 135,
      "method": null,
      "native": false
    },
    {
      "column": 23,
      "file": "/home/adantas/Documents/sylow/dist/server/helpers/OAuth.js",
      "function": "_client2.default.findOne.then.client",
      "line": 123,
      "method": "default.findOne.then.client",
      "native": false
    },
    {
      "column": 23,
      "file": "/home/adantas/Documents/sylow/node_modules/bluebird/js/release/util.js",
      "function": "tryCatcher",
      "line": 16,
      "method": null,
      "native": false
    },
    {
      "column": 31,
      "file": "/home/adantas/Documents/sylow/node_modules/bluebird/js/release/promise.js",
      "function": "Promise._settlePromiseFromHandler",
      "line": 510,
      "method": "_settlePromiseFromHandler",
      "native": false
    },
    {
      "column": 18,
      "file": "/home/adantas/Documents/sylow/node_modules/bluebird/js/release/promise.js",
      "function": "Promise._settlePromise",
      "line": 567,
      "method": "_settlePromise",
      "native": false
    },
    {
      "column": 10,
      "file": "/home/adantas/Documents/sylow/node_modules/bluebird/js/release/promise.js",
      "function": "Promise._settlePromise0",
      "line": 612,
      "method": "_settlePromise0",
      "native": false
    },
    {
      "column": 18,
      "file": "/home/adantas/Documents/sylow/node_modules/bluebird/js/release/promise.js",
      "function": "Promise._settlePromises",
      "line": 691,
      "method": "_settlePromises",
      "native": false
    },
    {
      "column": 16,
      "file": "/home/adantas/Documents/sylow/node_modules/bluebird/js/release/async.js",
      "function": "Async._drainQueue",
      "line": 138,
      "method": "_drainQueue",
      "native": false
    },
    {
      "column": 10,
      "file": "/home/adantas/Documents/sylow/node_modules/bluebird/js/release/async.js",
      "function": "Async._drainQueues",
      "line": 148,
      "method": "_drainQueues",
      "native": false
    }
  ],
  "stack": [
    "APIError: Unauthorized client",
    "    at new ExtendableError (/home/adantas/Documents/sylow/dist/server/helpers/ExtendableError.js:18:11)",
    "    at new APIError (/home/adantas/Documents/sylow/dist/server/helpers/APIError.js:29:5)",
    "    at app.use (/home/adantas/Documents/sylow/dist/config/express.js:171:22)",
    "    at Layer.handle_error (/home/adantas/Documents/sylow/node_modules/express/lib/router/layer.js:71:5)",
    "    at trim_prefix (/home/adantas/Documents/sylow/node_modules/express/lib/router/index.js:310:13)",
    "    at /home/adantas/Documents/sylow/node_modules/express/lib/router/index.js:280:7",
    "    at Function.process_params (/home/adantas/Documents/sylow/node_modules/express/lib/router/index.js:330:12)",
    "    at next (/home/adantas/Documents/sylow/node_modules/express/lib/router/index.js:271:10)",
    "    at /home/adantas/Documents/sylow/node_modules/express/lib/router/index.js:618:15",
    "    at next (/home/adantas/Documents/sylow/node_modules/express/lib/router/index.js:256:14)",
    "    at next (/home/adantas/Documents/sylow/node_modules/express/lib/router/route.js:121:14)",
    "    at Layer.handle_error (/home/adantas/Documents/sylow/node_modules/express/lib/router/layer.js:67:12)",
    "    at next (/home/adantas/Documents/sylow/node_modules/express/lib/router/route.js:129:13)",
    "    at validated (/home/adantas/Documents/sylow/node_modules/oauth2orize/lib/middleware/authorization.js:135:31)",
    "    at _client2.default.findOne.then.client (/home/adantas/Documents/sylow/dist/server/helpers/OAuth.js:123:23)",
    "    at tryCatcher (/home/adantas/Documents/sylow/node_modules/bluebird/js/release/util.js:16:23)",
    "    at Promise._settlePromiseFromHandler (/home/adantas/Documents/sylow/node_modules/bluebird/js/release/promise.js:510:31)",
    "    at Promise._settlePromise (/home/adantas/Documents/sylow/node_modules/bluebird/js/release/promise.js:567:18)",
    "    at Promise._settlePromise0 (/home/adantas/Documents/sylow/node_modules/bluebird/js/release/promise.js:612:10)",
    "    at Promise._settlePromises (/home/adantas/Documents/sylow/node_modules/bluebird/js/release/promise.js:691:18)",
    "    at Async._drainQueue (/home/adantas/Documents/sylow/node_modules/bluebird/js/release/async.js:138:16)",
    "    at Async._drainQueues (/home/adantas/Documents/sylow/node_modules/bluebird/js/release/async.js:148:10)"
  ],
  "req": {
    "url": "/authorize?response_type=code&state=&client_id=andre&scope=&redirect_uri=%2F",
    "headers": {
      "host": "localhost:4040",
      "connection": "keep-alive",
      "upgrade-insecure-requests": "1",
      "user-agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Postman/5.3.2 Chrome/56.0.2924.87 Electron/1.6.15 Safari/537.36",
      "accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8",
      "referer": "http://localhost:4040/login",
      "accept-encoding": "gzip, deflate",
      "accept-language": "en-GB",
      "cookie": "connect.sid=s%3AHF2b6_mpFms8FbfEbKLr17mjTVFLTObn.fJ9hmXwC8ItuQIJC0b9K0wBc2SLUbiVJyPxx0Ac%2FdtQ"
    },
    "method": "GET",
    "httpVersion": "1.1",
    "originalUrl": "/authorize?response_type=code&state=&client_id=andre&scope=&redirect_uri=%2F",
    "query": {
      "response_type": "code",
      "state": "",
      "client_id": "andre",
      "scope": "",
      "redirect_uri": "/"
    },
    "body": {}
  },
  "level": "error",
  "message": "middlewareError"
}
{
  "res": {
    "statusCode": 403,
    "body": {
      "message": "Forbidden",
      "stack": "APIError: Unauthorized client\n    at new ExtendableError (/home/adantas/Documents/sylow/dist/server/helpers/ExtendableError.js:18:11)\n    at new APIError (/home/adantas/Documents/sylow/dist/server/helpers/APIError.js:29:5)\n    at app.use (/home/adantas/Documents/sylow/dist/config/express.js:171:22)\n    at Layer.handle_error (/home/adantas/Documents/sylow/node_modules/express/lib/router/layer.js:71:5)\n    at trim_prefix (/home/adantas/Documents/sylow/node_modules/express/lib/router/index.js:310:13)\n    at /home/adantas/Documents/sylow/node_modules/express/lib/router/index.js:280:7\n    at Function.process_params (/home/adantas/Documents/sylow/node_modules/express/lib/router/index.js:330:12)\n    at next (/home/adantas/Documents/sylow/node_modules/express/lib/router/index.js:271:10)\n    at /home/adantas/Documents/sylow/node_modules/express/lib/router/index.js:618:15\n    at next (/home/adantas/Documents/sylow/node_modules/express/lib/router/index.js:256:14)\n    at next (/home/adantas/Documents/sylow/node_modules/express/lib/router/route.js:121:14)\n    at Layer.handle_error (/home/adantas/Documents/sylow/node_modules/express/lib/router/layer.js:67:12)\n    at next (/home/adantas/Documents/sylow/node_modules/express/lib/router/route.js:129:13)\n    at validated (/home/adantas/Documents/sylow/node_modules/oauth2orize/lib/middleware/authorization.js:135:31)\n    at _client2.default.findOne.then.client (/home/adantas/Documents/sylow/dist/server/helpers/OAuth.js:123:23)\n    at tryCatcher (/home/adantas/Documents/sylow/node_modules/bluebird/js/release/util.js:16:23)\n    at Promise._settlePromiseFromHandler (/home/adantas/Documents/sylow/node_modules/bluebird/js/release/promise.js:510:31)\n    at Promise._settlePromise (/home/adantas/Documents/sylow/node_modules/bluebird/js/release/promise.js:567:18)\n    at Promise._settlePromise0 (/home/adantas/Documents/sylow/node_modules/bluebird/js/release/promise.js:612:10)\n    at Promise._settlePromises (/home/adantas/Documents/sylow/node_modules/bluebird/js/release/promise.js:691:18)\n    at Async._drainQueue (/home/adantas/Documents/sylow/node_modules/bluebird/js/release/async.js:138:16)\n    at Async._drainQueues (/home/adantas/Documents/sylow/node_modules/bluebird/js/release/async.js:148:10)"
    }
  },
  "req": {
    "url": "/authorize?response_type=code&state=&client_id=andre&scope=&redirect_uri=%2F",
    "headers": {
      "host": "localhost:4040",
      "connection": "keep-alive",
      "upgrade-insecure-requests": "1",
      "user-agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Postman/5.3.2 Chrome/56.0.2924.87 Electron/1.6.15 Safari/537.36",
      "accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8",
      "referer": "http://localhost:4040/login",
      "accept-encoding": "gzip, deflate",
      "accept-language": "en-GB",
      "cookie": "connect.sid=s%3AHF2b6_mpFms8FbfEbKLr17mjTVFLTObn.fJ9hmXwC8ItuQIJC0b9K0wBc2SLUbiVJyPxx0Ac%2FdtQ"
    },
    "method": "GET",
    "httpVersion": "1.1",
    "originalUrl": "/authorize?response_type=code&state=&client_id=andre&scope=&redirect_uri=%2F",
    "query": {
      "response_type": "code",
      "state": "",
      "client_id": "andre",
      "scope": "",
      "redirect_uri": "/"
    }
  },
  "responseTime": 4,
  "level": "info",
  "message": "HTTP GET /authorize?response_type=code&state=&client_id=andre&scope=&redirect_uri=%2F 403 4ms"
}```

_Copied from original issue: SylowTech/sylow#109_
GuillaumeCz commented 6 years ago

Hello @andre-lima ! I finaly figured out how to properly create a user for the admin interface and request's token. The data of #95 aren't correct because these steps are a little bit more complicated...

The follow steps might help you :

  1. Create an Entity with the admin interface or Postman { "domain": "testdomain.xyz", "username": "testuser", "passwordHash": "33f1ba50d3acdfe04fadbfcdc50edd84a3af0f9d377872003eaedbb68f8e6d7146e87c35e5f3338341d91b84c1371a6a9db054c4104797e99848f4d2d8a2b91e", "passwordSalt": "694658b93aa9c2f245cca37da3b4d7cc", "admin": true, "authoritative": true } The password is the cryptografic Hash of the string "testpass", the password that you will use later to login

  2. Create a Client which references the previous entity { "entityId": "<Your Entity"s ID ! >", "clientName": "testuser", "deviceType": "other", "clientId": "testuser", "clientSecret": "testuserSecret", "redirectUri": "https://www.getpostman.com/oauth2/callback", "isTrusted": false, "deviceTypeProper": "Other" }

  3. Try to login on the admin interface (username : "testuser", password= "testpass")

  4. If it work you can try to request an access token with Postman using the right parameters

  5. I hope it works ;)

GuillaumeCz commented 6 years ago

From @andre-lima on December 18, 2017 16:24

I still get "Unauthorized" on step 2. Can you show me what you put for the Authorization, Headers and Body tabs, in Postman?

GuillaumeCz commented 6 years ago

Try to put https://www.getpostman.com/oauth2/callback in the callback url field.

I can't try it now but let me know if this can help you ;)

You might need also to bypass the authentication system by removing the authentication/admin check on the routes, this will permit you to create the first entity and client with the admin interface ;)

in order to do that : replace router.route('/') .get(authCtrl.authenticateUser, authCtrl.ensureAdmin, adminCtrl.index); with router.route('/') .get(adminCtrl.index);

this will allow you to access the index page of the admin interface. Do the same thing for the entity and client routes.

Hope that will help, you. I will try to manage to check this deeper this evening of night ;)

GuillaumeCz commented 6 years ago

From @andre-lima on December 20, 2017 15:51

I'm having problems on the Postman side. I'll try overwriting the auth flow directly later, like you suggested.