Open janniswarnat opened 1 year ago
Hello, sorry for the late reply.
I can still use the administrative API with docker image 1.7.1 and use the authorization code grant type.
I also tried to use your example and use the client credentials grant with Postman and was successful (using version 1.7.1).
However, I needed to add the line redirect_uris: https://getpostman.com/oauth2/callback
on the Postman client (file clients.yml
).
The Problem
My Setup
Docker containers as defined in
compose.yml
using omejdn server image versionghcr.io/fraunhofer-aisec/omejdn-server:dev
What I have done up front
I would like to retrieve an access token to access the administrative API as already discussed in #30. This works as explained by @bellebaum for the Postman Authorization tab (just for info: This only works when using the
dev
image, for version1.7.1
and older I get error messageNo scopes granted
). Additionally, I want to be able to retrieve the access token not via user login but using the client credentials grant. Here is my client definition for this (probably some of the fields are unnecessary):What I expected to happen
I want to retrieve an access token using this request:
What actually happened
I get an
Internal server error
, the stack trace shows:The quest of trying to solve it
What were the results of searching for the error on the internet?
The
compact
method fails becauseusages
isnil
. The methodadapt_to_cert
tries to retrieve usages from certificatewhich is the certifcate of client
postman_client_cred
.Important info: I tried to do the same using Docker image version
1.7.1
instead ofdev
and in this case my request successfully provides an access token that I then can use to access the administrative API:What is your best guess as to what might have happened?
I think this may be related to commit 93aa166842fbbeafdd740a9ece98e5431363e941 and subsequent changes. I do not quite understand what the method
adapt_to_cert
is supposed to do though. It would be great if you could provide any hints or advice.@AnaCarolinaChaves Were you succesful in using the administrative API after #30, maybe also using the client credentials grant instead of authorization code?
Thank you very much in advance!