search

OpenConext / Stepup-Project

Managing issues for Stepup-* projects
0 stars 0 forks source link

Hackaton 23 jan 2023 bevindingen #433

Open phavekes opened 2 days ago

phavekes commented 2 days ago

This issue is imported from pivotal - Originaly created at Jan 23, 2024 by Peter Havekes

phavekes commented 2 days ago

Selfservice : nelmio_security.csp_reporter_controller 


Jan 23 10:56:29 docker1.test2.ams.surfconext.nl selfservice[894]: {"message":"Uncaught PHP Exception InvalidArgumentException: \"The controller for URI \"/csp/report\" is not callable: Controller \"nelmio_security.csp_reporter_controller:indexAction\" does neither exist as service nor as class.\" at ControllerResolver.php line 98","context":{"exception":{"class":"InvalidArgumentException","message":"The controller for URI \"/csp/report\" is not callable: Controller \"nelmio_security.csp_reporter_controller:indexAction\" does neither exist as service nor as class.","code":0,"file":"/var/www/html/vendor/symfony/http-kernel/Controller/ControllerResolver.php:98","previous":{"class":"InvalidArgumentException","message":"Controller \"nelmio_security.csp_reporter_controller:indexAction\" does neither exist as service nor as class.","code":0,"file":"/var/www/html/vendor/symfony/http-kernel/Controller/ContainerControllerResolver.php:54","previous":{"class":"Error","message":"Class \"nelmio_security.csp_reporter_controller:indexAction\" not found","code":0,"file":"/var/www/html/vendor/symfony/http-kernel/Controller/ControllerResolver.php:153"}}}},"level":500,"level_name":"CRITICAL","channel":"request","datetime":"2024-01-23T09:56:29+00:00","extra":{"art":"76980","server":"sa.test2.surfconext.nl","application":"self-service","request_id":"3fc39eccfa010d83c598861fee0bb5b7"}}

``` (Peter Havekes - Jan 23, 2024)
phavekes commented 2 days ago

Gateway: State confusion. Als je in dezelfde browser-sessie twee tiqr-registraties probeert uit te voeren, worden de subject nameid verward.


Jan 23 11:03:13 t06.ams.surfconext.nl stepup-gateway[24326]: {"channel":"app","level":"CRITICAL","message":"Requested Subject NameID \"s7pkid-epxa\" and Response NameID \"s7pl8z-gyep\" do not match","context":{"sari":"_0ddb05038a2a011e621a5b137ae4a550449f3661e208a0ab7ef40cd1a01e"},"extra":{"server":"sa-gw.test2.surfconext.nl","application":"stepup-gateway","request_id":"b28b93b72b2cda2787ae9aba50b9ac98"}}
``` (Peter Havekes - Jan 23, 2024)
phavekes commented 2 days ago

Gateway: Resend SMS (while authenticating) is not working. Pressing the "Send again" link does not cause any network-traffic, log entries (nor sending an SMS) (Peter Havekes - Jan 23, 2024)

phavekes commented 2 days ago

Version info will be included in the container, in an env variable. The following three env vars will be set:

OPENCONEXT_APP_VERSION OPENCONEXT_GIT_SHA OPENCONEXT_COMMIT_DATE

The monitor bundle should evualate their presence: When these vars are present, the values should be used in the info endpoint. If not, the bundle can fall back to the original behaviour

(Bart Geesink - Jan 24, 2024)