Open pranavambre opened 2 years ago
I am also facing the same issue. Will it ever be solve?
Deployment
Version
6.2.2
Apps Engine Version
1.39.1
Node Version
v14.21.2
Database Migration
294 (May 20, 2023 7:18 AM)
MongoDB
5.0.15 / wiredTiger (oplog Enabled)
Commit Details
HEAD: (d2f54e5b8)
Branch: HEAD
PID
19028
Hmm, still broken for me.
Deployment
Version
6.2.5
Apps Engine Version
1.39.1
Node Version
v14.21.3
Database Migration
294 (June 14, 2023 1:09 PM)
MongoDB
4.4.15 / wiredTiger (oplog Enabled)
Commit Details
HEAD: (8f9668897)
Branch: HEAD
with registration form disabled and I send this command:
curl -H "Content-type:application/json" https://words.servername.tld:443/api/v1/users.register -d '{"name": "test6", "email": "test6@test.com", "pass": "aPassword", "username": "test6"}'
I get the expected error message of
{"success":false,"error":"User registration is disabled [error-user-registration-disabled]","errorType":"error-user-registration-disabled","details":{"method":"registerUser"}}
after I change the registration form to secreturl and send the same command (expecting failure) I do indeed get a failure message of:
{"success":false,"error":"User registration is only allowed via Secret URL [error-user-registration-secret]","errorType":"error-user-registration-secret","details":{"method":"registerUser"}}
however, when I add secreturl as per manual, sending this command:
curl -H "Content-type:application/json" https://words.servername.tld:443/api/v1/users.register -d '{"name": "test6", "email": "test6@test.com", "pass": "aPassword", "username": "test6", "secretURL": "stringIcopiedFromDashboardAndAlsoBrowserAfterTestingTheFullURL"}'
I get the same error message as above posters:
{"success":false,"error":"must NOT have additional properties [invalid-params]","errorType":"invalid-params"}
and yeah, I checked a few times that the secretURL string is the sane. I copied it directly from the dashboard and it failed. Then I also used the string to create url for a browser (e.g. https://words.servername.tld/register/secretURLstring) and it worked, and then copying just that secretURLstring part of the url string from browser bar into the curl command also it failed (and was the same)...
Using Ubuntu 22.04.03, curl -V gives:
curl 7.81.0 (x86_64-pc-linux-gnu) libcurl/7.81.0 OpenSSL/3.0.2 zlib/1.2.11 brotli/1.0.9 zstd/1.4.8 libidn2/2.3.2 libpsl/0.21.0 (+libidn2/2.3.2) libssh/0.9.6/openssl/zlib nghttp2/1.43.0 librtmp/2.3 OpenLDAP/2.5.16
Release-Date: 2022-01-05
Protocols: dict file ftp ftps gopher gophers http https imap imaps ldap ldaps mqtt pop3 pop3s rtmp rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: alt-svc AsynchDNS brotli GSS-API HSTS HTTP2 HTTPS-proxy IDN IPv6 Kerberos Largefile libz NTLM NTLM_WB PSL SPNEGO SSL TLS-SRP UnixSockets zstd
Please let me know if you need any other information to help troubleshoot this.
I have the same problem as https://github.com/RocketChat/Rocket.Chat/issues/26622#issuecomment-1705822275
Description:
SecretUrl Parameter not working on users.register endpoint.
Steps to reproduce:
Expected behavior:
Actual behavior:
Client Setup Information