Tenant user created after bootstrap cannot create products and order.

[ameetcateina]

We are trying to create a product and order from the user-created after the tenant website bootstrap, but the request is failing. Below is the comparison of the token from the bootstrap user and the user-created after bootstrap. The token from the non-bootstrap user does not contain the custom tenant id field. Below are the logs of the product container. method createUser() in UserManagementService.java file does not set custome:tenant-id.

[ranjith-aws]

Hi, Just want a clarification here because createUser() function will not be invoked in the product and order flows. Are you saying you are seeing this issue when adding products/orders or when adding a user?

[ameetcateina]

Hi, it happens when I create a user on the tenant website(not on the admin website), log in with that user, and try to create products and orders. Doesn't happen when I create products and orders with the user which is created on the admin website while bootstrapping the tenant website.

[ranjith-aws]

Aah ok. Will check it out and get back. Thanks for reporting

[ameetcateina]

Hi, any updates?

[ranjith-aws]

Hi, Yes, we were able to replicate the issue and are working on a fix. You will see an update here once it is approved and merged.

[ameetcateina]

Hi ranjith. Will it take longer?

[ranjithkraman]

Hi! yes, this is going through a round of testing, so we are looking to merge it to main once that is complete. You will see updates this week.

[ranjithkraman]

Root cause: Web app not passing custom attribute "custom:tenant-id" as part of the Cognito IdToken in the case of a new user created from the tenant's application. This fails validation when the request is processed by TokenManager class inside ProductService causing the tenantId to be null and therefore rejects the request. Incoming PR to add the missing custom attribute tenant-Id while creating the new user in createUser() function of UserManagementService.java

[ranjith-aws]

Hi @ameetcateina could you retest and let us know? You would just have to rebuild and deploy the user-management-service to test this out. I will leave the issue open for now until you confirm. Please let us know how it goes.

[ameetcateina]

Hi Ranjith, I Redeployed the entire thing since we had to change aws regions. Now after deployment when I hit the admin site it gives the following error.

[ameetcateina]

When i run the build_and_upload_admin_site.sh it gives the following error.

[tobuck-aws]

Hi @ameetcateina that seems to be an issue with the node version? if you run node --version is it > 12?

[ameetcateina]

Hi, the node version is v10.24.1.

[tobuck-aws]

Can you try using a newer version of node? If you're running on cloud9 you can just run: nvm install 14 and then nvm use 14

[ameetcateina]

Hi, i upgraded the node ver and ran the admin site script but i get the following error amit_karkera:~/environment/aws-saas-factory-eks-reference-architecture (main) $ ./build_and_upload_admin_site.sh starfishstack starfishstack-adminsite-1md03juonc-adminappbucket-1cfhy3sqqsp28 e2edigital.com aws s3 ls s3://starfishstack-adminsite-1md03juonc-adminappbucket-1cfhy3sqqsp28 Current Dir: /home/ec2-user/environment/aws-saas-factory-eks-reference-architecture Configuring environment for Admin Client

eks-ref-arch-admin@ postinstall /home/ec2-user/environment/aws-saas-factory-eks-reference-architecture/clients/Admin ngcc --properties es2015 browser module main --first-only

npm WARN @babel/plugin-bugfix-v8-spread-parameters-in-optional-chaining@7.14.5 requires a peer of @babel/core@^7.13.0 but none is installed. You must install peer dependencies yourself. npm WARN @babel/plugin-proposal-class-static-block@7.14.5 requires a peer of @babel/core@^7.12.0 but none is installed. You must install peer dependencies yourself. npm WARN @coreui/angular@2.11.2 requires a peer of @angular/common@^11.0.0 but none is installed. You must install peer dependencies yourself. npm WARN @coreui/angular@2.11.2 requires a peer of @angular/core@^11.0.0 but none is installed. You must install peer dependencies yourself. npm WARN @coreui/angular@2.11.2 requires a peer of @angular/router@^11.0.0 but none is installed. You must install peer dependencies yourself. npm WARN @coreui/coreui@2.1.16 requires a peer of jquery@1.9.1 - 3 but none is installed. You must install peer dependencies yourself. npm WARN @coreui/coreui@2.1.16 requires a peer of popper.js@^1.14.3 but none is installed. You must install peer dependencies yourself. npm WARN ajv-keywords@3.5.2 requires a peer of ajv@^6.9.1 but none is installed. You must install peer dependencies yourself. npm WARN angular-auth-oidc-client@11.6.11 requires a peer of @angular/core@^11.0.5 but none is installed. You must install peer dependencies yourself. npm WARN angular-auth-oidc-client@11.6.11 requires a peer of @angular/common@^11.0.5 but none is installed. You must install peer dependencies yourself. npm WARN angular-auth-oidc-client@11.6.11 requires a peer of @angular/router@^11.0.5 but none is installed. You must install peer dependencies yourself. npm WARN bootstrap@4.6.0 requires a peer of jquery@1.9.1 - 3 but none is installed. You must install peer dependencies yourself. npm WARN bootstrap@4.6.0 requires a peer of popper.js@^1.16.1 but none is installed. You must install peer dependencies yourself. npm WARN karma-jasmine-html-reporter@1.6.0 requires a peer of jasmine-core@>=3.7.1 but none is installed. You must install peer dependencies yourself. npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.3.2 (node_modules/fsevents): npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.3.2: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"}) npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@1.2.13 (node_modules/webpack-dev-server/node_modules/fsevents): npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@1.2.13: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

removed 1 package and audited 1467 packages in 10.591s

90 packages are looking for funding run npm fund for details

found 1 moderate severity vulnerability run npm audit fix to fix them, or npm audit for details

eks-ref-arch-admin@ build /home/ec2-user/environment/aws-saas-factory-eks-reference-architecture/clients/Admin ng build --prod --aot --buildOptimizer --commonChunk --vendorChunk --optimization --progress

Option "--prod" is deprecated: Use "--configuration production" instead. Support for camel case arguments has been deprecated and will be removed in a future major version. Use '--build-optimizer' instead of '--buildOptimizer'. Support for camel case arguments has been deprecated and will be removed in a future major version. Use '--common-chunk' instead of '--commonChunk'. Support for camel case arguments has been deprecated and will be removed in a future major version. Use '--vendor-chunk' instead of '--vendorChunk'. Warning: Support was requested for IE 11 in the project's browserslist configuration. IE 11 support is deprecated since Angular v12. For more information, see https://angular.io/guide/browser-support ⠦ Generating browser application bundles (phase: building)...WARNING: Using / for division is deprecated and will be removed in Dart Sass 2.0.0.

Recommendation: math.div($spacer, 2)

More info and automated migrator: https://sass-lang.com/d/slash-div

╷

298 │ $headings-margin-bottom: $spacer / 2 !default; │ ^^^^^^^^^^^ ╵ node_modules/@coreui/coreui/scss/bootstrap/_variables.scss 298:31 @import node_modules/@coreui/coreui/scss/_variables.scss 9:9 @import node_modules/@coreui/coreui/scss/coreui.scss 10:9 @import src/scss/style.scss 5:9 root stylesheet

DEPRECATION WARNING: Using / for division is deprecated and will be removed in Dart Sass 2.0.0.

Recommendation: math.div($input-padding-y, 2)

More info and automated migrator: https://sass-lang.com/d/slash-div

╷

493 │ $input-height-inner-quarter: calc(#{$input-line-height * .25em} + #{$input-padding-y / 2}) !default; │ ^^^^^^^^^^^^^^^^^^^^ ╵ node_modules/@coreui/coreui/scss/bootstrap/_variables.scss 493:80 @import node_modules/@coreui/coreui/scss/_variables.scss 9:9 @import node_modules/@coreui/coreui/scss/coreui.scss 10:9 @import src/scss/style.scss 5:9 root stylesheet

DEPRECATION WARNING: Using / for division is deprecated and will be removed in Dart Sass 2.0.0.

Recommendation: math.div($custom-control-indicator-size, 2)

More info and automated migrator: https://sass-lang.com/d/slash-div

╷

560 │ $custom-switch-indicator-border-radius: $custom-control-indicator-size / 2 !default; │ ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ╵ node_modules/@coreui/coreui/scss/bootstrap/_variables.scss 560:49 @import node_modules/@coreui/coreui/scss/_variables.scss 9:9 @import node_modules/@coreui/coreui/scss/coreui.scss 10:9 @import src/scss/style.scss 5:9 root stylesheet

DEPRECATION WARNING: Using / for division is deprecated and will be removed in Dart Sass 2.0.0.

Recommendation: math.div($spacer, 2)

More info and automated migrator: https://sass-lang.com/d/slash-div

╷

706 │ $nav-divider-margin-y: $spacer / 2 !default; │ ^^^^^^^^^^^ ╵ node_modules/@coreui/coreui/scss/bootstrap/_variables.scss 706:37 @import node_modules/@coreui/coreui/scss/_variables.scss 9:9 @import node_modules/@coreui/coreui/scss/coreui.scss 10:9 @import src/scss/style.scss 5:9 root stylesheet

DEPRECATION WARNING: Using / for division is deprecated and will be removed in Dart Sass 2.0.0.

Recommendation: math.div($spacer, 2)

More info and automated migrator: https://sass-lang.com/d/slash-div

╷

711 │ $navbar-padding-y: $spacer / 2 !default; │ ^^^^^^^^^^^ ╵ node_modules/@coreui/coreui/scss/bootstrap/_variables.scss 711:37 @import node_modules/@coreui/coreui/scss/_variables.scss 9:9 @import node_modules/@coreui/coreui/scss/coreui.scss 10:9 @import src/scss/style.scss 5:9 root stylesheet

WARNING: 84 repetitive deprecation warnings omitted.

✔ Browser application bundle generation complete.

Error: src/app/containers/default-layout/default-layout.component.ts:4:21 - error TS2307: Cannot find module 'process' or its corresponding type declarations.

4 import { env } from 'process';

npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! eks-ref-arch-admin@ build: `ng build --prod --aot --buildOptimizer --commonChunk --vendorChunk --optimization --progress`
npm ERR! Exit status 1
npm ERR! 
npm ERR! Failed at the eks-ref-arch-admin@ build script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.

npm ERR! A complete log of this run can be found in:
npm ERR!     /home/ec2-user/.npm/_logs/2021-07-01T18_59_09_676Z-debug.log
aws s3 sync --delete --cache-control no-store dist s3://starfishstack-adminsite-1md03juonc-adminappbucket-1cfhy3sqqsp28

The user-provided path dist does not exist.

[tobuck-aws]

Sorry, I said node 14, can you try node 12? I have a fix coming in for node 14, but to get you up and running you should be able to use node 12. Note this line in the setup script

[ameetcateina]

Hi, i am using this script to deploy adminsite. ./build_and_upload_admin_site.sh starfishstack starfishstack-adminsite-1md03juonc-adminappbucket-1cfhy3sqqsp28 e2edigital.com I also tried wih url admin.e2edigital.com.

But I get the following errors. Error: src/app/containers/default-layout/default-layout.component.ts:4:21 - error TS2307: Cannot find module 'process' or its corresponding type declarations.

npm ERR! errno 1 npm ERR! eks-ref-arch-admin@ build: ng build --prod --aot --buildOptimizer --commonChunk --vendorChunk --optimization --progress npm ERR! Exit status 1 npm ERR! npm ERR! Failed at the eks-ref-arch-admin@ build script. npm ERR! This is probably not a problem with npm. There is likely additional logging output above.

npm ERR! A complete log of this run can be found in: npm ERR! /home/ec2-user/.npm/_logs/2021-07-02T05_04_54_068Z-debug.log aws s3 sync --delete --cache-control no-store dist s3://starfishstack-adminsite-1md03juonc-adminappbucket-1cfhy3sqqsp28

The user-provided path dist does not exist.

[tobuck-aws]

@ameetcateina I just pushed a change that should fix the build issue. Please make sure that you're running > node 12 in your terminal before attempting to run the build_and_upload_admin_site.sh script

[ameetcateina]

node version is 12 as you suggested but its throwing same error

[tobuck-aws]

Did you pull the latest commit?

[ameetcateina]

Sorry, my bad it wasn't the latest commit. But after doing git clone to the latest commit I get this error.

amit_karkera:~/environment/aws-saas-factory-eks-reference-architecture (main) $ ./build_and_upload_admin_site.sh starfishstack starfishstack-adminsite-1md03juonc-adminappbucket-1cfhy3sqqsp28 e2edigital.com
aws s3 ls s3://starfishstack-adminsite-1md03juonc-adminappbucket-1cfhy3sqqsp28 Current Dir: /home/ec2-user/environment/aws-saas-factory-eks-reference-architecture Configuring environment for Admin Client npm WARN using --force I sure hope you know what you are doing. npm WARN Invalid version: "1.0" npm WARN Admin No description npm WARN Admin No repository field. npm WARN Admin No README data npm WARN Admin No license field.

up to date in 0.367s found 0 vulnerabilities

npm ERR! Invalid version: "1.0"

npm ERR! A complete log of this run can be found in: npm ERR! /home/ec2-user/.npm/_logs/2021-07-02T18_49_51_774Z-debug.log aws s3 sync --delete --cache-control no-store dist s3://starfishstack-adminsite-1md03juonc-adminappbucket-1cfhy3sqqsp28

The user-provided path dist does not exist. amit_karkera:~/environment/aws-saas-factory-eks-reference-architecture (main) $ node --version v12.22.2

[tobuck-aws]

Please pull again. I accidentally added a version to the package.json

[ameetcateina]

Hi, I am able to access the website but the same error has occurred which I posted here in the beginning. Unauthorized error.

[tobuck-aws]

Hi @ameetcateina, notice the redirect_mismatch in the error string that's returned. Notice how the redirect URL is setup in the client by looking at this file. It's setting the redirectUrl url to window.location.origin. Assuming your admin application is running from from the appropriate Route53 alias, the value of window.location.origin should match the value of your Application Client's "Callback URL(s)" as seen in this screen shot. Can you verify that your Callback URL matches the domain name of your admin site?

[ameetcateina]

Hi Toby, Yes, it does match the URL of the window. location.origin.

[tobuck-aws]

Sorry this is becoming such an ordeal :( Are you sure you were attempting to hit the admin site from the https vs. http url? So, in your case, it should be https://admin.e2edigital.com

[ameetcateina]

Hey toby, it's working. working. The tenant user cannot make products on the tenant website. Also, a separate kubernetes namespace is not getting created for the tenant. Should I install everything from scratch?

[tobuck-aws]

It might not be a bad idea. We've had minor issues installing (we did it again last weekend), but nothing like what you're seeing. Perhaps it's a region thing. If the namespace isn't getting created, you should look at the codepipeline that gets spun up for the tenant. There will be diagnostic information in the codebuild log.

[ameetcateina]

Thanks for your time and effort, it's working after a fresh install. The only thing not working is the logout functionality on both admin and tenant sites.