I was using an API token for the demo host, but the docker container was hard-coded for the attack system. As a result the token was wrong. Instead of providing a meaningful error message, the system crashed.
Logs from container:
info: System.Net.Http.HttpClient.JsonApiClient.LogicalHandler[100]
Start processing HTTP request GET https://attack.aircloak.com/api/data_sources
info: System.Net.Http.HttpClient.JsonApiClient.ClientHandler[100]
Sending HTTP request GET https://attack.aircloak.com/api/data_sources
info: System.Net.Http.HttpClient.JsonApiClient.ClientHandler[101]
Received HTTP response after 793.623ms - Unauthorized
info: System.Net.Http.HttpClient.JsonApiClient.LogicalHandler[101]
End processing HTTP request after 812.2499ms - Unauthorized
fail: Microsoft.AspNetCore.Server.Kestrel[13]
Connection id "0HLUNRRR5QK4N", Request id "0HLUNRRR5QK4N:00000001": An unhandled exception was thrown by the application.
System.Net.Http.HttpRequestException: Request Error: Unauthorized -- Your API token is wrong.
Method: GET, RequestUri: 'https://attack.aircloak.com/api/data_sources', Version: 1.1, Content: <null>, Headers:
{
auth-token: SFMyNTY.g3QAAAACZAAEZGF0YW0AAAAkOGQ1NDIwOGUtY2IwZC00YzMyLWE0MGUtMDc2NmU0ZTY0N2MwZAAGc2lnbmVkbgYAcvR-QHEB.VrKG4pQBmfgE1yiGkq1FdIehbRdj4U6NMs9SRMJKhJA
Request-Id: |9af16d2d-474cce859866e570.1.
}
{"success":false,"description":"Invalid auth-token. This could be a result of the auth-token being incorrectly sent to the API backend, or the auth-token having been revoked. You can validate that your auth-token is still valid by visiting http://attack.aircloak.com:80/api_tokens."}
at Aircloak.JsonApi.JsonApiClient.ApiRequest[T](HttpMethod requestMethod, String apiEndpoint, String requestContent, JsonSerializerOptions options, CancellationToken cancellationToken) in /src/aircloak/JsonApi/JsonApiClient.cs:line 330
at Aircloak.JsonApi.JsonApiClient.ApiGetRequest[T](String apiEndpoint, JsonSerializerOptions options, CancellationToken cancellationToken) in /src/aircloak/JsonApi/JsonApiClient.cs:line 246
at Aircloak.JsonApi.JsonApiClient.GetDataSources(CancellationToken cancellationToken) in /src/aircloak/JsonApi/JsonApiClient.cs:line 59
at Explorer.Api.Controllers.ExploreController.Explore(ExploreParams data) in /src/explorer.api/Controllers/ExploreController.cs:line 48
at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.TaskOfIActionResultExecutor.Execute(IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeActionMethodAsync>g__Awaited|12_0(ControllerActionInvoker invoker, ValueTask`1 actionResultValueTask)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeNextActionFilterAsync>g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeInnerFilterAsync>g__Awaited|13_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeFilterPipelineAsync>g__Awaited|19_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Awaited|17_0(ResourceInvoker invoker, Task task, IDisposable scope)
at Microsoft.AspNetCore.Routing.EndpointMiddleware.<Invoke>g__AwaitRequestTask|6_0(Endpoint endpoint, Task requestTask, ILogger logger)
at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequests[TContext](IHttpApplication`1 application)
The response I was given as a client:
HTTP/1.1 500 Internal Server Error
Connection: close
Date: Fri, 03 Apr 2020 15:03:18 GMT
Server: Kestrel
Content-Length: 0
dandanlen
commented
4 years ago
I was using an API token for the demo host, but the docker container was hard-coded for the attack system. As a result the token was wrong. Instead of providing a meaningful error message, the system crashed.
Logs from container:
The response I was given as a client: