Open ccsmart opened 6 years ago
@ccsmart Actually i cannot login in https://dev.gawati.org Something is blown .... I have it working on 2 local setups... however I am running a more recent version of the gawati auth client library. Will merge that into dev, it may fix things.
You report problems second time (of two tries?) you see trying to log in. However, since reporting availability i never had. Can you check if you have DNS overrides in your hosts file ?
login as test/ test, logs in successfully but on redirect i get an alert box:
however, I do think the updated auth client implementation will fix these issues. Hosts file, no overrides in it:
127.0.0.1 localhost
127.0.0.1 gawati.local
127.0.0.1 data.local
127.0.0.1 media.local
127.0.0.1 auth.gawati.local
127.0.0.1 api.gawati.local
104.199.25.219 lexafrica.akomantoso.com
Aha. Well actually that is what i believe to be this issue #71. That is, i believe it happens immediately after login.
Should be possibly fixed by an updated gawati-auth implementation (from the gawati-client). Merging that shortly
@ccsmart intermediate fix committed, resolves the problem for now; but needs a better longer term fix.
@ccsmart committed a longer term fix in the branch auth-wrapper-indexjs which makes use of keycloak sign on, needs a bit more cleanup / testing before merging into dev .
@ccsmart Fixed in https://github.com/gawati/gawati-portal-ui/commit/5c67f3b96d50875c7312ea94159b8641e6983931 ; Also updating docs on how to setup SSO with Gawati .
request
POST /auth/realms/gawati.org/protocol/openid-connect/token HTTP/1.1 Host: auth.gawati.org Authorization: Basic Z2F3YXRpLXBvcnRhbC11aTphYTNmMjFhYS01NTY1LTQxODQtYjZiYi0xMWY4YzY0MmU2MWE= Origin: https://dev.gawati.org User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36 Content-type: application/x-www-form-urlencoded Accept: / Referer: https://dev.gawati.org/_lang/en/ Accept-Encoding: gzip, deflate, br Accept-Language: en,en-US;q=0.9,de-DE;q=0.8,de;q=0.7 Cookie: AUTH_SESSION_ID=ba0775f1-a6db-4df5-959d-d4a67162efb1.alldev; KEYCLOAK_IDENTITY=eyJhbGciOiJIUzI1NiIsImtpZCIgOiAiOWNiY2FlZGYtYTk3NS00MDk0LWExYjItNjViODUyN 2E0NDczIn0.eyJqdGkiOiIxZDRiZjRhYS0xYzVmLTRiZmYtYTVkMi1lM2E3YzUxOTcwM2MiLCJleHAiOjE1MjM2NTQyNjQsIm5iZiI6MCwiaWF0IjoxNTIzNjE4MjY0LCJpc3MiOiJodHRwczovL2F1dGguZ2F3Y XRpLm9yZy9hdXRoL3JlYWxtcy9nYXdhdGkub3JnIiwic3ViIjoiZGM3Yjk4OGQtNjI0OS00NmJlLTg3MzktZTg2Y2Y5ZWI1YWM1IiwiYXV0aF90aW1lIjowLCJzZXNzaW9uX3N0YXRlIjoiYmEwNzc1ZjEtYTZkY i00ZGY1LTk1OWQtZDRhNjcxNjJlZmIxIiwicmVzb3VyY2VfYWNjZXNzIjp7fSwic3RhdGVfY2hlY2tlciI6IjV4UkZiTXFSYlUxYjZ2aTNfdkJSTHI1RHdzc041aktHNDdKcGdoaGJkT0EifQ.SzMR0tO3gQevYA sbmQx30kyXxeWGOK4OmnnnPgA1Guk; KEYCLOAK_SESSION=gawati.org/dc7b988d-6249-46be-8739-e86cf9eb5ac5/ba0775f1-a6db-4df5-959d-d4a67162efb1 X-Forwarded-Proto: https X-Forwarded-Port: 443 X-Forwarded-For: 109.164.203.165 X-Forwarded-Host: auth.gawati.org X-Forwarded-Server: auth.gawati.org
response
HTTP/1.1 400 Bad Request Connection: keep-alive Content-Type: application/json Content-Length: 75 Date: Fri, 13 Apr 2018 11:17:44 GMT
{"error":"unauthorized_client","error_description":"Invalid client secret"}