search

gematik / epa-deployment

Project includes docker-compose file to start all relevant services (including VAU encryption/decryption) for an ePA environment.
Apache License 2.0
11 stars 4 forks source link

VAU: "Required request body is missing" (send_authcode_sc) #20

Closed s3schreiber closed 4 months ago

s3schreiber commented 4 months ago

Hello

We are currently trying to establish an authenticated connection through the VAU as described here

{
  "authorizationCode" : "eyJlbmMiOiJBMjU2R0NNIiwiY3R5IjoiTkpXVCIsImV4cCI6MTcyMTIxMTUwNSwiYWxnIjoiZGlyIiwia2lkIjoiMDAwMSJ9..ytZfkuqqvywDIQw9.UuoYT40u_FxuholMPYZTvEFOj9uNr4NbS7Wq2IphE3FVaWZcUqpwxh_Sty4D-KO0ZRmB0CuncdWb7NjillX0MDxUyBLWfWdUQXRvaQQ5QZ8MbsmywcjFBd4uJpnMbz-Ef-FuY_cW3ujdDu1RUcehnPti-s-Vqz8i6WslqQ3MWFtWFjzaylaCtLnfN37fE6PmgjmNIHqDBjgrDHc08Uod_ixgVX8EXR25FETcHZyW8jfUY4Uha-Zk-Fl7--SPT3AW0s3X3fFGS_B3uw60_mFzS8eZZwjs6JOfdAXB-BlqG2wXWniRMk0oqYxROdEiNWewME4qThjsHDkQ1sfb9FSsdZMe3XIdE8kE8jmpBeZ9y2vkMpXD63dJVY_TU3xd95mZKYhoC-bHAiFEZlWnP02o6oM3K6XTFCLKs8nAEqxcxA0xG8Tx3MkXjmLOU1ske_EkTDcWeZmfEcYMMTDoAy3Hke8QetyzWiJLdOAkf2vCiQEP-yxNZ5pTjdm0rOwmq8E2moRhwmpHz3bWnyHvVAF0Sa_s1c8S7NcjTwqHBDnjcNvf1Fp37K6VEjNOjkXag9Tz0qScdoWWx-quENs4U56NXclmOtLU2T039xMeqe4CttjcUi1pX3N2ulPWtshYEt6ZUrMvllnb-S55tab38MK4JalW6PIXXNCABqJCdVzwgja5HtsGySUri5NmK5vss4AjF1ZTgQQLjwYOoh8RzqtXOHQbDowoLVvCs5Z67pvsbP6J2GGJYzhVT8_3UuAzt6HwZPaSYOx5rRE_JPRhsru3_aSTjkTNeeItVtcTeM3M7fHAOpmhFpAFjRJ9hbg2w74K5bNsfQjHUaholN5CE8JGbsT4Xc769jdUoRyR43kxp-8sCsvFsQsm2H8niwvaLi_olupKKhnzXtvtYqV_XQf7YGFe32-28OSdcwYTdqz8Zboh36aDpx9iTw4jHkjEGsRW66VRYt6-53GVNT5Z7pvAoaKzcju646_FUxeYscqS7jGddXTlxcXI01X6kyjCLD253dS59Xnx53aLNRIyB4f2ihJboGvTSJTl4cbN2JWX9TpyZjD5JxHIQeG78FQY07RwK4zasddvJ1_K7fCSK7DQXqpjVA0KL9vLWolmub_FLS9L4jCg3UuZegVVdbuw8Yf-dHyryLL1tHiBEuO1d3QqNu2eZ0iMJN77c3PdaNbTQXD4LIbNNDjuqeNW_lkJsxUeW22LFbvbzEdxud_uhUsOKo757OE-vfZJLi4VIjSazkX7ureFoSf4Km2-r3LC1rzH_Krh7RZAqOIqEG1cUf2aZnF_VF3OKvYdWnx0Uwo7ba90p5KylLt2ZCyGCD-oO60x7aGxWN6mhjrZbc6HlvJyRIq_tH2LzgA3fTGXzjGD7btLEeH5RX6V4ZIPMTo0tplIq0RgaOuLAxQrumdhEL0nfd5cVIjfiJpMvNork6exhqDDlnj4nFK59p0sDC4cvcWtNEGuP-R8peLWJpZb.v-lXeIZ-cOKCoa1-T1yxLw",
  "clientAttest" : "eyJ4NWMiOlsiTUlJRHJqQ0NBMVdnQXdJQkFnSUhBVkhtODNNQ05UQUtCZ2dxaGtqT1BRUURBakNCbWpFTE1Ba0dBMVVFQmhNQ1JFVXhIekFkQmdOVkJBb01GbWRsYldGMGFXc2dSMjFpU0NCT1QxUXRWa0ZNU1VReFNEQkdCZ05WQkFzTVAwbHVjM1JwZEhWMGFXOXVJR1JsY3lCSFpYTjFibVJvWldsMGMzZGxjMlZ1Y3kxRFFTQmtaWElnVkdWc1pXMWhkR2xyYVc1bWNtRnpkSEoxYTNSMWNqRWdNQjRHQTFVRUF3d1hSMFZOTGxOTlEwSXRRMEUxTVNCVVJWTlVMVTlPVEZrd0hoY05Nakl3T1RFeU1EQXdNREF3V2hjTk1qY3dPVEV4TWpNMU9UVTVXakNCN1RFTE1Ba0dBMVVFQmhNQ1JFVXhFVEFQQmdOVkJBY01DRVp5WldsaWRYSm5NUTR3REFZRFZRUVJEQVUzT1RFeE5ERVlNQllHQTFVRUNRd1BVM1Z1WkdkaGRXRnNiR1ZsSURVNU1UTXdNUVlEVlFRS0RDcFFjbUY0YVhNZ1VISnZaaTRnUkhJdUlFMXZjbWwwZWlCSXc3eHNiRzFoYm01T1QxUXRWa0ZNU1VReEVqQVFCZ05WQkFRTUNVakR2R3hzYldGdWJqRVBNQTBHQTFVRUtnd0dUVzl5YVhSNk1SSXdFQVlEVlFRTURBbFFjbTltTGlCRWNpNHhNekF4QmdOVkJBTU1LbEJ5WVhocGN5QlFjbTltTGlCRWNpNGdUVzl5YVhSNklFakR2R3hzYldGdWJsUkZVMVF0VDA1TVdUQmFNQlFHQnlxR1NNNDlBZ0VHQ1Nza0F3TUNDQUVCQndOQ0FBUldOMUwrRGNhVldxdnV5UDhzUHJQNzhaQ0dTekVkU1RXMXkvVVJLWktmaW90TVQzQjkwYnFXN0NFc1pUVWM0MUFDVXJSbllXcHZjekw3SVBrblgrMTNvNElCTGpDQ0FTb3dIUVlEVlIwT0JCWUVGTFdCa3FHa2JodWVpTFdmdThFcFNycTZZd1BuTURnR0NDc0dBUVVGQndFQkJDd3dLakFvQmdnckJnRUZCUWN3QVlZY2FIUjBjRG92TDJWb1kyRXVaMlZ0WVhScGF5NWtaUzl2WTNOd0x6QVRCZ05WSFNVRUREQUtCZ2dyQmdFRkJRY0RBakFmQmdOVkhTTUVHREFXZ0JRR21Pa0NWZi9KbjF5alpRN3hYZUlnOVlUN2t6QWdCZ05WSFNBRUdUQVhNQW9HQ0NxQ0ZBQk1CSUVqTUFrR0J5cUNGQUJNQkUwd0RnWURWUjBQQVFIL0JBUURBZ2VBTUF3R0ExVWRFd0VCL3dRQ01BQXdXUVlGS3lRSUF3TUVVREJPTUV3d1NqQklNRVl3Rmd3VVFtVjBjbWxsWW5OemRNT2tkSFJsSUVGeWVuUXdDUVlIS29JVUFFd0VNaE1oTVMxVFRVTXRRaTFVWlhOMGEyRnlkR1V0T0Rnek1URXdNREF3TVRReE5qZzVNQW9HQ0NxR1NNNDlCQU1DQTBjQU1FUUNJQ1Q0ZE5scWFRcDhWNWFFMDExNGx1a3ZicGxjZU83NSsxTFhEUERaa0hzUEFpQXVRMnpiaE9yeFRwcEZ0MGt4YTR2YitPQUtuOWRGcm1lMWloYm1LMTFlQWc9PSJdLCJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiJ9.eyJub25jZSI6ImNlNTExYTRlMjFjYTk3YjQ2YTUyNWEwZDI5OWFmNmNmMzM2ZDBiYTcxMGE0YjRkZjFmOTRkMWNjNTc5Y2RmN2IiLCJpYXQiOjE3MjEyMTE0NDJ9.MEUCIA8fcM7P26fOWrsofOlJtsHtmxlAECo3RqqXjtGkyq5BAiEAjwRMJKn4iqoOzJwF_EOgpeUWFlmjYxg2bOICBjM9R54"
}

The Problem we are running into is that when the clientAttest and authorizationCode are sent to the send_authcode_sc-endpoint, the following error message is returned:

{
  "MessageType" : "Error",
  "Message" : "Transcript Error: 500 : \"{\"error\":\"invalid_request\",\"error_description\":\"AsEpa Runtime Exception: Required request body is missing: public de.gematik.idp.asforepa.data.AuthorizationResponse de.gematik.idp.asforepa.controller.AuthorizationController.sendAuthCodeSc(de.gematik.idp.asforepa.data.UserAgentHeader,de.gematik.idp.asforepa.data.AuthCodeRequest)\"}\"",
  "ErrorCode" : 5
}

It is unclear to me whether this indicates a structural issue with the request or whether the content of the two tokens is invalid.

I have attached the traffic log here: trafficLog-240717.tgr.txt

s3schreiber commented 4 months ago

The Content-Length-header was missing on the inner request. Tiger still showed and parsed the content correctly, the authorization service did not.