search

ging / fiware-pep-proxy

Support for proxy functions within OAuth2-based authentication schemas. Also implements PEP functions within an XACML-based access control schema.
https://fiware-pep-proxy.rtfd.io/
MIT License
27 stars 46 forks source link

Moving from Docker Hub image tag 7.0.2 to 7.4.0 or later with Docker Compose causes "TypeError: Cannot read property 'secret' of undefined" #86

Closed minimalisti closed 5 years ago

minimalisti commented 5 years ago

I am running a FIWARE system using Docker Compose which includes Orion, Keyrock, and Wilma. I use Wilma as a proxy in front of Orion, and using Keyrock as basic PDP. This system works as expected with Wilma 7.0.2 Docker Hub image, and I can request Orion entities if I have a correct access token. However, if I change the Wilma Docker Hub image used in docker-compose.yml from 7.0.2 to 7.4.0 or any later, this causes an error: 

fiware-orion-proxy | TypeError: Cannot read property 'secret' of undefined
fiware-orion-proxy |     at pep (/opt/fiware-pep-proxy/controllers/root.js:58:28)
fiware-orion-proxy |     at Layer.handle [as handle_request] (/opt/fiware-pep-proxy/node_modules/express/lib/router/layer.js:95:5)
fiware-orion-proxy |     at next (/opt/fiware-pep-proxy/node_modules/express/lib/router/route.js:137:13)
fiware-orion-proxy |     at next (/opt/fiware-pep-proxy/node_modules/express/lib/router/route.js:131:14)
fiware-orion-proxy |     at next (/opt/fiware-pep-proxy/node_modules/express/lib/router/route.js:131:14)
fiware-orion-proxy |     at next (/opt/fiware-pep-proxy/node_modules/express/lib/router/route.js:131:14)
fiware-orion-proxy |     at next (/opt/fiware-pep-proxy/node_modules/express/lib/router/route.js:131:14)
fiware-orion-proxy |     at next (/opt/fiware-pep-proxy/node_modules/express/lib/router/route.js:131:14)
fiware-orion-proxy |     at next (/opt/fiware-pep-proxy/node_modules/express/lib/router/route.js:131:14)
fiware-orion-proxy |     at Route.dispatch (/opt/fiware-pep-proxy/node_modules/express/lib/router/route.js:112:3)

Problem seems to be connected to these lines in /controllers/root.js

 if (config.pep.token.secret) {
        jsonwebtoken.verify(authToken, config.pep.token.secret, function(
          err,
          userInfo
        ) {
...

Any help on getting to use the newer versions of Wilma running would be greatly appreciated!

YatinArora-NEC commented 5 years ago

I have worked for tag 7.5.1 ,it works fine for me. In case of "secret" in config.js of pep-proxy ,it can be obtained from keyrock(GUI) in case we are using JSON web token which is used to validate the jwt token.

If we are using simple bearer token the secret needs to be left blank and in Keyrock GUI (nothing selected under token type).

Configurations in pep proxy under config.js file : config.idm = { host: '', port: ,

config.app = { host: '', port: '',

where host and port of application which is registered in Keyrock must be entered.

config.pep = { app_id: '', username: '', password: '', token: { secret: '' // Secret must be configured in order validate a jwt }, where app_id, username ,password can be obtained from Keyrock while registering pep proxy and "secret" can be obtained from Keyrock under token type (when jwt is selected).

config.authorization = { enabled: false, pdp: 'idm',

set enabled to true for checking the roles and permissions from keyrock.

minimalisti commented 5 years ago

@YatinArora-NEC : thank you very much for your help! It seems that I had missed changes made to config.js-file. But now everything is working well.