search

kasmtech / workspaces-issues

18 stars 3 forks source link

Encountering 'Login Failed' Error with Kasm URL Returned by API #543

Closed narainaDewasi closed 1 month ago

narainaDewasi commented 2 months ago

I have already checked the following issues: #90 and #97. My instance fulfills the minimum requirements for a Kasm deployment.

The problem arises when I create a Kasm using the API provided at https://kasmweb.com/docs/latest/developers/developer_api.html#post--api-public-request_kasm. In the response, I retrieve the URL of the session, but upon redirection to that URL, I encounter an error indicating 'login failed.'

Furthermore, when attempting to use the API endpoint https://kasmweb.com/docs/latest/developers/developer_api.html#post--api-public-get_login for obtaining the login URL and subsequently redirecting to it, I encounter the same error.

Below are the error logs: : -


2024-04-10 06:10:58,844 [INFO] cherrypy.access.140010034769776: 172.18.0.9 - - [10/Apr/2024:06:10:58] "GET /api/__healthcheck HTTP/1.1" 200 12 "" "axios/1.6.7"
2024-04-10 06:10:58,861 [INFO] cherrypy.access.140010034769776: 172.18.0.9 - - [10/Apr/2024:06:10:58] "POST /api/guac_get_managers HTTP/1.1" 200 35 "" "axios/1.6.7"
2024-04-10 06:10:59,627 [DEBUG] client_api_server: Unauthenticated user made authorized API call to (login_saml) from IP address (65.20.70.39).
2024-04-10 06:10:59,632 [ERROR] cherrypy.error.140010034769776: [10/Apr/2024:06:10:59] HTTP
Traceback (most recent call last):
  File "jwt/api_jws.py", line 164, in _load
ValueError: not enough values to unpack (expected 2, got 1)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "cherrypy/_cprequest.py", line 628, in respond
  File "cherrypy/_cprequest.py", line 687, in _do_respond
  File "cherrypy/lib/encoding.py", line 219, in __call__
  File "cherrypy/lib/jsontools.py", line 59, in json_handler
  File "cherrypy/_cpdispatch.py", line 54, in __call__
  File "utils.py", line 99, in wrapper
  File "client_api.py", line 1148, in login_saml
  File "jwt/api_jwt.py", line 70, in decode
  File "jwt/api_jws.py", line 167, in _load
jwt.exceptions.DecodeError: Not enough segments
2024-04-10 06:10:59,636 [ERROR] root: Unhandled exception occurred
Traceback (most recent call last):
  File "jwt/api_jws.py", line 164, in _load
ValueError: not enough values to unpack (expected 2, got 1)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "cherrypy/_cprequest.py", line 628, in respond
  File "cherrypy/_cprequest.py", line 687, in _do_respond
  File "cherrypy/lib/encoding.py", line 219, in __call__
  File "cherrypy/lib/jsontools.py", line 59, in json_handler
  File "cherrypy/_cpdispatch.py", line 54, in __call__
  File "utils.py", line 99, in wrapper
  File "client_api.py", line 1148, in login_saml
  File "jwt/api_jwt.py", line 70, in decode
  File "jwt/api_jws.py", line 167, in _load
jwt.exceptions.DecodeError: Not enough segments
2024-04-10 06:10:59,642 [INFO] cherrypy.access.140010034769776: 172.18.0.9 - - [10/Apr/2024:06:10:59] "POST /api/login_saml HTTP/1.1" 500 78 "https://13.233.234.124/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36"
2024-04-10 06:10:59,676 [DEBUG] client_api_server: Unauthenticated user made authorized API call to (login_settings) from IP address (65.20.70.39).
2024-04-10 06:10:59,700 [INFO] cherrypy.access.140010034769776: 172.18.0.9 - - [10/Apr/2024:06:10:59] "POST /api/login_settings HTTP/1.1" 200 673 "https://13.233.234.124/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36"
2024-04-10 06:10:59,751 [DEBUG] client_api_server: Unauthenticated user made authorized API call to (login_settings) from IP address (65.20.70.39).
2024-04-10 06:10:59,753 [INFO] cherrypy.access.140010034769776: 172.18.0.9 - - [10/Apr/2024:06:10:59] "POST /api/login_settings HTTP/1.1" 200 673 "https://13.233.234.124/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" ```
j-travis commented 2 months ago

This is a bug in 1.15.0

Your options are to:

  1. Install clean using the --use-rolling-images flag when running install.sh

  2. On an existing install, update your system to use the kasmweb/api:1.15.0-rolling image:

Stop the services on the Kasm server (Or the WebApp role if using multi-server)

sudo /opt/kasm/bin/stop

Modify /opt/kasm/current/docker/docker-compose.yaml

sudo vi  /opt/kasm/current/docker/docker-compose.yaml

In the kasm_api section, adjust the image to be kasmweb/api:1.15.0-rolling. It should look like this

...
  kasm_api:
    container_name: kasm_api
    user: "${KASM_UID?}:${KASM_GID?}"
    image: "kasmweb/api:1.15.0-rolling"
    read_only: true
    networks:
      - kasm_default_network
    volumes:
      - /opt/kasm/1.15.0:/opt/kasm/current
      - /opt/kasm/1.15.0/tmp/api:/tmp
    depends_on:
      - db
    restart: always
    logging:
      driver: "json-file"
      options:
...

Remove the existing kasm_api container

sudo docker rm -f kasm_api

Start the services

sudo /opt/kasm/bin/start

You can verify you are running the patched code by looking at the System Info page in your deployment. The API Server Build should be 1.15.0.3e3c97

image

narainaDewasi commented 2 months ago

Thank for the quick reply, now its working properly.