search

keygen-sh / keygen-api

Keygen is a fair source software licensing and distribution API built with Ruby on Rails. For developers, by developers.
https://keygen.sh
Other
699 stars 40 forks source link

The requested endpoint was not found! #807

Closed emir0903d closed 3 months ago

emir0903d commented 3 months ago

Request URL: GET http://localhost:5173/keygensh/accounts/c7cb09ea-c2c1-4339-b904-fd4eacef7a91/users Response: code: "NOT_FOUND" detail: "The requested endpoint was not found (check your HTTP method, Accept header, and URL path)"

KeygenLog:

> I, [2024-04-04T17:17:17.464763 #18]  INFO -- : [864a9b7f-7cf6-40a4-a63c-9dae597f2a68] source=rack-timeout id=864a9b7f-7cf6-40a4-a63c-9dae597f2a68 timeout=15000ms state=ready
> I, [2024-04-04T17:17:17.472224 #18]  INFO -- : [864a9b7f-7cf6-40a4-a63c-9dae597f2a68] method=POST path=/v1/accounts/c7cb09ea-c2c1-4339-b904-fd4eacef7a91/users format=jsonapi controller=ErrorsController action=show status=404 duration=2.20 view=0.10 db=0.00 host=keygen-service.default.svc.cluster.local request_id=ee13629f-cbb2-4c6e-a565-482332bf00e4 api_version=1.5 query_params=N/A account_id=N/A account_slug=N/A env_id=N/A env_code=N/A bearer_type=N/A bearer_id=N/A token_id=N/A authn=N/A authz=N/A ip=10.244.1.240 user_agent=curl/8.5.0 origin=N/A time=2024-04-04 17:17:17 UTC code=NOT_FOUND encoded_response=eyJtZXRhIjp7ImlkIjoiZWUxMzYyOWYtY2JiMi00YzZlLWE1NjUtNDgyMzMyYmYwMGU0In0sImVycm9ycyI6W3sidGl0bGUiOiJOb3QgZm91bmQiLCJkZXRhaWwiOiJUaGUgcmVxdWVzdGVkIGVuZHBvaW50IHdhcyBub3QgZm91bmQgKGNoZWNrIHlvdXIgSFRUUCBtZXRob2QsIEFjY2VwdCBoZWFkZXIsIGFuZCBVUkwgcGF0aCkiLCJjb2RlIjoiTk9UX0ZPVU5EIn1dfQ== rate_limited=false rate_reset=2024-04-04 17:17:30 +0000 rate_window=30 rate_count=1 rate_limit=60 rate_remaining=59
> I, [2024-04-04T17:17:17.472368 #18]  INFO -- : [864a9b7f-7cf6-40a4-a63c-9dae597f2a68] source=rack-timeout id=864a9b7f-7cf6-40a4-a63c-9dae597f2a68 timeout=15000ms service=8ms state=completed

Please advise...

Example:

/ # curl -v -X POST http://keygen-service.default.svc.cluster.local:3000/v1/acco
unts/c7cb09ea-c2c1-4339-b904-fd4eacef7a91/users -H 'Content-Type: application/vn
d.api+json' -H 'Accept: application/vnd.api+json' -d '{"data":{"type":"users","attributes":{"firstName":"John2","lastName":"Doe2","email":"jdoe2@keygen.sh","pas
sword":"secret2"}}}'
Note: Unnecessary use of -X or --request, POST is already inferred.
* Host keygen-service.default.svc.cluster.local:3000 was resolved.
* IPv6: (none)
* IPv4: 10.106.117.230
*   Trying 10.106.117.230:3000...
* Connected to keygen-service.default.svc.cluster.local (10.106.117.230) port 3000
> POST /v1/accounts/c7cb09ea-c2c1-4339-b904-fd4eacef7a91/users HTTP/1.1
> Host: keygen-service.default.svc.cluster.local:3000
> User-Agent: curl/8.5.0
> Content-Type: application/vnd.api+json
> Accept: application/vnd.api+json
> Content-Length: 125
> 
< HTTP/1.1 404 Not Found
< X-Frame-Options: SAMEORIGIN
< X-XSS-Protection: 0
< X-Content-Type-Options: nosniff
< X-Download-Options: noopen
< X-Permitted-Cross-Domain-Policies: none
< Referrer-Policy: strict-origin-when-cross-origin
< Content-Type: application/vnd.api+json; charset=utf-8
< Vary: Accept, Origin
< Report-To: { "group": "csp-reports", "max_age": 10886400, "endpoints": [{ "url": "https://keygen-service.default.svc.cluster.local/-/csp-reports" }] }
< Content-Security-Policy: default-src 'none'; report-uri /-/csp-reports; report-to csp-reports;
< X-RateLimit-Window: 30s
< X-RateLimit-Count: 1
< X-RateLimit-Limit: 60
< X-RateLimit-Remaining: 59
< X-RateLimit-Reset: 1712252130
< Cache-Control: no-store
< Keygen-Account: 
< Keygen-Bearer: 
< Keygen-Token: 
< Keygen-Environment: 
< Keygen-License: 
< Keygen-Edition: CE
< Keygen-Mode: singleplayer
< Keygen-Version: 1.5
< X-Powered-By: Ruby, Rails, and a lot of coffee. (And the occasional Islay.)
< X-Request-Id: 4a32e227-0e85-4e0d-9d43-328f69bb3fb4
< Transfer-Encoding: chunked
ezekg commented 3 months ago

Make sure your KEYGEN_HOST environment header is set to the correct value. It's a required environment variable and will cause routing issues if not set. In your example, it should be set to keygen-service.default.svc.cluster.local.

Docs: https://keygen.sh/docs/self-hosting/#configuration

emir0903d commented 3 months ago

Thank you very much for your response. KEYGEN_HOST is set to value: "keygen-service.default.svc.cluster.local" From inside of other container i am able to ie: create the user:


/app # curl -v -X POST -H 'Content-Type: application/vnd.api+json' -H 'Accept: a
pplication/vnd.api+json' -H 'Authorization: Bearer admin-49fa5539cd4bc91daa8777f
d0ef4a21a9e34a8d4889e953a3f76af03abb50690v3' -d '{"data": {"type": "users", "att
ributes": {"firstName": "John2", "lastName": "Doe2", "email": "jdoe2@keygen.sh",
 "password": "secret2"}}}' http://keygen-service.default.svc.cluster.local:3000/
v1/accounts/5baeeeb9-4bf7-4222-92d0-6b2e97611859/users
Note: Unnecessary use of -X or --request, POST is already inferred.
* Host keygen-service.default.svc.cluster.local:3000 was resolved.
* IPv6: (none)
* IPv4: 10.106.117.230
*   Trying 10.106.117.230:3000...
* Connected to keygen-service.default.svc.cluster.local (10.106.117.230) port 3000
> POST /v1/accounts/5baeeeb9-4bf7-4222-92d0-6b2e97611859/users HTTP/1.1
> Host: keygen-service.default.svc.cluster.local:3000
> User-Agent: curl/8.5.0
> Content-Type: application/vnd.api+json
> Accept: application/vnd.api+json
> Authorization: Bearer admin-49fa5539cd4bc91daa8777fd0ef4a21a9e34a8d4889e953a3f76af03abb50690v3
> Content-Length: 136
> 
< HTTP/1.1 201 Created
< X-Frame-Options: SAMEORIGIN
< X-XSS-Protection: 0
< X-Content-Type-Options: nosniff
< X-Download-Options: noopen
< X-Permitted-Cross-Domain-Policies: none
< Referrer-Policy: strict-origin-when-cross-origin
< Content-Type: application/vnd.api+json; charset=utf-8
< Location: http://keygen-service.default.svc.cluster.local:3000/v1/accounts/5baeeeb9-4bf7-4222-92d0-6b2e97611859/users/88d40675-9a16-4a54-a24b-240a9a71e973
< Report-To: { "group": "csp-reports", "max_age": 10886400, "endpoints": [{ "url": "https://keygen-service.default.svc.cluster.local/-/csp-reports" }] }
< Content-Security-Policy: default-src 'none'; report-uri /-/csp-reports; report-to csp-reports;
< X-RateLimit-Window: 30s
< X-RateLimit-Count: 1
< X-RateLimit-Limit: 300
< X-RateLimit-Remaining: 299
< X-RateLimit-Reset: 1712302500
< Cache-Control: no-store
< Keygen-Account: 5baeeeb9-4bf7-4222-92d0-6b2e97611859
< Keygen-Bearer: 60f97a83-ba64-4322-95f3-7e89b4e4d736
< Keygen-Token: e2834103-d83e-4963-bd61-81b7481be273
< Keygen-Environment: 
< Keygen-License: 
< Keygen-Edition: CE
< Keygen-Mode: singleplayer
< Keygen-Version: 1.5
< X-Powered-By: Ruby, Rails, and a lot of coffee. (And the occasional Islay.)
< Date: Fri, 05 Apr 2024 07:34:50 GMT
< Digest: sha-256=PRjl1Xw+TL80nbhaO9Pd6y/fUyxqdDHmf6CdPONjQkA=
< Keygen-Signature: keyid="5baeeeb9-4bf7-4222-92d0-6b2e97611859", algorithm="ed25519", signature="rfh7a6J8vHgPOfrSWRmpLrhID8+ib6f1eVzKZHQ0teEqTlYTl0HxN19NPtUBPgH6vjKhEPaWvBUy/MZ6Ps8QBw==", headers="(request-target) host date digest"
< Keygen-Date: Fri, 05 Apr 2024 07:34:50 GMT
< Keygen-Digest: sha-256=PRjl1Xw+TL80nbhaO9Pd6y/fUyxqdDHmf6CdPONjQkA=
< X-Request-Id: 892377eb-c266-4724-bde9-083f54b453a9
< Vary: Origin
< Transfer-Encoding: chunked
< 
{"data":{"id":"88d40675-9a16-4a54-a24b-240a9a71e973","type":"users","attributes":{"fullName":"John2 Doe2","firstName":"John2","lastName":"Doe2","email":"jdoe2@keygen.sh","status":"ACTIVE","role":"user","permissions":["arch.read","artifact.read","channel.read","component.create","component.delete","component.read","component.update","constraint.read","engine.read","entitlement.read","group.licenses.read","group.machines.read","group.owners.read","group.read","group.users.read","license.check-in","license.check-out","license.create","license.delete","license.policy.update","license.read","license.renew","license.revoke","license.usage.increment","license.validate","machine.check-out","machine.create","machine.delete","machine.heartbeat.ping","machine.proofs.generate","machine.read","machine.update","package.read","platform.read","process.create","process.delete","process.heartbeat.ping","process.read","process.update","release.download","release.read","release.upgrade","token.generate","token.read","token.regenerate","token.revoke","user.password.reset","user.password.update","user.read","user.second-factors.create","user.second-factors.delete","user.second-factors.read","user.second-factors.update","user.update"],"metadata":{},"created":"2024-04-05T07:34:50.251Z","updated":"2024-04-05T07:34:50.251Z"},"relationships":{"account":{"links":{"related":"/v1/accounts/5baeeeb9-4bf7-4222-92d0-6b2e97611859"},"data":{"type":"accounts","id":"5baeeeb9-4bf7-4222-92d0-6b2e97611859"}},"group":{"links":{"related":"/v1/accounts/5baeeeb9-4bf7-4222-92d0-6b2e97611859/users/88d40675-9a16-4a54-a24b-240a9a71e973/group"},"data":null},"products":{"links":{"related":"/v1/accounts/5baeeeb9-4bf7-4222-92d0-6b2e97611859/users/88d40675-9a16-4a54-a24b-240a9a71e973/products"}},"licenses":{"links":{"related":"/v1/accounts/5baeeeb9-4bf7-4222-92d0-6b2e97611859/users/88d40675-9a16-4a54-a24b-240a9a71e973/licenses"}},"machines":{"links":{"related":"/v1/accounts/5baeeeb9-4bf7-4222-92d0-6b2e97611859/users/88d40675-9a16-4a54-a24b-240a9a71e973/machines"}},"tokens":{"links":{"related":"/v1/accounts/5baeeeb9-4bf7-4222-92d0-6b2e97611859/users/88d40675-9a16-4a54-a24b-240a9a71e973/tokens"}},"secondFactors":{"links":{"related":"/v1/accounts/5baeeeb9-4bf7-4222-92d0-6b2e97611859/users/88d40675-9a16-4a54-a24b-240a9a71e973/second-factors"}}},"links":{"self":"/v1/accounts/5baeeeb9-4bf7-4222-92d0-6b2e97611859/users/88d40675-9a16-4a54-a24b-240a9a71e973"}}}* Connection #0 to host keygen-service.default.svc.cluster.local left intact
/app #

but when running the application from that container still getting the same NotFoundEndpoint response. Tried adding multiple KEYGEN_HOSTS and KEYGEN_SUBDOMAIN... but then even the stuff that worked are not working anymore.

Please advise...

ezekg commented 3 months ago

If you're able to make the request from inside the container, but not outside, then this is an issue with your reverse proxy. Please read the documentation on reverse proxies thoroughly, namely this section:

*Your reverse proxy MUST be a well-behaved reverse proxy by setting all `X-Forwarded-` headers.** Keygen WILL NOT be accessible and WILL NOT operate correctly if your reverse proxy does not provide the following forwarding information:

  • X-Forwarded-Proto is used to determine if the original request was over TLS before passing through a TSL-terminating reverse proxy.
  • X-Forwarded-For is used to determine the original client IP for rate limiting/logging purposes.
  • X-Forwarded-Host is used to determine the original host of the request.

If your reverse proxy does not provide these headers, you MUST modify it to do so.

To me, it sounds like your reverse proxy is not sending the X-Forwarded-Host header specifically.