Closed emir0903d closed 3 months ago
Make sure your KEYGEN_HOST
environment header is set to the correct value. It's a required environment variable and will cause routing issues if not set. In your example, it should be set to keygen-service.default.svc.cluster.local
.
Thank you very much for your response. KEYGEN_HOST is set to value: "keygen-service.default.svc.cluster.local" From inside of other container i am able to ie: create the user:
/app # curl -v -X POST -H 'Content-Type: application/vnd.api+json' -H 'Accept: a
pplication/vnd.api+json' -H 'Authorization: Bearer admin-49fa5539cd4bc91daa8777f
d0ef4a21a9e34a8d4889e953a3f76af03abb50690v3' -d '{"data": {"type": "users", "att
ributes": {"firstName": "John2", "lastName": "Doe2", "email": "jdoe2@keygen.sh",
"password": "secret2"}}}' http://keygen-service.default.svc.cluster.local:3000/
v1/accounts/5baeeeb9-4bf7-4222-92d0-6b2e97611859/users
Note: Unnecessary use of -X or --request, POST is already inferred.
* Host keygen-service.default.svc.cluster.local:3000 was resolved.
* IPv6: (none)
* IPv4: 10.106.117.230
* Trying 10.106.117.230:3000...
* Connected to keygen-service.default.svc.cluster.local (10.106.117.230) port 3000
> POST /v1/accounts/5baeeeb9-4bf7-4222-92d0-6b2e97611859/users HTTP/1.1
> Host: keygen-service.default.svc.cluster.local:3000
> User-Agent: curl/8.5.0
> Content-Type: application/vnd.api+json
> Accept: application/vnd.api+json
> Authorization: Bearer admin-49fa5539cd4bc91daa8777fd0ef4a21a9e34a8d4889e953a3f76af03abb50690v3
> Content-Length: 136
>
< HTTP/1.1 201 Created
< X-Frame-Options: SAMEORIGIN
< X-XSS-Protection: 0
< X-Content-Type-Options: nosniff
< X-Download-Options: noopen
< X-Permitted-Cross-Domain-Policies: none
< Referrer-Policy: strict-origin-when-cross-origin
< Content-Type: application/vnd.api+json; charset=utf-8
< Location: http://keygen-service.default.svc.cluster.local:3000/v1/accounts/5baeeeb9-4bf7-4222-92d0-6b2e97611859/users/88d40675-9a16-4a54-a24b-240a9a71e973
< Report-To: { "group": "csp-reports", "max_age": 10886400, "endpoints": [{ "url": "https://keygen-service.default.svc.cluster.local/-/csp-reports" }] }
< Content-Security-Policy: default-src 'none'; report-uri /-/csp-reports; report-to csp-reports;
< X-RateLimit-Window: 30s
< X-RateLimit-Count: 1
< X-RateLimit-Limit: 300
< X-RateLimit-Remaining: 299
< X-RateLimit-Reset: 1712302500
< Cache-Control: no-store
< Keygen-Account: 5baeeeb9-4bf7-4222-92d0-6b2e97611859
< Keygen-Bearer: 60f97a83-ba64-4322-95f3-7e89b4e4d736
< Keygen-Token: e2834103-d83e-4963-bd61-81b7481be273
< Keygen-Environment:
< Keygen-License:
< Keygen-Edition: CE
< Keygen-Mode: singleplayer
< Keygen-Version: 1.5
< X-Powered-By: Ruby, Rails, and a lot of coffee. (And the occasional Islay.)
< Date: Fri, 05 Apr 2024 07:34:50 GMT
< Digest: sha-256=PRjl1Xw+TL80nbhaO9Pd6y/fUyxqdDHmf6CdPONjQkA=
< Keygen-Signature: keyid="5baeeeb9-4bf7-4222-92d0-6b2e97611859", algorithm="ed25519", signature="rfh7a6J8vHgPOfrSWRmpLrhID8+ib6f1eVzKZHQ0teEqTlYTl0HxN19NPtUBPgH6vjKhEPaWvBUy/MZ6Ps8QBw==", headers="(request-target) host date digest"
< Keygen-Date: Fri, 05 Apr 2024 07:34:50 GMT
< Keygen-Digest: sha-256=PRjl1Xw+TL80nbhaO9Pd6y/fUyxqdDHmf6CdPONjQkA=
< X-Request-Id: 892377eb-c266-4724-bde9-083f54b453a9
< Vary: Origin
< Transfer-Encoding: chunked
<
{"data":{"id":"88d40675-9a16-4a54-a24b-240a9a71e973","type":"users","attributes":{"fullName":"John2 Doe2","firstName":"John2","lastName":"Doe2","email":"jdoe2@keygen.sh","status":"ACTIVE","role":"user","permissions":["arch.read","artifact.read","channel.read","component.create","component.delete","component.read","component.update","constraint.read","engine.read","entitlement.read","group.licenses.read","group.machines.read","group.owners.read","group.read","group.users.read","license.check-in","license.check-out","license.create","license.delete","license.policy.update","license.read","license.renew","license.revoke","license.usage.increment","license.validate","machine.check-out","machine.create","machine.delete","machine.heartbeat.ping","machine.proofs.generate","machine.read","machine.update","package.read","platform.read","process.create","process.delete","process.heartbeat.ping","process.read","process.update","release.download","release.read","release.upgrade","token.generate","token.read","token.regenerate","token.revoke","user.password.reset","user.password.update","user.read","user.second-factors.create","user.second-factors.delete","user.second-factors.read","user.second-factors.update","user.update"],"metadata":{},"created":"2024-04-05T07:34:50.251Z","updated":"2024-04-05T07:34:50.251Z"},"relationships":{"account":{"links":{"related":"/v1/accounts/5baeeeb9-4bf7-4222-92d0-6b2e97611859"},"data":{"type":"accounts","id":"5baeeeb9-4bf7-4222-92d0-6b2e97611859"}},"group":{"links":{"related":"/v1/accounts/5baeeeb9-4bf7-4222-92d0-6b2e97611859/users/88d40675-9a16-4a54-a24b-240a9a71e973/group"},"data":null},"products":{"links":{"related":"/v1/accounts/5baeeeb9-4bf7-4222-92d0-6b2e97611859/users/88d40675-9a16-4a54-a24b-240a9a71e973/products"}},"licenses":{"links":{"related":"/v1/accounts/5baeeeb9-4bf7-4222-92d0-6b2e97611859/users/88d40675-9a16-4a54-a24b-240a9a71e973/licenses"}},"machines":{"links":{"related":"/v1/accounts/5baeeeb9-4bf7-4222-92d0-6b2e97611859/users/88d40675-9a16-4a54-a24b-240a9a71e973/machines"}},"tokens":{"links":{"related":"/v1/accounts/5baeeeb9-4bf7-4222-92d0-6b2e97611859/users/88d40675-9a16-4a54-a24b-240a9a71e973/tokens"}},"secondFactors":{"links":{"related":"/v1/accounts/5baeeeb9-4bf7-4222-92d0-6b2e97611859/users/88d40675-9a16-4a54-a24b-240a9a71e973/second-factors"}}},"links":{"self":"/v1/accounts/5baeeeb9-4bf7-4222-92d0-6b2e97611859/users/88d40675-9a16-4a54-a24b-240a9a71e973"}}}* Connection #0 to host keygen-service.default.svc.cluster.local left intact
/app #
but when running the application from that container still getting the same NotFoundEndpoint response. Tried adding multiple KEYGEN_HOSTS and KEYGEN_SUBDOMAIN... but then even the stuff that worked are not working anymore.
Please advise...
If you're able to make the request from inside the container, but not outside, then this is an issue with your reverse proxy. Please read the documentation on reverse proxies thoroughly, namely this section:
*Your reverse proxy MUST be a well-behaved reverse proxy by setting all `X-Forwarded-` headers.** Keygen WILL NOT be accessible and WILL NOT operate correctly if your reverse proxy does not provide the following forwarding information:
X-Forwarded-Proto
is used to determine if the original request was over TLS before passing through a TSL-terminating reverse proxy.X-Forwarded-For
is used to determine the original client IP for rate limiting/logging purposes.X-Forwarded-Host
is used to determine the original host of the request.If your reverse proxy does not provide these headers, you MUST modify it to do so.
To me, it sounds like your reverse proxy is not sending the X-Forwarded-Host
header specifically.
Request URL: GET http://localhost:5173/keygensh/accounts/c7cb09ea-c2c1-4339-b904-fd4eacef7a91/users Response: code: "NOT_FOUND" detail: "The requested endpoint was not found (check your HTTP method, Accept header, and URL path)"
KeygenLog:
Please advise...
Example: