search

openid-certification / oidctest

THE CERTIFICATION TEST SUITE HAS BEEN MIGRATED TO A NEW SERVICE https://www.certificatinon.openid.net
Other
49 stars 15 forks source link

rp-backchannel-rpinitlogout: deal with unaccessible logout endpoint #190

Closed zandbelt closed 4 years ago

zandbelt commented 4 years ago

A logout attempt that fails because the URL is not accessible on the backchannel, results in the browser displaying:

Unrecoverable error in the server.

and a server side stacktrace as below at [1]; to avoid repeated helpdesk overload I believe it is imperative that this type of error is handled more gracefully and clearly explains to the tester about the unaccessible endpoint.

[1]

2019-10-09 06:34:12,074 oic.oic.provider:INFO logging out from BVGKEW5kUJCK at https://localhost.zmartzone.eu/protected/?logout=backchannel 2019-10-09 06:34:12,075 urllib3.connectionpool:DEBUG Starting new HTTPS connection (1): localhost.zmartzone.eu:443 2019-10-09 06:34:12,078 oic.oauth2.base:ERROR http_request failed: HTTPSConnectionPool(host='localhost.zmartzone.eu', port=443): Max retries exceeded with url: /protected/?logout=backchannel (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7fa9ef6c36a0>: Failed to establish a new connection: [Errno 111] Connection refused',)), url: https://localhost.zmartzone.eu/protected/?logout=backchannel, htargs: {'allow_redirects': False, 'cert': None, 'verify': False, 'timeout': 5, 'data': 'logout_token=eyJhbGciOiJSUzI1NiIsImtpZCI6ImxtV25EanduTFV4NUV4WlU4UVBkZnBxNmJ2TjZrRTJFVklYUFYzZWhlLUkifQ.eyJpc3MiOiAiaHR0cHM6Ly9ycC10ZXN0OjgwODAvbW9kX2F1dGhfb3BlbmlkYy1jb2RlL3JwLWJhY2tjaGFubmVsLXJwaW5pdGxvZ291dCIsICJpYXQiOiAxNTcwNjAyODUyLCAiZXhwIjogMTU3MDY4OTI1MiwgImtpZCI6ICJsbVduRGp3bkxVeDVFeFpVOFFQZGZwcTZidk42a0UyRVZJWFBWM2VoZS1JIiwgImF1ZCI6IFsiQlZHS0VXNWtVSkNLIl0sICJzdWIiOiAiMWIyZmM5MzQxYTE2YWU0ZTMwMDgyOTY1ZDUzN2FlNDdjMjFhMGYyN2ZkNDNlYWI3ODMzMGVkODE3NTFhZTZkYiIsICJzaWQiOiAiZDgxMGNhMTU3ZThmMmE4YjA5NzNlNGYxOTYxMTgyNDA5OWViZjU5OTRlODE0MzYyY2U0Zjc0YjAiLCAiZXZlbnRzIjogeyJodHRwOi8vc2NoZW1hcy5vcGVuaWQubmV0L2V2ZW50L2JhY2tjaGFubmVsLWxvZ291dCI6IHt9fSwgImp0aSI6ICI1MGMyYWU0YWU1ZjA0MTRhYjk4ZTUzYTcyZjk2MzVjMSJ9.M7_FGehntEueoHPL9Aj-rVt8lZt7bu1t1nKvTK9ZxYswyNG0Nln9oeVkwORaQI3aOdO6nVZeypqI5onid8fkO16E6DUMXzBAjV1HcHBAZQm0vuj-h6hIU-W1ogveuX1BusLg297i2aFR3oQf9xzd3BxyYYpWXaAh5QdNVW1v4g_cSkbZpdfuBypepIR1G7eRxdm3ol-3X9QEMpc4i68UGcYWdstquMHOV6D7u6CzePpFHo7xOMJt-h-4HPh1le2Oyesc8lSylA0R2WAE_SF23Js9BLrLW4Qf_9BhG_AI2I5AgK06N_6gCoqY4eM29eg-7WTgQeINPcagfk3qjsyTlA'}, method: POST 2019-10-09 06:34:12,078 oidctest.cp.op:ERROR HTTPSConnectionPool(host='localhost.zmartzone.eu', port=443): Max retries exceeded with url: /protected/?logout=backchannel (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7fa9ef6c36a0>: Failed to establish a new connection: [Errno 111] Connection refused',)) Traceback (most recent call last): File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/connection.py", line 157, in _new_conn (self._dns_host, self.port), self.timeout, **extra_kw File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/util/connection.py", line 84, in create_connection raise err File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/util/connection.py", line 74, in create_connection sock.connect(sa) ConnectionRefusedError: [Errno 111] Connection refused

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/connectionpool.py", line 672, in urlopen chunked=chunked, File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/connectionpool.py", line 376, in _make_request self._validate_conn(conn) File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/connectionpool.py", line 994, in _validate_conn conn.connect() File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/connection.py", line 334, in connect conn = self._new_conn() File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/connection.py", line 169, in _new_conn self, "Failed to establish a new connection: %s" % e urllib3.exceptions.NewConnectionError: <urllib3.connection.VerifiedHTTPSConnection object at 0x7fa9ef6c36a0>: Failed to establish a new connection: [Errno 111] Connection refused

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "/usr/local/lib/python3.6/dist-packages/requests-2.22.0-py3.6.egg/requests/adapters.py", line 449, in send timeout=timeout File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/connectionpool.py", line 720, in urlopen method, url, error=e, _pool=self, _stacktrace=sys.exc_info()[2] File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/util/retry.py", line 436, in increment raise MaxRetryError(_pool, url, error or ResponseError(cause)) urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='localhost.zmartzone.eu', port=443): Max retries exceeded with url: /protected/?logout=backchannel (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7fa9ef6c36a0>: Failed to establish a new connection: [Errno 111] Connection refused',))

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "/usr/local/lib/python3.6/dist-packages/oidctest-0.8.2-py3.6.egg/oidctest/cp/op.py", line 423, in index res = op.do_verified_logout(alla=True, _info) File "/usr/local/lib/python3.6/dist-packages/oic-0.15.1-py3.6.egg/oic/oic/provider.py", line 2223, in do_verified_logout _url, 'POST', data="logout_token={}".format(sjwt)) File "/usr/local/lib/python3.6/dist-packages/oic-0.15.1-py3.6.egg/oic/oauth2/base.py", line 93, in http_request r = requests.request(method, url, _kwargs) File "/usr/local/lib/python3.6/dist-packages/requests-2.22.0-py3.6.egg/requests/api.py", line 60, in request return session.request(method=method, url=url, kwargs) File "/usr/local/lib/python3.6/dist-packages/requests-2.22.0-py3.6.egg/requests/sessions.py", line 533, in request resp = self.send(prep, send_kwargs) File "/usr/local/lib/python3.6/dist-packages/requests-2.22.0-py3.6.egg/requests/sessions.py", line 646, in send r = adapter.send(request, kwargs) File "/usr/local/lib/python3.6/dist-packages/requests-2.22.0-py3.6.egg/requests/adapters.py", line 516, in send raise ConnectionError(e, request=request) requests.exceptions.ConnectionError: HTTPSConnectionPool(host='localhost.zmartzone.eu', port=443): Max retries exceeded with url: /protected/?logout=backchannel (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7fa9ef6c36a0>: Failed to establish a new connection: [Errno 111] Connection refused',)) 2019-10-09 06:34:12,078 cherrypy.error.140367853023584:ERROR [09/Oct/2019:06:34:12] HTTP Traceback (most recent call last): File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/connection.py", line 157, in _new_conn (self._dns_host, self.port), self.timeout, extra_kw File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/util/connection.py", line 84, in create_connection raise err File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/util/connection.py", line 74, in create_connection sock.connect(sa) ConnectionRefusedError: [Errno 111] Connection refused

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/connectionpool.py", line 672, in urlopen chunked=chunked, File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/connectionpool.py", line 376, in _make_request self._validate_conn(conn) File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/connectionpool.py", line 994, in _validate_conn conn.connect() File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/connection.py", line 334, in connect conn = self._new_conn() File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/connection.py", line 169, in _new_conn self, "Failed to establish a new connection: %s" % e urllib3.exceptions.NewConnectionError: <urllib3.connection.VerifiedHTTPSConnection object at 0x7fa9ef6c36a0>: Failed to establish a new connection: [Errno 111] Connection refused

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "/usr/local/lib/python3.6/dist-packages/requests-2.22.0-py3.6.egg/requests/adapters.py", line 449, in send timeout=timeout File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/connectionpool.py", line 720, in urlopen method, url, error=e, _pool=self, _stacktrace=sys.exc_info()[2] File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/util/retry.py", line 436, in increment raise MaxRetryError(_pool, url, error or ResponseError(cause)) urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='localhost.zmartzone.eu', port=443): Max retries exceeded with url: /protected/?logout=backchannel (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7fa9ef6c36a0>: Failed to establish a new connection: [Errno 111] Connection refused',))

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "/usr/local/lib/python3.6/dist-packages/oidctest-0.8.2-py3.6.egg/oidctest/cp/op.py", line 423, in index res = op.do_verified_logout(alla=True, _info) File "/usr/local/lib/python3.6/dist-packages/oic-0.15.1-py3.6.egg/oic/oic/provider.py", line 2223, in do_verified_logout _url, 'POST', data="logout_token={}".format(sjwt)) File "/usr/local/lib/python3.6/dist-packages/oic-0.15.1-py3.6.egg/oic/oauth2/base.py", line 93, in http_request r = requests.request(method, url, _kwargs) File "/usr/local/lib/python3.6/dist-packages/requests-2.22.0-py3.6.egg/requests/api.py", line 60, in request return session.request(method=method, url=url, kwargs) File "/usr/local/lib/python3.6/dist-packages/requests-2.22.0-py3.6.egg/requests/sessions.py", line 533, in request resp = self.send(prep, send_kwargs) File "/usr/local/lib/python3.6/dist-packages/requests-2.22.0-py3.6.egg/requests/sessions.py", line 646, in send r = adapter.send(request, **kwargs) File "/usr/local/lib/python3.6/dist-packages/requests-2.22.0-py3.6.egg/requests/adapters.py", line 516, in send raise ConnectionError(e, request=request) requests.exceptions.ConnectionError: HTTPSConnectionPool(host='localhost.zmartzone.eu', port=443): Max retries exceeded with url: /protected/?logout=backchannel (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7fa9ef6c36a0>: Failed to establish a new connection: [Errno 111] Connection refused',))

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "/usr/local/lib/python3.6/dist-packages/CherryPy-8.9.1-py3.6.egg/cherrypy/_cprequest.py", line 670, in respond response.body = self.handler() File "/usr/local/lib/python3.6/dist-packages/CherryPy-8.9.1-py3.6.egg/cherrypy/lib/encoding.py", line 220, in call self.body = self.oldhandler(*args, *kwargs) File "/usr/local/lib/python3.6/dist-packages/CherryPy-8.9.1-py3.6.egg/cherrypy/_cpdispatch.py", line 60, in call return self.callable(self.args, **self.kwargs) File "/usr/local/lib/python3.6/dist-packages/oidctest-0.8.2-py3.6.egg/oidctest/cp/op.py", line 426, in index raise cherrypy.HTTPError(message=err) cherrypy._cperror.HTTPError: (500, ConnectionError(MaxRetryError("HTTPSConnectionPool(host='localhost.zmartzone.eu', port=443): Max retries exceeded with url: /protected/?logout=backchannel (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7fa9ef6c36a0>: Failed to establish a new connection: [Errno 111] Connection refused',))",),))

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "/usr/local/lib/python3.6/dist-packages/CherryPy-8.9.1-py3.6.egg/cherrypy/_cprequest.py", line 678, in respond inst.set_response() File "/usr/local/lib/python3.6/dist-packages/CherryPy-8.9.1-py3.6.egg/cherrypy/_cperror.py", line 405, in set_response message=self._message) File "/usr/local/lib/python3.6/dist-packages/CherryPy-8.9.1-py3.6.egg/cherrypy/_cperror.py", line 411, in get_error_page return get_error_page(*args, kwargs) File "/usr/local/lib/python3.6/dist-packages/CherryPy-8.9.1-py3.6.egg/cherrypy/_cperror.py", line 505, in get_error_page kwargs[k] = escape_html(kwargs[k]) File "/usr/local/lib/python3.6/dist-packages/CherryPy-8.9.1-py3.6.egg/cherrypy/_cpcompat.py", line 350, in escape_html return escape(s, quote=escape_quote) File "/usr/lib/python3.6/html/init.py", line 19, in escape s = s.replace("&", "&") # Must be done first! AttributeError: 'ConnectionError' object has no attribute 'replace' 2019-10-09 06:34:12,078 cherrypy.error.140367853023584:ERROR [09/Oct/2019:06:34:12]
Traceback (most recent call last): File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/connection.py", line 157, in _new_conn (self._dns_host, self.port), self.timeout, extra_kw File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/util/connection.py", line 84, in create_connection raise err File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/util/connection.py", line 74, in create_connection sock.connect(sa) ConnectionRefusedError: [Errno 111] Connection refused

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/connectionpool.py", line 672, in urlopen chunked=chunked, File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/connectionpool.py", line 376, in _make_request self._validate_conn(conn) File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/connectionpool.py", line 994, in _validate_conn conn.connect() File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/connection.py", line 334, in connect conn = self._new_conn() File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/connection.py", line 169, in _new_conn self, "Failed to establish a new connection: %s" % e urllib3.exceptions.NewConnectionError: <urllib3.connection.VerifiedHTTPSConnection object at 0x7fa9ef6c36a0>: Failed to establish a new connection: [Errno 111] Connection refused

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "/usr/local/lib/python3.6/dist-packages/requests-2.22.0-py3.6.egg/requests/adapters.py", line 449, in send timeout=timeout File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/connectionpool.py", line 720, in urlopen method, url, error=e, _pool=self, _stacktrace=sys.exc_info()[2] File "/usr/local/lib/python3.6/dist-packages/urllib3-1.25.6-py3.6.egg/urllib3/util/retry.py", line 436, in increment raise MaxRetryError(_pool, url, error or ResponseError(cause)) urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='localhost.zmartzone.eu', port=443): Max retries exceeded with url: /protected/?logout=backchannel (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7fa9ef6c36a0>: Failed to establish a new connection: [Errno 111] Connection refused',))

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "/usr/local/lib/python3.6/dist-packages/oidctest-0.8.2-py3.6.egg/oidctest/cp/op.py", line 423, in index res = op.do_verified_logout(alla=True, _info) File "/usr/local/lib/python3.6/dist-packages/oic-0.15.1-py3.6.egg/oic/oic/provider.py", line 2223, in do_verified_logout _url, 'POST', data="logout_token={}".format(sjwt)) File "/usr/local/lib/python3.6/dist-packages/oic-0.15.1-py3.6.egg/oic/oauth2/base.py", line 93, in http_request r = requests.request(method, url, _kwargs) File "/usr/local/lib/python3.6/dist-packages/requests-2.22.0-py3.6.egg/requests/api.py", line 60, in request return session.request(method=method, url=url, kwargs) File "/usr/local/lib/python3.6/dist-packages/requests-2.22.0-py3.6.egg/requests/sessions.py", line 533, in request resp = self.send(prep, send_kwargs) File "/usr/local/lib/python3.6/dist-packages/requests-2.22.0-py3.6.egg/requests/sessions.py", line 646, in send r = adapter.send(request, **kwargs) File "/usr/local/lib/python3.6/dist-packages/requests-2.22.0-py3.6.egg/requests/adapters.py", line 516, in send raise ConnectionError(e, request=request) requests.exceptions.ConnectionError: HTTPSConnectionPool(host='localhost.zmartzone.eu', port=443): Max retries exceeded with url: /protected/?logout=backchannel (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7fa9ef6c36a0>: Failed to establish a new connection: [Errno 111] Connection refused',))

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "/usr/local/lib/python3.6/dist-packages/CherryPy-8.9.1-py3.6.egg/cherrypy/_cprequest.py", line 670, in respond response.body = self.handler() File "/usr/local/lib/python3.6/dist-packages/CherryPy-8.9.1-py3.6.egg/cherrypy/lib/encoding.py", line 220, in call self.body = self.oldhandler(*args, *kwargs) File "/usr/local/lib/python3.6/dist-packages/CherryPy-8.9.1-py3.6.egg/cherrypy/_cpdispatch.py", line 60, in call return self.callable(self.args, **self.kwargs) File "/usr/local/lib/python3.6/dist-packages/oidctest-0.8.2-py3.6.egg/oidctest/cp/op.py", line 426, in index raise cherrypy.HTTPError(message=err) cherrypy._cperror.HTTPError: (500, ConnectionError(MaxRetryError("HTTPSConnectionPool(host='localhost.zmartzone.eu', port=443): Max retries exceeded with url: /protected/?logout=backchannel (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7fa9ef6c36a0>: Failed to establish a new connection: [Errno 111] Connection refused',))",),))

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "/usr/local/lib/python3.6/dist-packages/CherryPy-8.9.1-py3.6.egg/cherrypy/_cprequest.py", line 678, in respond inst.set_response() File "/usr/local/lib/python3.6/dist-packages/CherryPy-8.9.1-py3.6.egg/cherrypy/_cperror.py", line 405, in set_response message=self._message) File "/usr/local/lib/python3.6/dist-packages/CherryPy-8.9.1-py3.6.egg/cherrypy/_cperror.py", line 411, in get_error_page return get_error_page(*args, **kwargs) File "/usr/local/lib/python3.6/dist-packages/CherryPy-8.9.1-py3.6.egg/cherrypy/_cperror.py", line 505, in get_error_page kwargs[k] = escape_html(kwargs[k]) File "/usr/local/lib/python3.6/dist-packages/CherryPy-8.9.1-py3.6.egg/cherrypy/_cpcompat.py", line 350, in escape_html return escape(s, quote=escape_quote) File "/usr/lib/python3.6/html/init.py", line 19, in escape s = s.replace("&", "&") # Must be done first! AttributeError: 'ConnectionError' object has no attribute 'replace'

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "/usr/local/lib/python3.6/dist-packages/CherryPy-8.9.1-py3.6.egg/cherrypy/_cprequest.py", line 589, in run self.respond(pi) File "/usr/local/lib/python3.6/dist-packages/CherryPy-8.9.1-py3.6.egg/cherrypy/_cprequest.py", line 690, in respond self.handle_error() File "/usr/local/lib/python3.6/dist-packages/CherryPy-8.9.1-py3.6.egg/cherrypy/_cprequest.py", line 767, in handle_error self.error_response() File "/usr/local/lib/python3.6/dist-packages/oidctest-0.8.2-py3.6.egg/oidctest/cp/op.py", line 33, in handle_error "Sorry, an error occured" File "/usr/local/lib/python3.6/dist-packages/CherryPy-8.9.1-py3.6.egg/cherrypy/init.py", line 239, in setattr setattr(child, name, value) File "/usr/local/lib/python3.6/dist-packages/CherryPy-8.9.1-py3.6.egg/cherrypy/_cprequest.py", line 831, in set raise ValueError(self.unicode_err) ValueError: Page handlers MUST return bytes. Use tools.encode if you wish to return unicode.

rohe commented 4 years ago

So, to properly fix this I should do it in pyOIDC. Which has to wait until I get my PRs accepted.

rohe commented 4 years ago

Should be resolved now.

zandbelt commented 4 years ago

I currently cannot verify this because it is blocked on the "cookie issue", which then apparently was introduced after later changes.

rohe commented 4 years ago

It was hidden behind :-/

zandbelt commented 4 years ago

now it is a bit too friendly, I guess, because even when the backchannel call fails, the code continues and declares the user logged out:

2019-11-11 09:02:36,814 oic.oic.provider:INFO logging out from 4VaeQniRQB9U at https://localhost.zmartzone.eu:444/protected/?logout=backchannel 2019-11-11 09:02:36,815 urllib3.connectionpool:DEBUG Starting new HTTPS connection (1): localhost.zmartzone.eu:444 2019-11-11 09:02:36,817 oic.oauth2.base:ERROR http_request failed: HTTPSConnectionPool(host='localhost.zmartzone.eu', port=444): Max retries exceeded with url: /protected/?logout=backchannel (Caused by NewConnectionError('<urllib3.connection.VerifiedHTTPSConnection object at 0x7fc9401956a0>: Failed to establish a new connection: [Errno 111] Connection refused',)), url: https://localhost.zmartzone.eu:444/protected/?logout=backchannel, htargs: {'allow_redirects': False, 'cert': None, 'verify': False, 'timeout': 5, 'data': 'logout_token=eyJhbGciOiJSUzI1NiIsImtpZCI6ImFyVDJiVDgwY1N5SDhCZzQ5cHFzeFVfWktkaTE5d3BfUjA5bEF0V1JqeVkifQ.eyJpc3MiOiAiaHR0cHM6Ly9ycC10ZXN0OjgwODAvbW9kX2F1dGhfb3BlbmlkYy1jb2RlL3JwLWJhY2tjaGFubmVsLXJwaW5pdGxvZ291dCIsICJpYXQiOiAxNTczNDYyOTU2LCAiZXhwIjogMTU3MzU0OTM1NiwgImtpZCI6ICJhclQyYlQ4MGNTeUg4Qmc0OXBxc3hVX1pLZGkxOXdwX1IwOWxBdFdSanlZIiwgImF1ZCI6IFsiNFZhZVFuaVJRQjlVIl0sICJzdWIiOiAiMWIyZmM5MzQxYTE2YWU0ZTMwMDgyOTY1ZDUzN2FlNDdjMjFhMGYyN2ZkNDNlYWI3ODMzMGVkODE3NTFhZTZkYiIsICJzaWQiOiAiMDkxMjZmMDZhZTAzOGExY2Q0MDEyOTg1MDdlNmI4YmViOWQxZmZhYTc0ZDRkMzdhMjYzYmMwMTAiLCAiZXZlbnRzIjogeyJodHRwOi8vc2NoZW1hcy5vcGVuaWQubmV0L2V2ZW50L2JhY2tjaGFubmVsLWxvZ291dCI6IHt9fSwgImp0aSI6ICJjNWNjNjA5YjZjM2Y0MGQ0ODNjNzE1ZDkxYzY2MGU3NyJ9.pt-87djk4KarMLUrneDPbEE2YR7RNsaHAkY2W9aQKq3INZtszUvJCJcojDxFkzwfVJkgv9sAFrdN5F2RHHo6RNO7hRlJlAGWLN66GYCugw_hi6VcQ_mIgu5nq-1Rm-TPUao3OfApgT4RytIv7OsRzuIzJ8Ll052wyJhQM9PyFbj66svCTazowuTNOJLHbIesPjAVHT9Wl-P6UWMPBh8eAgOiB9rHLypBRGlOwnzDlGRotx6rtuv3-1YfqAb4Wc3o4UGF2WNYVn6egtw7N3bZADeuyqXq4M5TLWRr8zEMXil0L7ecC3dbuKjDnRNCZbu2d10CDrZ7D-kHEYdACiqeyQ'}, method: POST 2019-11-11 09:02:36,817 oic.oic.provider:ERROR failed to logout from 4VaeQniRQB9U 2019-11-11 09:02:36,817 cherrypy.access.140502637085976:INFO 192.168.16.1 - - [11/Nov/2019:09:02:36] "GET /mod_auth_openidc-code/rp-backchannel-rpinitlogout/logout?sjwt=eyJhbGciOiJSUzI1NiIsImtpZCI6ImFyVDJiVDgwY1N5SDhCZzQ5cHFzeFVfWktkaTE5d3BfUjA5bEF0V1JqeVkifQ.eyJpc3MiOiAiaHR0cHM6Ly9ycC10ZXN0OjgwODAvbW9kX2F1dGhfb3BlbmlkYy1jb2RlL3JwLWJhY2tjaGFubmVsLXJwaW5pdGxvZ291dCIsICJpYXQiOiAxNTczNDYyOTU2LCAiZXhwIjogMTU3MzU0OTM1NiwgImtpZCI6ICJhclQyYlQ4MGNTeUg4Qmc0OXBxc3hVX1pLZGkxOXdwX1IwOWxBdFdSanlZIiwgImF1ZCI6IFsiaHR0cHM6Ly9ycC10ZXN0OjgwODAvbW9kX2F1dGhfb3BlbmlkYy1jb2RlL3JwLWJhY2tjaGFubmVsLXJwaW5pdGxvZ291dCJdLCAidWlkIjogImRpYW5hIiwgImNsaWVudF9pZCI6ICI0VmFlUW5pUlFCOVUiLCAicmVkaXJlY3RfdXJpIjogImh0dHBzOi8vbG9jYWxob3N0LnptYXJ0em9uZS5ldS9sb2dnZWRvdXQuaHRtbCIsICJzaWQiOiAiMDkxMjZmMDZhZTAzOGExY2Q0MDEyOTg1MDdlNmI4YmViOWQxZmZhYTc0ZDRkMzdhMjYzYmMwMTAiLCAianRpIjogIjA2NWUxZDA5NWYzYjQzNWU5MDBmNjkzOTAxYzdmMGM5In0.dGSt7C34AdmwGvI9gl95zIn6NmK_TE-qaWm3uKjTRhC_x4a3i8UzMmL9NMUO_Dc1uuEar3hnu78lq4Du4vSxoLbHk-GnPuARSZh6HKuI3wdQdfN1yGGjXPZqjt350-ea8Zexds8cyJBJ6WKPwxoMoWo28W46lgOM-JleQ8O2MN9rg1osXdcGyOApRh1Y5WGAOVlsnURhZEa8auyDT_mZQhLnCa4hc4QlGR4dMbmZky90PChlzwK6Xa5Wn5nGl87XGky6yumKLIoo0SGqDJGSyg1MHJnIxyTZCYe76lL_ovyBRfEteZgHsDDEVQbz4zkKBUpAKwWAXurXaMvjsSLU5g HTTP/1.1" 200 826 "" "curl/7.66.0"

rohe commented 4 years ago

Hmm, that was not optimal.

rohe commented 4 years ago

Checked in a remedy.

zandbelt commented 4 years ago

it is better now as it displays:

500 Internal Server Error
Backchannel logout failed. No Frontchannel logout defined