Unauthorized error for getting session

[yunsun330]

Preflight checklist

• [X] I could not find a solution in the existing issues, docs, nor discussions.
• [X] I agree to follow this project's Code of Conduct.
• [X] I have read and am following this repository's Contribution Guidelines.
• [X] This issue affects my Ory Cloud project.
• [X] I have joined the Ory Community Slack.
• [X] I am signed up to the Ory Security Patch Newsletter.

Describe the bug

Hello. I have integrated Ory Cloud in Rails project with ory-client I made proxy with ory cli and worked login and registration successfully I created project and got SDK configuration on ORY console. And set env variable ORY_SDK_URL with that on my local. I am trying to check session via api_instance.to_session, but gets unauthorized error This endpoint calls https://playground.projects.oryapis.com/ all the time. Would you help me how to create instance for my project which I created on ory console?

I set configuration like this:

OryClient.configure do |config|
  config.access_token = 'Personal_Access_Token'
  config.host = 'My_Project_Url'
end

And

api_instance = OryClient::V0alpha2Api.new

    opts = {
      x_session_token: nil,
      cookie: request.env['HTTP_COOKIE']
    }

    begin
      # Check Who the Current HTTP Session Belongs To
      result = api_instance.to_session(opts)
      p result
    rescue OryClient::ApiError => e
      puts "Error when calling V0alpha2Api->to_session: #{e}"
    end

But got error HTTP status code: 401 Response headers: {"Date"=>"Fri, 01 Apr 2022 09:54:29 GMT", "Content-Type"=>"application/json", "Content-Length"=>"186", "Connection"=>"keep-alive", "cache-control"=>"private, no-cache, no-store, must-revalidate", "vary"=>"Origin,Cookie", "CF-Cache-Status"=>"DYNAMIC", "Expect-CT"=>"max-age=604800, report-uri=\"https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct\"", "Set-Cookie"=>"__cflb=0pg1RbZMZcQY6KwtZw8ZHrqdVBkfNrHJsczBvGfV; SameSite=None; Secure; path=/; expires=Fri, 01-Apr-22 10:54:29 GMT; HttpOnly", "Server"=>"cloudflare", "CF-RAY"=>"6f507192aa59f55d-SEA", "alt-svc"=>"h3=\":443\"; ma=86400, h3-29=\":443\"; ma=86400"} Response body: {"error":{"code":401,"status":"Unauthorized","request":"9fd4c275-2ca9-98ca-b1a7-a205a5175aa9","reason":"No valid session cookie found.","message":"The request could not be authorized"}} ETHON: performed EASY effective_url=https://playground.projects.oryapis.com/sessions/whoami response_code=401 return_code=ok total_time=0.75955 Error when calling V0alpha2Api->to_session_with_http_info: Error message: the server returns an error

Reproducing the bug

You can check on this link: https://ory-community.slack.com/archives/C02MR4DEEGH/p1648814785876499

Relevant log output

No response

Relevant configuration

No response

Version

Ruby 2.6.5, Rails 5.6.5

On which operating system are you observing this issue?

No response

In which environment are you deploying?

No response

Additional Context

No response

[aeneasr]

@gen1us2k could you maybe take a look at this? It looks like some config value is set incorrectly, as it uses the playground instead of the user‘s URL?

[aeneasr]

@yunsun330 the SDK does not support env vars, make sure you pass your SDK URL to the python SDK configuration:)

[yunsun330]

@aeneasr I am integrating ory on Ruby on Rails I am not sure to pass SDK URL to the Python SDK configuration Would you tell me in detail? Thanks

[aeneasr]

I believe @gen1us2k found how to fix it on Slack?

[gen1us2k]

Yep. I recommended a workaround by calling sessions/whoami endpoint using ruby HTTP client. The bug exists and actually, I don't know how to debug/fix it.

[yunsun330]

Thanks for your reply I got sessions with sessions/whoami api https://www.ory.sh/docs/kratos/reference/api#operation/toSession But I need to integrate logout and customize authentication ui apis on ruby on rails Would you help me integrate them in detail?

[aeneasr]

@gen1us2k is there an issue for the Ruby client? If yes, can you please link it for some context?

[gen1us2k]

require 'time'
require 'ory-client'
# setup authorization
OryClient.configure do |config|
  # Configure Bearer authorization: oryAccessToken
  config.scheme = "https"
  config.host = "auth.gen1us2k.com"
  config.base_path=""
  config.debugging = true
end

api_instance = OryClient::V0alpha2Api.new

begin
  # Create an Identity
  cookie = "ory_session_lovingturinguo2cv9nlhi=MTY0OTA2ODI2MHwwNmY1d1NzbnhFYnNMLWN6V1ZrTExGekFZaElKWC1MazBHSlBkNFJNM3VicTZ5d0oyZEx6QTZtajUwQ01EZ2Y5Ri1hRzV4ZnRpb095OUlHeDYtRUdFMEtvYXNMYUtvNjdZMnYwdWJBOEpmRjhkTE1SbUoxTGpGMDhCWnBrelZPM2JnZzd3NGlUYnc9PXxdHkHsMemULre3MmmARWH0O6WSxHsCdnFK_TWtmDaJUg=="
  opts = {cookie:cookie}
  p api_instance
  result = api_instance.to_session(opts)
  p result

  p result
rescue OryClient::ApiError => e
  puts "Error when calling V0alpha2Api->admin_create_identity: #{e}"
end

Here's an example of how to reproduce the issue. Ory Ruby SDK always uses playground URL, and it's impossible to configure a host

[0xHexE]

+1.

I am facing the same issue it is always uses playground URL even after configuration.