Publisher login problem. Cannot read property "length" from undefined

wso2 / product-apim

Welcome to the WSO2 API Manager source code! For info on working with the WSO2 API Manager repository and contributing code, click the link below.

http://wso2.github.io/

Apache License 2.0

846 stars 785 forks source link

Publisher login problem. Cannot read property "length" from undefined #7254

Closed grego9 closed 4 years ago

grego9 commented 4 years ago

Hi. I am trying to configure an Active-Active deployment as in here

I have already setup two nodes and nginx community as the reverse proxy/balancer.

Both /carbon and /devportal work great, but whenever I try to login on publisher, I got a blank page, and the following error in the log:

ERROR - WebAppManager org.mozilla.javascript.EcmaError: TypeError: Cannot read property "length" from undefined (/publisher/services/login/login_callback.jag#53) org.jaggeryjs.scriptengine.exceptions.ScriptException: org.mozilla.javascript.EcmaError: TypeError: Cannot read property "length" from undefined (/publisher/services/login/login_callback.jag#53)

This is my SP callback url for publisher:

regexp=(https://mywso2cluster.com/publisher/services/auth/callback/login|https://mywso2cluster.com/publisher/services/auth/callback/logout)

Thank you

malinthaprasan commented 4 years ago

Publisher app tries to get a token for invoking its internal API and it seems that token call is failing [1].

Can you please add below lines inside the file repository/deployment/server/jaggeryapps/publisher/services/login/login_callback.jag just after the line var result = post(tokenEndpoint, tokenRequestData, {"Authorization": "Basic " + base64encoded});

    var log = new Log();
    log.error(result);

After adding it:

    var result = post(tokenEndpoint, tokenRequestData, {"Authorization": "Basic " + base64encoded});
    var log = new Log();
    log.error(result);
    response.contentType = "application/json";

Retry the login and check the server's logs for a similar log as below. Let us know what you see there.

ERROR - login_callback:jag {"data" : "{\"...

[1] https://github.com/wso2/carbon-apimgt/blob/v6.5.349/features/apimgt/org.wso2.carbon.apimgt.publisher.feature/src/main/resources/publisher/services/login/login_callback.jag#L53

grego9 commented 4 years ago

Thanks! After adding those lines it shows:

[2020-01-16 09:30:18,748] ERROR - login_callback:jag {"data" : "{\"error_description\":\"Client Authentication failed.\",\"error\":\"invalid_client\"}", "xhr" : {}} [2020-01-16 09:30:18,758] ERROR - WebAppManager org.mozilla.javascript.EcmaError: TypeError: Cannot read property "length" from undefined (/publisher/services/login/login_callback.jag#55) org.jaggeryjs.scriptengine.exceptions.ScriptException: org.mozilla.javascript.EcmaError: TypeError: Cannot read property "length" from undefined (/publisher/services/login/login_callback.jag#55)

That invalid client maybe some lost/misconfigured header?

tmkasun commented 4 years ago

Hi @grego9,

{
  "data": "{\"error_description\":\"Client Authentication failed.\",\"error\":\"invalid_client\"}",
  "xhr": {}
}

In the error logs, It says Invalid_client, This could happen if you revoke or re-create the admin_apim_publisher service provider via carbon console

Have you done any changes to admin_apim_publisher SP via carbon console (Other than changing the callback URL ) ?

grego9 commented 4 years ago

Hi @tmkasun,

Yes, I did . When a I ran out of ideas before posting here, I regenerated the secret for the OAuth Client Key. This is a new installation, so I don't mind if I have to reinstall, but, if the is a way to solve this, that would be awesome.

Thanks

tmkasun commented 4 years ago

Hi @grego9 ,

That's the reason, You should not have changed the secret or key in any case, This SP is a system generated one and we have cached some of its properties in web apps to improve the performance.

grego9 commented 4 years ago

Hi @tmkasun

Oh, that makes sense. Guess I'll reinstall and make sure to not change the secret.

Thank you for your time

kshaa commented 4 years ago

@tmkasun I had a deployment succesfully running for more than 4 months I'd say. Then out of nowhere (or because of some obscure bug) /devportal/ login page started showing invalid_client: Cannot find an application associated with the given consumer key : XXX.

I checked out the Service Provider OAuth2 client_id and client_secret values and unfortunately client_secret was empty. Any ideas how such a thing could happen? Possibly #7400 is related.

kshaa commented 4 years ago

And more importantly - is there a way to recover from such a situation without starting with a fresh instance w/ no data?

nikhilsg-git commented 3 years ago

Hi @tmkasun Is there a way to resolve this , without re-installing the application?