Comments (5)
garcianavalon
commented on June 19, 2024
Hi,
Check that the 'pepproxy' user exists in Keystone. If I recall correctly, the default installation won't create any user for the PEP Proxy to use, you have to create one yourself.
If you are using the last version of the IdM, I added an option in the application detail page to automatically register a PEP Proxy for your application. You can find it right over the OAuth2.0 Credentials panel.
Let me know if this solves the issue.
Cheers,
Enrique
from fiware-pep-proxy.
j99ht
commented on June 19, 2024
Hi Enrique,
pepproxy exists in Keystone, see below
| pepproxy | pepproxy | {"username": "pepproxy", "description": "pepproxy", "email": "[email protected]"} | $6$rounds=40000$uH4kerx8dq5Mar6G$FxjngArx2Fgj5eRJI.FJcqcdqPio8dtC7M8FM5oU1x/e1BB/pZSKEaOW3Y0NArruRnhVVSIS8WXdrC6G4.oSi/ | 1 | default | 529e3c7b3e364f8c8c59d331a8a75b58 |
And in IDM appears this as a PEP Proxy, should I remove it? I guess this is a default PEP
Thanks
from fiware-pep-proxy.
garcianavalon
commented on June 19, 2024
I guess you can use any of the two pepproxy users. I would use the one created in the application page, as is the new intended behaviour, but thats up to you.
Can you successfully authenticate against Keystone with the configured PEP Proxy user? It looks like this is working fine, but just to be sure.
Another possible mistake is that you might be using a Keystone token when you have the 'oauth2' token engine configured. Make sure the token you are using to authenticate your call against the PEP Proxy is the OAuth2.0 token provided ("access_token": "0xDy1ebB13V1VNJ35boJkBdjxwrmgE"). It can be tricky to work with the two types of tokens and is easy to mix them.
As a side note, be careful not to accidentally reveal your OAuth2.0 secret! As you are running in localhost I don't think there is any problem but be careful ;)
Cheers,
Enrique
from fiware-pep-proxy.
j99ht
commented on June 19, 2024
Thanks Enrique. I guess what the mistake is. I was using refresh_token not access_token.
By the way, what is the purpose of refresh_token?
Thanks for your help
from fiware-pep-proxy.
garcianavalon
commented on June 19, 2024
Refresh token is a long lasting credential that allows you to obtain a new access token once the first one is expired with out needing to go through the whole OAuth2.0 flow again. It has a validity of around 2 weeks and once used to obtain a new access token is invalidated. You should keep it secret ;)
I'm glad its working, I'll close the issue then.
Best regards,
Enrique
from fiware-pep-proxy.
Related Issues (20)
- protect orion HOT 1
- doubt about pep proxy HOT 1
- HTTPS port not working in v7.9 HOT 1
- Access token expired
- harmonize Environment variable
- Docker Tag 8.2.0 missing on dockerhub (for idm as well) HOT 2
- Authorization Headers and Cache
- Docker versions of 8.1.0 and 8.3.0 return wrong mime type text/html since last image version HOT 3
- Docker healthcheck fails in 8.3.0 HOT 1
- Integration problem between Keyrock, fiware-pep-proxy and orion-ld HOT 2
- InvalidAuthenticationToken while trying to access Orion-LD
- Metrics of usage
- WILMA delete NGSILD-Results-Count in response header HOT 1
- Why there is `trusted_apps` setting in pep-proxy HOT 1
- Moving from Docker Hub image tag 7.0.2 to 7.4.0 or later with Docker Compose causes "TypeError: Cannot read property 'secret' of undefined" HOT 2
- Use toBoolean with PEP_PROXY_ORG_ENABLED HOT 1
- PEP crashes when authenticating with IoT sensor HOT 1
- Cannot read property 'split' of undefined when trying to run application HOT 1
- Missing Fiware-Service Header in Allowed Auth Header on CORS Preflight request HOT 1
- Running docker container as non-root user HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from fiware-pep-proxy.