I just generate a monolithic app with OAuth(1st time) running here
https://api.nms.blaucomm.co.uk:8020/
I set up the Keycloak here
https://keycloak.nms.blaucomm.co.uk/auth/realms/emfit/account
When I try to login it gives this error in the Keycloak logs:
type=LOGIN_ERROR, realmId=emfit, clientId=account, userId=null, ipAddress=xxxxxxx, error=invalid_redirect_uri, redirect_uri=https://api.nms.blaucomm.co.uk:8020/login/oauth2/code/oidc
Where do I configure the uri?
With this configuration is working now
Related
I'm trying to setup AWS CLI login via OneLogin - but it doesn't seem to work.
I created the onelogin.sdk.properties file as follows:
onelogin.sdk.client_id=xxxxxxxxxxxxxxxxxxxxxxxxxxx
onelogin.sdk.client_secret=xxxxxxxxxxxxxxxxxxxxxxxxxxx
onelogin.sdk.region=us
onelogin.sdk.ip=
I'm running the below command from the same directory where the above properties file resides:
java -jar onelogin-aws-cli.jar --appid 123456 --subdomain mycompany --username myusername --region us-east-1 --profile onelogin
This prompts me for the password and after I enter it, I get the following error:
Exception in thread "main" OAuthProblemException{error='bad request', description='bad request', uri='null', state='400', scope='null', redirectUri='null', responseStatus=400, parameters={}}
at org.apache.oltu.oauth2.common.exception.OAuthProblemException.error(OAuthProblemException.java:59)
at org.apache.oltu.oauth2.client.validator.OAuthClientValidator.validateErrorResponse(OAuthClientValidator.java:63)
at org.apache.oltu.oauth2.client.validator.OAuthClientValidator.validate(OAuthClientValidator.java:48)
at org.apache.oltu.oauth2.client.response.OAuthClientResponse.validate(OAuthClientResponse.java:127)
at com.onelogin.sdk.conn.OneloginOAuthJSONResourceResponse.init(OneloginOAuthJSONResourceResponse.java:31)
at org.apache.oltu.oauth2.client.response.OAuthClientResponse.init(OAuthClientResponse.java:101)
at org.apache.oltu.oauth2.client.response.OAuthClientResponse.init(OAuthClientResponse.java:120)
at org.apache.oltu.oauth2.client.response.OAuthClientResponseFactory.createCustomResponse(OAuthClientResponseFactory.java:82)
at com.onelogin.sdk.conn.OneloginURLConnectionClient.execute(OneloginURLConnectionClient.java:75)
at org.apache.oltu.oauth2.client.OAuthClient.resource(OAuthClient.java:81)
at com.onelogin.sdk.conn.Client.getSAMLAssertion(Client.java:2238)
at com.onelogin.aws.assume.role.cli.OneloginAWSCLI.getSamlResponse(OneloginAWSCLI.java:437)
at com.onelogin.aws.assume.role.cli.OneloginAWSCLI.main(OneloginAWSCLI.java:256)
I know for a fact that my onelogin.sdk.properties is correct, because intentionally setting incorrect client_id/client_secret or changing the region to eu makes the application fail with another error (error='Unauthorized')
What might be the problem?
Is there a debug switch I can use to help me understand what's going on?
Thanks,
Yosi
The problem was me using the username in incorrect format (needed the domain suffix - e.g. myusername#mydomain.com)
I'm trying to deploy my back-end nodejs server ising now by Zeit
I installed it using the npm i -g now command
and I used the now command to deploy, but I'm getting this error:
Now CLI 17.1.1
Error! The content of "~\AppData\Roaming\now\Data\auth.json" is invalid. No `token` property found inside. Run `now login` to authorize.
I'm confused on what I did wrong, any suggestions?
I had to run the command:
now login
then it asks for my Zeit account info. Afterwards, I navigated to the directory where my server files are and used the command:
now
to innitiate and deploy the backend.
Once it was done, it gave me a URL which I can use to access the backend within my front-end code
I have this website (let's call it a.com) which is on AWS. It is done using NodeJs backend and view front end. It is calling another system API (let's call it b.com) for the DATA from some other URL.
This site was working fine. We updated SSL certificate of site b.com and now site a.com is not able to receive data from site b.com.
When I checked the error log on AWS, this is the error I found:
RequestError: Error: unable to verify the first certificate
at new RequestError (/var/app/current/node_modules/request-promise-core/lib/errors.js:14:15)
at Request.plumbing.callback (/var/app/current/node_modules/request-promise-core/lib/plumbing.js:87:29)
at Request.RP$callback [as _callback] (/var/app/current/node_modules/request-promise-core/lib/plumbing.js:46:31)
at self.callback (/var/app/current/node_modules/request/request.js:185:22)
at emitOne (events.js:116:13)
What can be the issue?
Can I do any settings on my NodeJs server to load data from b.com?
The site is working fine on my localhost.
As the error message says, there are problems validating the SSL certificate of b.com.
I see you're using request library, so as a workaround you could pass strictSSL: false in options:
{
url: 'https://b.com',
method: 'GET',
...
strictSSL: false
}
Necessary warning: Turning off all SSL certificate validation is dangerous. A MiTM attack (e.g. a sniffer/spoofer on your local network) can read or replace any of your data if you do it. Don't do it if you can help it.
A better solution: export or otherwise set NODE_EXTRA_CA_CERTS environment variable for your process, and point it to a working root certificate CAs file.
Configuration equivalent: npm config set cafile "<path to certificate file>"
A worse solution workaround: export or otherwise set NODE_TLS_REJECT_UNAUTHORIZED=0 environment variable.
Configuration equivalent: npm config set strict-ssl false. This may not work for installation scripts that ignore the configuration.
I have a node js application for a slack-bot deployed on StdLib for a slack-bot application that I created using the following tutorial: Build a serverless slack bot in 9 minutes with node js and stdlib
Now, everything is up and running, but I just want to see the logs of my application from StdLib.
I am already logged in as the authenticated user from my terminal and I am able to execute the command lib up dev successfully.
But, now when I try to view the logs using the command: lib logs dev, i get the following error:
Error: You must be signed in as a service's owner or be part of the service's team to to view logs for a service
Can anyone help me understand what i am doing wrong and how to access the dev logs from StdLib?
EDIT: I also tried logging in again by using lib login --email <my email> and then again tried lib logs dev, but it resulted in the same error as above.
Interestingly, even after logging in, if I do lib info dev, It gives me the error Error: Bad Request: "<my username>" does not have permission to access "dev"
So, in case someone else is stuck with the same...
I was able to figure this out by checking out the following documentation:
https://docs.stdlib.com/main/#/creating-services/logging
basically I need to give the username and the app name in a specific fashion as follows:
lib logs <my username>.<my app>[#dev]
The error mentioned was kind of confusing and I could not decipher what I was doing wrong based on the error.
I am trying to deploy a web application using MSDeploy. In the first step the app is deployed to test server (using the package created during the build), then to production server (source and destination are iisApp) and the next step is production web.config file deployment to the production server.
Everything works fine but the web.config file deployment reports an error
Error Code: ERROR_USER_NOT_AUTHORIZED_FOR_DEPLOYMENTPROVIDER
More Information: Could not complete an operation with the specified
provider ("filePath") when connecting using the Web Management Service.
This can occur if the server administrator has not authorized the user for
this operation. filePath http://go.microsoft.com/fwlink/?LinkId=178034
Learn more at: http://go.microsoft.com/fwlink/?LinkId=221672#ERROR_USER_NOT_AUTHORIZED_FOR_DEPLOYMENTPROVIDER.
I am using the same machine for deployment, the same username and the same password. I can see the user has filePath deployment enabled (as well dirPath, contentPath, iisApp and setAcl) in the Management Service Delegation screen in IIS Manager on the machine used for deployment:
It also fails for dirPath and contentPath.
Can anybody help? Thanks
Update - log when MSDeploy executed with -verbose flag
"C:\Program Files (x86)\IIS\Microsoft Web Deploy V3\msdeploy"
-verb:sync -source:filePath="C:\MyProject\DeployConfig\web\web.config"
-dest:filePath="web/web.config",computerName="https://deployement:8172/MSDeploy.axd?site=my-site",userName="publish",password="password",authtype="Basic",includeAcls="False"
-allowUntrusted -verbose
Info: Using ID '7fcedfe4-c103-48f4-ab98-4fae743d5eb7' for connections to the remote server.
Verbose: Pre-authenticating to remote agent URL 'https://deployment:8172/MSDeploy.axd?site=my-site' as 'publish'.
Verbose: Performing synchronization pass #1.
Verbose: Pre-authenticating to remote agent URL 'https://deployment:8172/MSDeploy.axd?site=my-site' as 'publish'.
Verbose: No backup was executed.
Verbose: Received response from agent (HTTP status 'OK').
Info: Adding MSDeploy.filePath (MSDeploy.filePath).
Verbose: The dependency check 'DependencyCheckInUse' found no issues.
Verbose: The current synchronization pass is missing stream content for 1 objects.
Info: Using ID '8f582c09-614e-4344-87c9-64867e44fc4e' for connections to the remote server.
Verbose: Performing synchronization pass #2.
Verbose: Pre-authenticating to remote agent URL 'https://deployment:8172/MSDeploy.axd?site=my-site' as 'publish'.
Info: Adding MSDeploy.filePath (MSDeploy.filePath).
Verbose: Received response from agent (HTTP status 'OK').
Info: Adding child MSDeploy.filePath (C:\MyProject\DeployConfig\web\web.config).