dickhardt / a2p3 Goto Github PK

Peter reported to me then I confirmed.

Steps:

1. QR logon to si.a2p3.net
2. The authorization say "verify you are an administrator for applications"

It appears the incoming Agent Request to the Agent names the resource:
"http://registrar.a2p3.net/scope/verify"

Can you confirm if you truly are providing that resource please?

When trying to logon to health.bc.local.a2p3.net, the registrar verify returns invalid sig.

POST http://registrar.local.a2p3.net:8080/request/verify HTTP/1.1
Host: registrar.local.a2p3.net:8080
Connection: keep-alive
Content-Length: 639
Accept: application/json, text/javascript, /; q=0.01
Origin: http://localhost
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.52 Safari/537.17
Content-Type: application/json;
Referer: http://localhost/a2p3_agent/index.html
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-GB,en-US;q=0.8,en;q=0.6
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: connect.sess=s%3Aj%3A%7B%22agentRequest%22%3A%22eyJ0eXAiOiJKV1MiLCJhbGciOiJIUzUxMiIsImtpZCI6ImdkMDVFWlNkdzJHVk5kLTMifQ.eyJpc3MiOiJyZWdpc3RyYXIubG9jYWwuYTJwMy5uZXQiLCJhdWQiOiJpeC5sb2NhbC5hMnAzLm5ldCIsInJlcXVlc3QuYTJwMy5vcmciOnsicmV0dXJuVVJMIjoiaHR0cDovL3JlZ2lzdHJhci5sb2NhbC5hMnAzLm5ldDo4MDgwL2xvZ2luL3Jlc3BvbnNlIiwicmVzb3VyY2VzIjpbImh0dHA6Ly9lbWFpbC5sb2NhbC5hMnAzLm5ldDo4MDgwL3Njb3BlL2RlZmF1bHQiLCJodHRwOi8vcmVnaXN0cmFyLmxvY2FsLmEycDMubmV0OjgwODAvc2NvcGUvdmVyaWZ5Il0sImF1dGgiOnsicGFzc2NvZGUiOnRydWUsImF1dGhvcml6YXRpb24iOnRydWV9fSwiaWF0IjoxMzU4NzM5MTM2fQ.IBBNeN3M45WXhyEC0WkDMq8Wp55roFEP2JME8-jkupZ6BkA2oXqpBnrszYI8xEZAfBWVjKWDUGDJ7ktp9TsI8Q%22%2C%22loginState%22%3A%22txj25Nl0wVKf4FjLfVO3oQ%22%7D.JzlaAgURN3r70tV%2FPv0%2FAHwbyfAsnl7vtt2XiV7VeIE

{"request":"eyJ0eXAiOiJKV1MiLCJhbGciOiJIUzUxMiIsImtpZCI6InRwLUNTcUdYRzdDdTlOQnMifQ.eyJpc3MiOiJoZWFsdGguYmMubG9jYWwuYTJwMy5uZXQiLCJhdWQiOiJpeC5sb2NhbC5hMnAzLm5ldCIsInJlcXVlc3QuYTJwMy5vcmciOnsicmV0dXJuVVJMIjoiaHR0cDovL2hlYWx0aC5iYy5sb2NhbC5hMnAzLm5ldDo4MDgwL2xvZ2luL3Jlc3BvbnNlIiwicmVzb3VyY2VzIjpbImh0dHA6Ly9lbWFpbC5sb2NhbC5hMnAzLm5ldDo4MDgwL3Njb3BlL2RlZmF1bHQiLCJodHRwOi8vcmVnaXN0cmFyLmxvY2FsLmEycDMubmV0OjgwODAvc2NvcGUvdmVyaWZ5Il0sImF1dGgiOnsicGFzc2NvZGUiOnRydWUsImF1dGhvcml6YXRpb24iOnRydWV9fSwiaWF0IjoxMzU4NzQxMjIwfQ.KyLWYYeCN1LPnbK33ZA5UfCKZIwQHudoYh5FJKyy3Vyx3cZg_NqICgfUnMPwPxLPTk5t1Nmrgr6YQOyjn4E1lA","token":"Z1gTMCySkGFQWpORIfpqsA"}

Response

HTTP/1.1 200 OK
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Content-Length: 94
Date: Mon, 21 Jan 2013 04:07:33 GMT
Connection: keep-alive

{
"error": {
"code": "INVALID_REQUEST",
"message": "Invalid request signature"
}
}

Error: Invalid request signature
at requestVerify (C:\Users\gturner\Documents\GitHub\a2p3\app\registrar\registrar.js:57:15)
at callbacks (C:\Users\gturner\Documents\GitHub\a2p3\node_modules\express\lib\router\index.js:161:37)
at C:\Users\gturner\Documents\GitHub\a2p3\app\registrar\registrar.js:35:9
at exports.validAgent (C:\Users\gturner\Documents\GitHub\a2p3\app\lib\db_dev.js:120:35)
at process.startup.processNextTick.process._tickCallback (node.js:244:9)
registrar.local.a2p3.net POST /request/verify 200 3 ms INVALID_REQUEST Invalid request signatur
e
registrar.local.a2p3.net GET /scope/verify 404 1 ms - -

If not already supported.

When a user is logging on, the Agent presents the authZ screen. In the wireframes the agent is supposed to display a nice friendly client app name, e.g., "Bank". Where does the agent get this information?

When the agent is retrieving the authorizations during Review Authorizations, it goes to the registrar passing previously known RS ID(s). In response, the Agent get tokens to call all the RS.

The tokens nor response have the protocol and port parts of the RS URL. I can infer the URL by prepending "http" and appending "8080". Did I miss something in the spec?

Please advise.

When using IE the app returns to the login page after you accept terms of service for opening account.

would like keypad to come up right away when it opens, and stay up between entering pins

either expire session and redirect to homepage or use OAuth tokens in Dashboard API calls or ...

On:
https://github.com/dickhardt/A2P3/tree/master/app/as

Its says:
"The Agent discards the passcode and name values that it gathered from the user."

I discard the passcode but not the name.

Pressing cancel button on setup after logging in with Facebook does not cancel - causes enrolment anyway.

RS Tokens expire if not used within 5 minutes for working against dashboard

need to expire login session and have user re-auth

I get this in a agent request token but when my Agent calls it returns 404.

On http://setup.a2p3.net/, the facebook button starts off on the right side then moves to its proper position after a second or two.

Request from Agent:

POST http://registrar.local.a2p3.net:8080/authorizations/requests HTTP/1.1
Host: registrar.local.a2p3.net:8080
Connection: keep-alive
Content-Length: 91
Cache-Control: max-age=0
Accept: /
Origin: http://localhost
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.52 Safari/537.17
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: http://localhost/a2p3_agent/index.html
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-GB,en-US;q=0.8,en;q=0.6
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Cookie: connect.sess=s%3Aj%3A%7B%7D.c7bsS5LCqDydkISNsF17rp9VHhQ1a4zcv9Fq7Y3Z5Pc

authorizations=email.local.a2p3.net%2Cregistrar.local.a2p3.net&token=nf1-Fv771smnEPSWlmVMiQ

Response from registrar:

HTTP/1.1 200 OK
X-Powered-By: Express
Content-Type: application/json; charset=utf-8
Content-Length: 850
Date: Sat, 19 Jan 2013 05:26:13 GMT
Connection: keep-alive

{
"error": {
"code": "UNKNOWN",
"message": "Object email.local.a2p3.net,registrar.local.a2p3.net has no method 'forEach'",
"stack": "TypeError: Object email.local.a2p3.net,registrar.local.a2p3.net has no method 'forEach'\n at Object.exports.getAnytimeAppKeys (C:\Users\gturner\Documents\GitHub\a2p3\app\lib\db_dev.js:267:8)\n at authorizationsRequests (C:\Users\gturner\Documents\GitHub\a2p3\app\registrar\registrar.js:77:6)\n at callbacks (C:\Users\gturner\Documents\GitHub\a2p3\node_modules\express\lib\router\index.js:161:37)\n at C:\Users\gturner\Documents\GitHub\a2p3\app\registrar\registrar.js:35:9\n at exports.validAgent (C:\Users\gturner\Documents\GitHub\a2p3\app\lib\db_dev.js:120:35)\n at process.startup.processNextTick.process._tickCallback (node.js:244:9)"
}
}

ServerConsole:

TypeError: Object email.local.a2p3.net,registrar.local.a2p3.net has no method 'forEach'
at Object.exports.getAnytimeAppKeys (C:\Users\gturner\Documents\GitHub\a2p3\app\lib\db_dev.js:267:8)
at authorizationsRequests (C:\Users\gturner\Documents\GitHub\a2p3\app\registrar\registrar.js:77:6)
at callbacks (C:\Users\gturner\Documents\GitHub\a2p3\node_modules\express\lib\router\index.js:161:37)
at C:\Users\gturner\Documents\GitHub\a2p3\app\registrar\registrar.js:35:9
at exports.validAgent (C:\Users\gturner\Documents\GitHub\a2p3\app\lib\db_dev.js:120:35)
at process.startup.processNextTick.process._tickCallback (node.js:244:9)
registrar.local.a2p3.net POST /authorizations/requests 200 6 ms - -
Error: No 'token' parameter in POST
at checkValidAgent (C:\Users\gturner\Documents\GitHub\a2p3\app\registrar\registrar.js:21:13)
at callbacks (C:\Users\gturner\Documents\GitHub\a2p3\node_modules\express\lib\router\index.js:161:37)
at param (C:\Users\gturner\Documents\GitHub\a2p3\node_modules\express\lib\router\index.js:135:11)
at pass (C:\Users\gturner\Documents\GitHub\a2p3\node_modules\express\lib\router\index.js:142:5)
at Router._dispatch (C:\Users\gturner\Documents\GitHub\a2p3\node_modules\express\lib\router\index.js:170:5)
at Object.router (C:\Users\gturner\Documents\GitHub\a2p3\node_modules\express\lib\router\index.js:33:10)
at next (C:\Users\gturner\Documents\GitHub\a2p3\node_modules\express\node_modules\connect\lib\proto.js:199:15)
at Object.cookieSession [as handle](C:UsersgturnerDocumentsGitHuba2p3node_modulesexpressnode_modulesconnec
tlibmiddlewarecookieSession.js:113:5)
at next (C:\Users\gturner\Documents\GitHub\a2p3\node_modules\express\node_modules\connect\lib\proto.js:199:15)
at Object.cookieParser [as handle](C:UsersgturnerDocumentsGitHuba2p3node_modulesexpressnode_modulesconnect
libmiddlewarecookieParser.js:60:5)
registrar.local.a2p3.net POST /authorizations/requests 200 5 ms INVALID_API_CALL
No 'token' parameter in POST
TypeError: Object email.local.a2p3.net,registrar.local.a2p3.net has no method 'forEach'
at Object.exports.getAnytimeAppKeys (C:\Users\gturner\Documents\GitHub\a2p3\app\lib\db_dev.js:267:8)
at authorizationsRequests (C:\Users\gturner\Documents\GitHub\a2p3\app\registrar\registrar.js:77:6)
at callbacks (C:\Users\gturner\Documents\GitHub\a2p3\node_modules\express\lib\router\index.js:161:37)
at C:\Users\gturner\Documents\GitHub\a2p3\app\registrar\registrar.js:35:9
at exports.validAgent (C:\Users\gturner\Documents\GitHub\a2p3\app\lib\db_dev.js:120:35)
at process.startup.processNextTick.process._tickCallback (node.js:244:9)
registrar.local.a2p3.net POST /authorizations/requests 200 5 ms - -
TypeError: Object email.local.a2p3.net,registrar.local.a2p3.net has no method 'forEach'
at Object.exports.getAnytimeAppKeys (C:\Users\gturner\Documents\GitHub\a2p3\app\lib\db_dev.js:267:8)
at authorizationsRequests (C:\Users\gturner\Documents\GitHub\a2p3\app\registrar\registrar.js:77:6)
at callbacks (C:\Users\gturner\Documents\GitHub\a2p3\node_modules\express\lib\router\index.js:161:37)
at C:\Users\gturner\Documents\GitHub\a2p3\app\registrar\registrar.js:35:9
at exports.validAgent (C:\Users\gturner\Documents\GitHub\a2p3\app\lib\db_dev.js:120:35)
at process.startup.processNextTick.process._tickCallback (node.js:244:9)
registrar.local.a2p3.net POST /authorizations/requests 200 4 ms - -
TypeError: Object email.local.a2p3.net,registrar.local.a2p3.net has no method 'forEach'
at Object.exports.getAnytimeAppKeys (C:\Users\gturner\Documents\GitHub\a2p3\app\lib\db_dev.js:267:8)
at authorizationsRequests (C:\Users\gturner\Documents\GitHub\a2p3\app\registrar\registrar.js:77:6)
at callbacks (C:\Users\gturner\Documents\GitHub\a2p3\node_modules\express\lib\router\index.js:161:37)
at C:\Users\gturner\Documents\GitHub\a2p3\app\registrar\registrar.js:35:9
at exports.validAgent (C:\Users\gturner\Documents\GitHub\a2p3\app\lib\db_dev.js:120:35)
at process.startup.processNextTick.process._tickCallback (node.js:244:9)
registrar.local.a2p3.net POST /authorizations/requests 200 10 ms - -

Add this to the input field to show the pin pad:
pattern="\d*"

e.g,

Add code to fade out QR code after it has been scanned

When you click "next" button after setting the passcode during QR code registration of the agent, the QR code pops up where the passcode dialogue box was. The mouse pointer is still where the "next" button was, and therefore is often placed within the QR code. Sometimes right over one of the key squares used to recognize the QR. The agent won't scan the QR with the mouse in that spot and you have to know to move the mouse out of the QR code frame. Otherwise you think something is broken.

Does not fail running locally ... hmmm

Thought this was a key mixup issue, but alas it is not

For easier dev, it would be helpful if the bank app could write the full QR code URL to the javascript console.

url will now be a a2p3.net://enroll?code url

Login for registrar, si, health, email, people does not work on IE. Clicking button does not result in a QR code - nothing happens.

On AS during /register/agent the passcode argument doesn't appear to be validated because the response always returns me a token.

First element in resource array is null. Not sure if this is expected or not. Smells like a bug.

{
"result": {
"demo.example.com": {
"name": "Demo App",
"resources": [
null,
"http://health.bc.local.a2p3.net:8080/scope/prov_number",
"http://health.bc.local.a2p3.net:8080/scope/series/weight/update",
"http://health.bc.local.a2p3.net:8080/scope/series/weight/retrieve"
],
"request": "eyJ0eXAiOiJKV1MiLCJhbGciOiJIUzUxMiIsImtpZCI6IjBzdTJLdXZBTHk0akZHNXkifQ.eyJpc3MiOiJyZWdpc3RyYXIubG9jYWwuYTJwMy5uZXQiLCJhdWQiOiJoZWFsdGguYmMubG9jYWwuYTJwMy5uZXQiLCJyZXF1ZXN0LmEycDMub3JnIjp7ImFwcCI6ImRlbW8uZXhhbXBsZS5jb20iLCJ0b2tlbiI6ImV5SjBlWEFpT2lKS1YwVWlMQ0poYkdjaU9pSmthWElpTENKbGJtTWlPaUpCTWpVMlEwSkRLMGhUTlRFeUlpd2lhMmxrSWpvaU1ITjFNa3QxZGtGTWVUUnFSa2MxZVNKOS4ubUNWUEhFZ2dmU0h0djR3a2UwS095US5keVlERUtqZk5WUWVKUDIwQXJuNm1xM2twM1k3SjdhODB3cVZrZ1BjQW95dS1CM2J1bS13elp4dTBUd1RES2RSM1ZEMnFFajZNR25vUVQ1Zm1FVjBCeDZDRWFwRGxON3M2Xy1zNjhxVHUtNVZQTWtERXM4eUtmVVpwZXBicnNqVHp6TTE5MmRHa2c5OHNPN3k0cTB5OTY5c25IX0xIb0FEQjdWT0EzUWlzcU1PV0xnYkV2dElJc3VXbjNqMENTM2o0TXJNSGhndDEza0ItV3FBb1ZYTDY5cW9Bblo2Q1pLSFA0MkVMalBxN1JyTkpPRkpidTd1bFY0WnA1ak1HbGhJNmtBQWRTNV9pM05Od2pRclhHUWpQRUNtWGMyWmVPZzFzREhoSXplWEV3ay52aFVzd19yMXFRYURPRE8wcTY5alVmMjkzVl9JZ2c5SHljaEEtNUpuRkRTVjd1ZnZYc256WjBFRU1VY1YxYThTVEx4V2E5elNLbkVJbWxLMndfdmFLdyJ9LCJpYXQiOjEzNTg2NTA5NjJ9.6N3CuTCHZQ5abu1URJJivHcHcJAvhW4zwtQ2wNgO6NDu9-xQ96lZ06q4GKtNnidfXJGkytSVsM2tw5sJsqISrg"
}
}
}

    as.local.a2p3.net  POST    /register/agent 200     5       ms      -       -

registrar.local.a2p3.net POST /authorizations/requests 200 2 ms - -
si.local.a2p3.net POST /authorizations/list 200 1 ms - -
health.bc.local.a2p3.net POST /authorizations/list 200 3 ms - -
health.ab.local.a2p3.net POST /authorizations/list 200 1 ms - -
registrar.local.a2p3.net POST /authorizations/requests 200 2 ms - -
si.local.a2p3.net POST /authorizations/list 200 1 ms - -
health.bc.local.a2p3.net POST /authorizations/list 200 2 ms - -
health.ab.local.a2p3.net POST /authorizations/list 200 2 ms - -
registrar.local.a2p3.net POST /authorizations/requests 200 3 ms - -
si.local.a2p3.net POST /authorizations/list 200 2 ms - -
health.bc.local.a2p3.net POST /authorizations/list 200 2 ms - -
health.ab.local.a2p3.net POST /authorizations/list 200 2 ms - -

When you use login option on bank the logged in page is missing the logout button. A refresh of the page will cause it to be displayed. Happens on Chrome on OSX and IE on Win7.

likely something can be added

When the agent is retrieving the authorizations during Review Authorizations, it goes to the registrar passing previously known RS ID(s). In response, the Agent get tokens to call all the RS. The RS provides names of Apps and last access time among other things.

If an App is present in more than one RS response, in theory there could be a conflict between App Name and Last Access. How to handle? Warn user, provided both, or ignore?

Low priority.

127.0.0.1 registrar.local.a2p3.net GET /login/response/redirect?token=&request=eyJ0eXAiOiJKV1MiLCJhbGciOiJIUzUx
MiIsImtpZCI6InBROE85Z05pZ0dLRHhmWU4ifQ.eyJpc3MiOiJyZWdpc3RyYXIubG9jYWwuYTJwMy5uZXQiLCJhdWQiOiJpeC5sb2NhbC5hMnAzLm5ldCIsI
nJlcXVlc3QuYTJwMy5vcmciOnsicmV0dXJuVVJMIjoiaHR0cDovL3JlZ2lzdHJhci5sb2NhbC5hMnAzLm5ldDo4MDgwL2xvZ2luL3Jlc3BvbnNlL3JlZGlyZ
WN0IiwicmVzb3VyY2VzIjpbImh0dHA6Ly9lbWFpbC5sb2NhbC5hMnAzLm5ldDo4MDgwL3Njb3BlL2RlZmF1bHQiLCJodHRwOi8vcmVnaXN0cmFyLmxvY2FsL
mEycDMubmV0OjgwODAvc2NvcGUvdmVyaWZ5Il0sImF1dGgiOnsicGFzc2NvZGUiOnRydWUsImF1dGhvcml6YXRpb24iOnRydWV9fSwiaWF0IjoxMzYwODYzN
DE2fQ.Q7eKdfbxITQZNjvg3INvO1FqVl5iM9P7eOH_fvR-8wXX1EfmRXUsNmfdrlTrGbZAFkCze1wbXjuI8y9mUI1NSA&error=USER_CANCELLED&errorM
essage=The%20User%20cancelled%20the%20transaction. 302 2 ms - -
Error: request.a2p3.org parameter 'token' not found
at exports.a2p3Params (C:\Users\gturner\Documents\GitHub\A2P3_gt\app\lib\middleware.js:91:13)
at Array.forEach (native)
at a2p3Params (C:\Users\gturner\Documents\GitHub\A2P3_gt\app\lib\middleware.js:88:12)
at callbacks (C:\Users\gturner\Documents\GitHub\A2P3_gt\node_modules\express\lib\router\index.js:161:37)
at exports.check.e.code (C:\Users\gturner\Documents\GitHub\A2P3_gt\app\lib\request.js:130:18)
at exports.getAppKey (C:\Users\gturner\Documents\GitHub\A2P3_gt\app\lib\db_dev.js:284:35)
at process.startup.processNextTick.process._tickCallback (node.js:244:9)
127.0.0.1 ix.local.a2p3.net POST /exchange 200 5 ms INVALID_API_CALL request.
a2p3.org parameter 'token' not found
we are going to die from uncaught exception !
we received error:
TypeError: Object # has no method 'redirect'
at C:\Users\gturner\Documents\GitHub\A2P3_gt\app\lib\login.js:191:29
at Request.exports.call as _callback
at Request.init.self.callback (C:\Users\gturner\Documents\GitHub\A2P3_gt\node_modules\request\main.js:122:22)
at Request.EventEmitter.emit (events.js:99:17)
at Request. (C:\Users\gturner\Documents\GitHub\A2P3_gt\node_modules\request\main.js:661:16)
at Request.EventEmitter.emit (events.js:126:20)
at IncomingMessage.Request.start.self.req.self.httpModule.request.buffer (C:\Users\gturner\Documents\GitHub\A2P3_gt
node_modules\request\main.js:623:14)
at IncomingMessage.EventEmitter.emit (events.js:126:20)
at IncomingMessage._emitEnd (http.js:366:10)
at HTTPParser.parserOnMessageComplete as onMessageComplete
we are going to die from exit !

On AS /register/agent the parameter 'code' can be used over and over again. Low priority.

not as fast as we'd hoped. pay pal has a quick one.

C:\Users\gturner\Documents\GitHub\a2p3>npm start

[email protected] start C:\Users\gturner\Documents\GitHub\a2p3
node app/app.js

Mon Feb 04 2013 11:37:03 GMT-0NaN (Pacific Standard Time)
A2P3 servers started on *.local.a2p3.net:8080
Setup available at http://setup.local.a2p3.net:8080

we are going to die from uncaught exception !
we received error:
TypeError: Invalid date
at TypeError (unknown source)
at C:\Users\gturner\Documents\GitHub\a2p3\node_modules\dateformat\lib\dateformat.js:69:13
at Function.exports.colorLogger.express.logger.token.wideHost [as localTime](C:UsersgturnerDocumentsGitHuba2p3
applibmiddleware.js:116:13)
at eval (eval at compile (C:\Users\gturner\Documents\GitHub\a2p3\node_modules\express\node_modules\connect\lib\middl
eware\logger.js:173:10))
at ServerResponse.module.exports.res.end (C:\Users\gturner\Documents\GitHub\a2p3\node_modules\express\node_modules\c
onnect\lib\middleware\logger.js:149:20)
at onend (stream.js:66:10)
at EventEmitter.emit (events.js:126:20)
at afterRead (fs.js:1330:12)
at Object.wrapper as oncomplete
we are going to die from exit !

C:\Users\gturner\Documents\GitHub\a2p3>

Issue: having Safari open with an error or completion page after logging via a QR code scan (or notification real-soon-now) is a suboptimal experience. The mockups had the success page still in the Agent. Unfortunately we are doing it this way because there is no signal for the Agent to know if it should redirect (because it was invoked directly) or if it should invoke the callback.

Possible solutions:

We need a signal for the Agent to know what to do

• add a 'direct' parameter to signal that it should be a redirect.
  cons: extra parameter for implementations that don't care
• add an 'outofband' parameter to signal that it should be a callback rather than redirect
  • better then the 'direct' parameter as the App is putting up a QR code or sending a notification
• change the name of the redirectURL parameter if it is a callback. Use 'redirectURL' if a redirect should happen. Use 'callback's the Agent is to directly call the endpoint.

What's the URL for the Authentication Server in a2p3.net land?

http://as.a2p3.net?

recorded from workshop when 2 or more people tried to register their sample app

In short, sessions are lost if invoking the Agent on the phone using the custom schema (a2p3.net://token?request...).

When clicking on mobile logon from the email.local.a2p3:8080 site, the request is generated properly, agent fetches the token properly. Then the Agent does an invoke using the response URL. It appears that any previous cookies set by email.local are either not allowed or lost because the site reports Logon Error.

Here's the last two requests/responses:

GET http://email.local.a2p3.net:8080/login/response?token=eyJ0eXAiOiJKV0UiLCJhbGciOiJkaXIiLCJlbmMiOiJBMjU2Q0JDK0hTNTEyIiwia2lkIjoiRVZLRTBnTEt1ZmN1clZ3YyJ9..e4tAFFuvq0SJ66RagDVcaw.iNEAL20e8Xtdpc215IXdi6FITkYATF6gLyXocoIWpn2kCvlTpDKilUkZ8SV2o1KlO6jBIGaJhzSOZAjQ3TglGCTVRcC95QbYqxifg3whxHiVHl1kZCt9An73MRjxqfo6QwWYLN0W-e0NOQBJtqpdgm8BB6_mHDvIX9QSmbh7I4ipa0pfHgRCuZX1Gsq6LIGo773lkmhcyovy7RR8SfYstHMwnB3oQmTW2L25pg5Ab8a1TK445fOL3797E-qYzowo8fi76T1-L4LkqQmDZATrzV_4KWxIuAz-4XP7Qnibz7-8OY8OLwUePer1U-yFNnMbKz8UT2sfN1gBog9BFuVHFHnUnXOhz7ASjrU12__xHtuCgO9PcbUYIrgQTOAKl1a9.367yBOfFI_vLbe7fqs6j1IMDb8217Y_O1tUBjF1MoXuZ6UFQzSbxkTgiYlwylsgizyHYH0vX_IzQVT1ZqaPfWw HTTP/1.1
Host: email.local.a2p3.net:8080
Connection: keep-alive
Accept-Encoding: gzip, deflate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Cookie: connect.sess=s%3Aj%3A%7B%7D.Wt76C0yi3QriWCH4wb0Dk9Ai5ffEzSZwFyqVCyJ%2FPts
Connection: keep-alive
Accept-Language: en-us
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 6_0_2 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10A551 Safari/8536.25

HTTP/1.1 302 Moved Temporarily
X-Powered-By: Express
Vary: Accept
Content-Type: text/html
Location: http://email.local.a2p3.net:8080/error?error=UNKNOWN&errorMessage=Session%20information%20lost
Content-Length: 252
Date: Thu, 17 Jan 2013 04:09:50 GMT
Connection: keep-alive

Moved Temporarily. Redirecting to http://email.local.a2p3.net:8080/error?error=UNKNOWN&errorMessage=Session%20information%20lost

GET http://email.local.a2p3.net:8080/error?error=UNKNOWN&errorMessage=Session%20information%20lost HTTP/1.1
Host: email.local.a2p3.net:8080
If-Modified-Since: Tue, 15 Jan 2013 05:41:43 GMT
If-None-Match: "189-1358228503000"
Connection: keep-alive
Accept-Encoding: gzip, deflate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,/;q=0.8
Accept-Language: en-us
Cookie: connect.sess=s%3Aj%3A%7B%7D.Wt76C0yi3QriWCH4wb0Dk9Ai5ffEzSZwFyqVCyJ%2FPts
Connection: keep-alive
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 6_0_2 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Version/6.0 Mobile/10A551 Safari/8536.25

HTTP/1.1 304 Not Modified
X-Powered-By: Express
Accept-Ranges: bytes
ETag: "189-1358228503000"
Date: Thu, 17 Jan 2013 04:09:50 GMT
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Jan 2013 05:41:43 GMT
Connection: keep-alive

Sample app URL for the agent does not include the query parameter of notificationURL=true

Add checkbox to Registrar