Comments (9)
I think that this problem is generated for the same reason (different hrefs) as #18
from business-api-ecosystem.
Still with the issue, after modifying server property in apis-conf/settings-properties file from http://proxy.docker:8004/
to http://[DOCKER_MACHINE_HOST]:8004/
Below the proxy log (To test I used postman from my local computer):
2018-05-16 15:21:19.013 - WARN: Server - 51f49039-dcec-4ed2-8ed3-7f0f18ebb217 - ::ffff:10.38.0.1 - Anonymous - GET: /DSProductInventory/api/productInventory/v2/product?status=active&relatedParty.id=jcarnero - Token 6451599ae38e74508a6c929a6bdcb54a895aff80 is from a different app
2018-05-16 15:21:19.046 - WARN: TMF - 51f49039-dcec-4ed2-8ed3-7f0f18ebb217 - ::ffff:10.38.0.1 - f8297ebc-4a60-4a43-9d74-cec472bbc01f - GET: /DSProductInventory/api/productInventory/v2/product?status=active&relatedParty.id=jcarnero - Pre-Validation (DSProductInventory): You are not authorized to retrieve the orderings made by the user jcarnero
2018-05-16 15:21:19.052 - WARN: Server - 51f49039-dcec-4ed2-8ed3-7f0f18ebb217 - ::ffff:10.38.0.1 - f8297ebc-4a60-4a43-9d74-cec472bbc01f - GET: /DSProductInventory/api/productInventory/v2/product?status=active&relatedParty.id=jcarnero - Status: 403
from business-api-ecosystem.
Ok, I am reviewing the code which validates inventory permission to see if if the is a bug with user validation
from business-api-ecosystem.
To add some info, I'm using a token different from the one that the marketplace has (as I'm accessing the http api through an external app). That's why I'm getting the first warn:
Token X is from a different app
from business-api-ecosystem.
um, that should'n be a problem, the BAE detects that the token is for an external application and uses the refresh token of the last session to obtain valid user info for the BAE app
from business-api-ecosystem.
Just a question, can you access to other protected information?
For example to the ordering API, etc
from business-api-ecosystem.
Well reviewing the code, the error happens when the query string (filter) relatedParty.id is different from the req.user.id which is populated using the information of the user given by the IDM.
According to the error message you are facing, relatedParty.id = jcarnero
So, is it possible that the access token you are sending to the BAE belongs to a user different from jcarnero?
from business-api-ecosystem.
Ok, I think I found the problem.
Indeed if I remove relatedParty.id
I don't get the error. The same happens wih ordering API.
jcarnero is the user name on the IDM, and it also appears on the top right corner of the web interface of the BIZ. In the old IDM v5 displayName
and id
properties returned the same value, but in IDM v7 id
returns a hash code.
Following your previous comment, if I do relatedParty.id=jcarnero
it fails, but if I do relatedParty.id=f8297ebc-4a60-4a43-9d74-cec472bbc01f
it works!
Summarizing, I think that to resolve this issue, docs should be modified to specify that relatedParty.id
doesn't use the user name any more, and instead the IDM id user which is a code (something like that, to prevent confusions with old IDM v5)
from business-api-ecosystem.
buf, v6 used the username as ID of the user, so the BAE uses the username as id. This change in the IDM v7 is going to be weird in new deployments (since the hashes will apear in places the user will expect their username) and a real problem in migrations. I mean the failure is going to happen when migrating from v6 to v7 in a working BAE instance
from business-api-ecosystem.
Related Issues (20)
- Can't sign in: Invalid request: only one authentication method is allowed HOT 6
- How to assign the seller role? HOT 2
- Fiware BAE with IdM docker installations HOT 9
- Failed to retrieve charge periods AND Failed to retrieve currency codes starting business-ecosystem-logic-proxy HOT 6
- Create an "admin" user HOT 2
- The server has failed validating the product specification HOT 1
- CKAN_dataset plugin problem in "on_post_product_spec_validation" method HOT 9
- Logout functionality does not work properly
- Acquire dataset from CKAN + BIZ HOT 13
- [SHOULD] Double tag FIWARE Release HOT 4
- [SHOULD] Repo URL link HOT 2
- [SHOULD] run tests on CI HOT 2
- [MUST] Credits are missing HOT 2
- [SHOULD] Every GE should have tutorial information
- Redeploy fiware-rss/target/DSRevenueSharing.war Fails HOT 9
- An unexpected error in the RSS API prevented your request to be processed HOT 5
- The offering could not be published: Store: Resource matching query does not exist.
- Elasticsearch ERROR while deploying docker-compose file HOT 3
- Extension for data sources offering
- Market place unstable and degrades after some time HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from business-api-ecosystem.