ging
Cannot read property 'User' of null
Hi all, I'm trying to integrate wirecloud with keyrock but having some issue in the Oauth2 area. When hitting protected URL of wirecloud I get redirected to keyrock for authentication which completes successfully but in debug mode I see error below:
idm:oauth_controller --> response_type_required +40s
idm:oauth_controller --> load_application +0ms
Executing (default): SELECT id, name, description, image, response_type, redirect_uri FROM oauth_client AS OauthClient WHERE OauthClient.id = '72f0fc79-1a89-4d9e-86f3-0a43f327ada7';
idm:oauth_controller --> authenticate_user +203ms
idm:web-user_controller --> authenticate +0ms
Executing (default): SELECT id, username, salt, password, enabled, email, gravatar, image, admin, date_password, starters_tour_ended FROM user AS User WHERE User.email = '[email protected]';
idm:oauth_controller --> check_user_authorized_application +10ms
idm:oauth_controller --> search_user_authorized_application +0ms
Executing (default): SELECT User_Authorized_Application.id, User_Authorized_Application.user_id, User_Authorized_Application.oauth_client_id, User.id AS User.id, User.username AS User.username, User.gravatar AS User.gravatar, User.image AS User.image, User.email AS User.email FROM user_authorized_application AS User_Authorized_Application LEFT OUTER JOIN user AS User ON User_Authorized_Application.user_id = User.id WHERE User_Authorized_Application.user_id = 'aaaaaaaa-good-0000-0000-000000000000' AND User_Authorized_Application.oauth_client_id = '72f0fc79-1a89-4d9e-86f3-0a43f327ada7' LIMIT 1;
idm:oauth_controller Error TypeError: Cannot read property 'User' of null
at /root/workspaces/fiware-idm/controllers/oauth2/oauth2.js:261:33
at tryCatcher (/root/workspaces/fiware-idm/node_modules/bluebird/js/release/util.js:16:23)
at Promise._settlePromiseFromHandler (/root/workspaces/fiware-idm/node_modules/bluebird/js/release/promise.js:512:31)
at Promise._settlePromise (/root/workspaces/fiware-idm/node_modules/bluebird/js/release/promise.js:569:18)
at Promise._settlePromise0 (/root/workspaces/fiware-idm/node_modules/bluebird/js/release/promise.js:614:10)
at Promise._settlePromises (/root/workspaces/fiware-idm/node_modules/bluebird/js/release/promise.js:693:18)
at Async._drainQueue (/root/workspaces/fiware-idm/node_modules/bluebird/js/release/async.js:133:16)
at Async._drainQueues (/root/workspaces/fiware-idm/node_modules/bluebird/js/release/async.js:143:10)
at Immediate.Async.drainQueues (/root/workspaces/fiware-idm/node_modules/bluebird/js/release/async.js:17:14)
at runCallback (timers.js:810:20)
at tryOnImmediate (timers.js:768:5)
at processImmediate [as _immediateCallback] (timers.js:745:5) +6ms
POST /oauth2/authorize?state=OUXVlNXQiP26ndc3NtngRfOEANIuBjo4&redirect_uri=http://192.168.5.205/complete/fiware/&response_type=code&client_id=72f0fc79-1a89-4d9e-86f3-0a43f327ada7 200 361.051 ms - 16226
(node:13061) UnhandledPromiseRejectionWarning: Internal error
(node:13061) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). (rejection id: 2)
In the meanwhile in the keyrock page I get prompted with request for reading public info and clicking on Authorize button I see logs below:
idm:oauth_controller --> response_type_required +1m
idm:oauth_controller --> load_application +0ms
Executing (default): SELECT id, name, description, image, response_type, redirect_uri FROM oauth_client AS OauthClient WHERE OauthClient.id = '72f0fc79-1a89-4d9e-86f3-0a43f327ada7';
idm:oauth_controller --> load_user +485ms
Executing (default): SELECT id, username, description, website, image, gravatar, email, salt, password, date_password, enabled, admin, starters_tour_ended, eidas_id, extra, scope FROM user AS User WHERE User.id = 'aaaaaaaa-good-0000-0000-000000000000';
idm:oauth_controller --> enable_app +37ms
idm:oauth_controller --> oauth_authorize +0ms
oauth2-server: authorize-handler ======AuthorizeHandler: AuthzHandle====== +1ms
oauth2-server: authorize-handler ======AuthorizeHandler: getResponseType====== +0ms
oauth2-server: authorize-handler ======AuthorizeHandler: handleCodeResponseType====== +0ms
oauth2-server: authorize-handler ======AuthorizeHandler: getClie====== +0ms
idm:oauth2-model_oauth_server -------getClient------- +0ms
oauth2-server: authorize-handler ======AuthorizeHandler: getUser====== +1ms
Executing (default): SELECT id, redirect_uri, token_types, jwt_secret, scope, grant_type FROM oauth_client AS OauthClient WHERE OauthClient.id = '72f0fc79-1a89-4d9e-86f3-0a43f327ada7';
oauth2-server: authorize-handler ======AuthorizeHandler: getrediretUri====== +2ms
oauth2-server: authorize-handler ======AuthorizeHandler: getParameters====== +1ms
oauth2-server: authorize-handler ======AuthorizeHandler: GenAuthCodeLife====== +0ms
oauth2-server: authorize-handler ======AuthorizeHandler: getScope====== +0ms
oauth2-server: authorize-handler ======AuthorizeHandler: GenAuthzCOde====== +0ms
oauth2-server: authorize-handler ======AuthorizeHandler: getState====== +0ms
oauth2-server: authorize-handler ======AuthorizeHandler: saveAuthzCode====== +0ms
idm:oauth2-model_oauth_server -------saveAuthorizationCode------- +0ms
Executing (default): INSERT INTO oauth_authorization_code (authorization_code,expires,redirect_uri,scope,valid,oauth_client_id,user_id) VALUES ('636a7d36be9a18868477d4f05d5d62f86267dae7','2019-03-07 10:30:23','http://192.168.5.205/complete/fiware/',NULL,true,'72f0fc79-1a89-4d9e-86f3-0a43f327ada7','aaaaaaaa-good-0000-0000-000000000000');
oauth2-server: authorize-handler ======AuthorizeHandler: BuildSuccessRedirce====== +51ms
oauth2-server: code-response-type ======CodeResponseType: buildRedirectUri====== +0ms
oauth2-server: authorize-handler ======AuthorizeHandler: UpateResponse====== +1ms
POST /oauth2/enable_app?state=X4VG8PAUzVuLEEGL7Y7ADxGF82mcC8ps&redirect_uri=http://192.168.5.205/complete/fiware/&response_type=code&client_id=72f0fc79-1a89-4d9e-86f3-0a43f327ada7 302 620.478 ms - 296
but unfortunately wirecloud side this results in an error:
AuthStateMissing at /complete/fiware/
Session value state missing.
with latest method:
/usr/local/lib/python2.7/dist-packages/social_core/backends/oauth.py in validate_state
raise AuthStateMissing(self, 'state')
and local vars:
| Variable | Value |
|---|---|
| request_state | u'X4VG8PAUzVuLEEGL7Y7ADxGF82mcC8ps' |
| self | <wirecloud.fiware.social_auth_backend.FIWAREOAuth2 object at 0x7f58c4b3ba10> |
| state | None |
Any idea?
Thanks in advance
Hello, any help? Sorry to bother but this is becoming a real showstopper.
Thanks
Hi @francucchi
Many thanks, there was a little bug when prompting the authorization message. We have already fixed.
Regarding de state error. Could you check if Keyrock is sending the state to Wirecloud once the authentication process has finished? This state should be the same as the one sent to /oauth2/authorize endpoint (in a query string) of Keyrock when a user is redirected to perform the authentication with Keyrock.
Hello, I've repeated the test and here are below the debug logs from Keyrock:
[sass] skip: /oauth2/authorize nothing to do
idm:oauth_controller --> response_type_required +5m
idm:oauth_controller --> load_application +1ms
Executing (default): SELECT id, name, description, image, response_type, redirect_uri FROM oauth_client AS OauthClient WHERE OauthClient.id = '80bd6107-70e5-40e5-8e81-a3c1c7ea064b';
idm:oauth_controller --> check_user +306ms
idm:oauth_controller --> check_user_authorized_application +0ms
idm:oauth_controller --> search_user_authorized_application +1ms
Executing (default): SELECT User_Authorized_Application.id, User_Authorized_Application.user_id, User_Authorized_Application.oauth_client_id, User.id AS User.id, User.username AS User.username, User.gravatar AS User.gravatar, User.image AS User.image, User.email AS User.email FROM user_authorized_application AS User_Authorized_Application LEFT OUTER JOIN user AS User ON User_Authorized_Application.user_id = User.id WHERE User_Authorized_Application.user_id = 'aaaaaaaa-good-0000-0000-000000000000' AND User_Authorized_Application.oauth_client_id = '80bd6107-70e5-40e5-8e81-a3c1c7ea064b' LIMIT 1;
idm:oauth_controller --> oauth_authorize +169ms
oauth2-server: authorize-handler ======AuthorizeHandler: AuthzHandle====== +1ms
oauth2-server: authorize-handler ======AuthorizeHandler: getResponseType====== +0ms
oauth2-server: authorize-handler ======AuthorizeHandler: handleCodeResponseType====== +5ms
oauth2-server: authorize-handler ======AuthorizeHandler: getClie====== +0ms
idm:oauth2-model_oauth_server -------getClient------- +0ms
oauth2-server: authorize-handler ======AuthorizeHandler: getUser====== +1ms
Executing (default): SELECT id, redirect_uri, token_types, jwt_secret, scope, grant_type FROM oauth_client AS OauthClient WHERE OauthClient.id = '80bd6107-70e5-40e5-8e81-a3c1c7ea064b';
oauth2-server: authorize-handler ======AuthorizeHandler: getrediretUri====== +3ms
oauth2-server: authorize-handler ======AuthorizeHandler: getParameters====== +0ms
oauth2-server: authorize-handler ======AuthorizeHandler: GenAuthCodeLife====== +0ms
oauth2-server: authorize-handler ======AuthorizeHandler: getScope====== +0ms
oauth2-server: authorize-handler ======AuthorizeHandler: GenAuthzCOde====== +0ms
oauth2-server: authorize-handler ======AuthorizeHandler: getState====== +1ms
oauth2-server: authorize-handler ======AuthorizeHandler: saveAuthzCode====== +0ms
idm:oauth2-model_oauth_server -------saveAuthorizationCode------- +0ms
Executing (default): INSERT INTO oauth_authorization_code (authorization_code,expires,redirect_uri,scope,valid,oauth_client_id,user_id) VALUES ('94f27f74961526e565f0aa33404a67315ad470fb','2019-03-21 12:04:57','http://192.168.5.205/complete/fiware/',NULL,true,'80bd6107-70e5-40e5-8e81-a3c1c7ea064b','aaaaaaaa-good-0000-0000-000000000000');
oauth2-server: authorize-handler ======AuthorizeHandler: BuildSuccessRedirce====== +31ms
oauth2-server: code-response-type ======CodeResponseType: buildRedirectUri====== +0ms
oauth2-server: authorize-handler ======AuthorizeHandler: UpateResponse====== +1ms
GET /oauth2/authorize?client_id=80bd6107-70e5-40e5-8e81-a3c1c7ea064b&redirect_uri=http://192.168.5.205/complete/fiware/&state=PdlkQiNYEE7BXw4z9wu3hJA1OJIwXyff&response_type=code 302 605.888 ms - 296
GET /version 200 11.926 ms - 261
and from wirecloud I see:
GET
| Variable | Value |
|---|---|
| code | '94f27f74961526e565f0aa33404a67315ad470fb' |
| state | 'PdlkQiNYEE7BXw4z9wu3hJA1OJIwXyff' |
/usr/local/lib/python3.6/site-packages/social_core/backends/oauth.py in validate_state
| request_state | 'PdlkQiNYEE7BXw4z9wu3hJA1OJIwXyff' |
|---|---|
| self | <wirecloud.fiware.social_auth_backend.FIWAREOAuth2 object at 0x7f223bea3ac8> |
| state | None |
Any idea?
Thanks