-
Notifications
You must be signed in to change notification settings - Fork 189
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
User endpoint returns 401 #1825
Comments
@refs when we log in using the CS3 backend, the roles are empty. ocis/proxy/pkg/user/backend/cs3.go Lines 54 to 61 in f6ad814
And the ocis/ocs/pkg/service/v0/service.go Lines 86 to 89 in f6ad814
So this fails here ocis/ocs/pkg/middleware/requireselforadmin.go Lines 31 to 36 in f6ad814
Interestingly, it used to work before #1762 even though the roles list was still empty. Can you please take a look at what changed? |
Apparently, previously the |
prior to #1762? I see last changes to ocs/service.go file were on 26.10.2020 🤔. Need deeper investigation I'd say. |
This is currently blocking the update to the latest version for CERN |
@ishank011 I started digging into this. Setup a local deployment following this guide, with the only addition being
to the |
Hi @refs. Thanks for looking into it! The problem arises when the reva we're not able to get a list of roles for the user. Can you log And sure, please let me know when you're free so we can have a call. |
correction to my own comment! that config didn't make it into the container, instead I modified the |
with the error being: {"level":"error","service":"proxy","error":"could not get user by claim mail with value admin@example.org : %!w(<nil>) ","time":"2021-04-08T09:28:26.2783404Z","message":"Could not get user by claim"} |
If you're using the json driver for the userprovider service in reva, you can add the admin user to the file. |
Since #1762, tokens are not set in the context.
Using cs3 backend with a keycloak IDP. After redirection from the IDP,
GetUserByClaim
returns correctly, but when the endpoint/ocs/v1.php/cloud/user
is called, it returns a 401. The corresponding logs:cc @refs @butonic
The text was updated successfully, but these errors were encountered: