fiwarefiware-wilma

Error validating token. Proxy not authorized in keystone. Keystone authentication


I was trying to incorporate IDM (Docker) latest, and pep-proxy (git example running with node server).

When I started pep-proxy, everything was working as intended. I've got the following messages:

  1. INFO: Server - Starting PEP proxy in port 80. IdM authentication...

  2. Server - Success authenticating PEP proxy. Proxy Auth-token: d9badf48-16fa-423d-884c-a3e155578791

Now a problem happens. When I enter the wrong token I get this error.

ERROR: IDM-Client - Error validating token. 
Proxy not authorized in keystone. Keystone authentication ... 
ERROR: Server - Caught exception: 
SyntaxError: Unexpected token u in JSON at position 0

As far as I understand I am expecting some return like invalid token, etc.. instead I get this error in pep-proxy and my curl command show->(52) Empty reply from server.

My config.json of pep-proxy:

var config = {};

// Used only if https is disabled
config.pep_port = 80;

// Set this var to undefined if you don't want the server to listen on  HTTPS
config.https = {
  enabled: false,
  cert_file: 'cert/cert.crt',
  key_file: 'cert/key.key',
  port: 443
};

config.idm = {
  host: 'localhost',
  port: 3000,
  ssl: false
}

config.app = {
  host: 'www.google.es',
  port: '80',
  ssl: false // Use true if the app server listens in https
}

// Credentials obtained when registering PEP Proxy in app_id in Account Portal     
config.pep = {
  app_id: 'xxxxxx',
  username: 'xxxxxx',
  password: 'xxxxxx',
  trusted_apps : []
}

// in seconds
config.cache_time = 300;

// if enabled PEP checks permissions with AuthZForce GE. 
// only compatible with oauth2 tokens engine
//
// you can use custom policy checks by including programatic scripts 
// in policies folder. An script template is included there
config.azf = {
  enabled: true,
  protocol: 'http',
  host: 'localhost',
  port: 8080,
  custom_policy: undefined // use undefined to default policy checks (HTTP verb + path).
 };

 // list of paths that will not check authentication/authorization
 // example: ['/public/*', '/static/css/']
 config.public_paths = [];

 config.magic_key = 'undefined';

 module.exports = config;

IDM logs:

fiware-idm_1  | GET                                                
/user?access_token=7cb25729577c2e01dc337314dcd912ec981dc49b 401 4.445 ms -  116

fiware-idm_1  | Executing (default): SELECT email, 'user' as Source FROM  
user WHERE email='pep_proxy_edf60435-7de7-4875-85a9-cf68b8838b8c'
fiware-idm_1  |                  UNION ALL
fiware-idm_1  |                  SELECT id, 'pep_proxy' as Source FROM    
pep_proxy WHERE id='pep_proxy_edf60435-7de7-4875-85a9-cf68b8838b8c';
fiware-idm_1  | Executing (default): SELECT `id`, `password`,    
`oauth_client_id` FROM `pep_proxy` AS `PepProxy` WHERE `PepProxy`.`id` = 
'pep_proxy_edf60435-7de7-4875-85a9-cf68b8838b8c';
fiware-idm_1  | Executing (default): INSERT INTO `auth_token` 
(`access_token`,`expires`,`valid`,`pep_proxy_id`) VALUES ('a0d54a6f- 
8461-4000-bb80-5fb60193bcb4','2018-05-04 
11:45:21',true,'pep_proxy_edf60435-7de7-4875-85a9-cf68b8838b8c');
fiware-idm_1  | POST /v3/auth/tokens 201 13.733 ms - 74

Solution

  • The error "SyntaxError: Unexpected token u in JSON at position 0", as stated here, is probably due to some place at the code where JSON.parse is called with an undefined parameter. You are getting this message because the error was not properly treated and the exception is being thrown (exception not treated).

    In the Wilma PEP Proxy github, we can see the latest changes at the code and we can guess/infer where this error comes from.

    I think you can open an issue at github.