Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Récupération du Token via l'api Login #1013

Open
PaulinDeuxTrois opened this issue Dec 10, 2024 · 8 comments
Open

Récupération du Token via l'api Login #1013

PaulinDeuxTrois opened this issue Dec 10, 2024 · 8 comments
Assignees
@dbarzin
Labels
question Further information is requested

Comments

@PaulinDeuxTrois
Copy link

Bonjour,
J'ai utilisé votre documentation API pour mettre en place un script mais le login (identique à celui de l'exemple) ne fonctionne pas.
J'utilise le docker-compose pour deployer l'application et mon script est en python.

Logs conteneur mercator :
127.0.0.1 - 10/Dec/2024:16:46:43 +0000 "POST /index.php" 500
Logs conteneur reverse-proxy
192.168.4.1 - - [10/Dec/2024:16:46:43 +0000] "POST /api/login HTTP/1.1" 500 14480 "-" "python-requests/2.31.0" "-"

script :

import requests

#Configuration des en-têtes HTTP
vheaders = {
    'accept': 'application/json',
    'content-type': 'application/x-www-form-urlencoded',
    'cache-control': 'no-cache',
}

#Connexion à l'API
print("Login")
response = requests.post(
    "https:/url/api/login",
    headers=vheaders,
    data={'email': 'admin@admin.com', 'password': 'password'}
)
@dbarzin
Copy link
Owner

dbarzin commented Dec 10, 2024

Avez-vous configuré Passport comme indiqué dans la documentation : https://github.com/dbarzin/mercator/blob/master/INSTALL.RedHat.fr.md#configurer-passport ?

Pouvez-vous me donner l'erreur qui se trouve dans les logs dans /var/www/mercator/stograge/logs/laravel.log ?

@dbarzin dbarzin self-assigned this Dec 10, 2024
@PaulinDeuxTrois
Copy link
Author

PaulinDeuxTrois commented Dec 11, 2024
edited
Loading

Je ne l'avais pas fait car c'est indiqué comme natif pour l'environnement Docker dans la documentation de l'api.
J'ai configuré Passport et j'ai rajouté mes deux clés créés dans un volume du dockerfile :
- ./PV/oauth:/var/www/mercator/storage/oauth

Voici mes logs laravel :
[2024-12-11 10:26:54] production.ERROR: Invalid key supplied {"userId":1,"exception":"[object] (LogicException(code: 0): Invalid key supplied at /var/www/mercator/vendor/league/oauth2-server/src/CryptKey.php:67) [stacktrace] #0 /var/www/mercator/vendor/laravel/passport/src/PassportServiceProvider.php(325): League\\OAuth2\\Server\\CryptKey->__construct('file:///var/www...', NULL, false) #1 /var/www/mercator/vendor/laravel/passport/src/PassportServiceProvider.php(264): Laravel\\Passport\\PassportServiceProvider->makeCryptKey('private') #2 /var/www/mercator/vendor/laravel/passport/src/PassportServiceProvider.php(152): Laravel\\Passport\\PassportServiceProvider->makeAuthorizationServer() #3 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Container/Container.php(933): Laravel\\Passport\\PassportServiceProvider->Laravel\\Passport\\{closure}(Object(Illuminate\\Foundation\\Application), Array) #4 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Container/Container.php(815): Illuminate\\Container\\Container->build(Object(Closure)) #5 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Foundation/Application.php(1048): Illuminate\\Container\\Container->resolve('League\\\\OAuth2\\\\S...', Array, true) #6 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Container/Container.php(751): Illuminate\\Foundation\\Application->resolve('League\\\\OAuth2\\\\S...', Array) #7 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Foundation/Application.php(1030): Illuminate\\Container\\Container->make('League\\\\OAuth2\\\\S...', Array) #8 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Container/Container.php(1114): Illuminate\\Foundation\\Application->make('League\\\\OAuth2\\\\S...') #9 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Container/Container.php(1024): Illuminate\\Container\\Container->resolveClass(Object(ReflectionParameter)) #10 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Container/Container.php(975): Illuminate\\Container\\Container->resolveDependencies(Array) #11 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Container/Container.php(815): Illuminate\\Container\\Container->build('Laravel\\\\Passpor...') #12 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Foundation/Application.php(1048): Illuminate\\Container\\Container->resolve('Laravel\\\\Passpor...', Array, true) #13 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Container/Container.php(751): Illuminate\\Foundation\\Application->resolve('Laravel\\\\Passpor...', Array) #14 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Foundation/Application.php(1030): Illuminate\\Container\\Container->make('Laravel\\\\Passpor...', Array) #15 /var/www/mercator/vendor/laravel/passport/src/HasApiTokens.php(66): Illuminate\\Foundation\\Application->make('Laravel\\\\Passpor...') #16 /var/www/mercator/app/Http/Controllers/API/AuthController.php(37): App\\User->createToken('admin@admin.com...') #17 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Routing/Controller.php(54): App\\Http\\Controllers\\API\\AuthController->login(Object(Illuminate\\Http\\Request)) #18 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php(43): Illuminate\\Routing\\Controller->callAction('login', Array) #19 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Routing/Route.php(264): Illuminate\\Routing\\ControllerDispatcher->dispatch(Object(Illuminate\\Routing\\Route), Object(App\\Http\\Controllers\\API\\AuthController), 'login') #20 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Routing/Route.php(210): Illuminate\\Routing\\Route->runController() #21 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Routing/Router.php(808): Illuminate\\Routing\\Route->run() #22 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(144): Illuminate\\Routing\\Router->Illuminate\\Routing\\{closure}(Object(Illuminate\\Http\\Request)) #23 /var/www/mercator/app/Http/Middleware/AuthGates.php(32): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request)) #24 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): App\\Http\\Middleware\\AuthGates->handle(Object(Illuminate\\Http\\Request), Object(Closure)) #25 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Routing/Middleware/SubstituteBindings.php(51): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request)) #26 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Illuminate\\Routing\\Middleware\\SubstituteBindings->handle(Object(Illuminate\\Http\\Request), Object(Closure)) #27 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Routing/Middleware/ThrottleRequests.php(161): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request)) #28 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Routing/Middleware/ThrottleRequests.php(92): Illuminate\\Routing\\Middleware\\ThrottleRequests->handleRequest(Object(Illuminate\\Http\\Request), Object(Closure), Array) #29 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Illuminate\\Routing\\Middleware\\ThrottleRequests->handle(Object(Illuminate\\Http\\Request), Object(Closure), '60', '1') #30 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(119): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request)) #31 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Routing/Router.php(807): Illuminate\\Pipeline\\Pipeline->then(Object(Closure)) #32 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Routing/Router.php(786): Illuminate\\Routing\\Router->runRouteWithinStack(Object(Illuminate\\Routing\\Route), Object(Illuminate\\Http\\Request)) #33 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Routing/Router.php(750): Illuminate\\Routing\\Router->runRoute(Object(Illuminate\\Http\\Request), Object(Illuminate\\Routing\\Route)) #34 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Routing/Router.php(739): Illuminate\\Routing\\Router->dispatchToRoute(Object(Illuminate\\Http\\Request)) #35 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(201): Illuminate\\Routing\\Router->dispatch(Object(Illuminate\\Http\\Request)) #36 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(144): Illuminate\\Foundation\\Http\\Kernel->Illuminate\\Foundation\\Http\\{closure}(Object(Illuminate\\Http\\Request)) #37 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request)) #38 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ConvertEmptyStringsToNull.php(31): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle(Object(Illuminate\\Http\\Request), Object(Closure)) #39 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Illuminate\\Foundation\\Http\\Middleware\\ConvertEmptyStringsToNull->handle(Object(Illuminate\\Http\\Request), Object(Closure)) #40 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request)) #41 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TrimStrings.php(51): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle(Object(Illuminate\\Http\\Request), Object(Closure)) #42 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Illuminate\\Foundation\\Http\\Middleware\\TrimStrings->handle(Object(Illuminate\\Http\\Request), Object(Closure)) #43 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Http/Middleware/ValidatePostSize.php(27): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request)) #44 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Illuminate\\Http\\Middleware\\ValidatePostSize->handle(Object(Illuminate\\Http\\Request), Object(Closure)) #45 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/PreventRequestsDuringMaintenance.php(110): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request)) #46 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(183): Illuminate\\Foundation\\Http\\Middleware\\PreventRequestsDuringMaintenance->handle(Object(Illuminate\\Http\\Request), Object(Closure)) #47 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(119): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}(Object(Illuminate\\Http\\Request)) #48 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(176): Illuminate\\Pipeline\\Pipeline->then(Object(Closure)) #49 /var/www/mercator/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(145): Illuminate\\Foundation\\Http\\Kernel->sendRequestThroughRouter(Object(Illuminate\\Http\\Request)) #50 /var/www/mercator/public/index.php(54): Illuminate\\Foundation\\Http\\Kernel->handle(Object(Illuminate\\Http\\Request)) #51 {main} "}

Est-ce la génération des clés doit être faite directement sur le conteneur? Les indications de la doc sont assez floues pour une utilisation avec un conteneur docker :

image

@dbarzin
Copy link
Owner

dbarzin commented Dec 11, 2024

Je viens de tester sur ma VM, le script Python fonctionne. Je vais maintenant essayer de reproduire le problème dans Docker.

@dbarzin
Copy link
Owner

dbarzin commented Dec 12, 2024

Peux-tu essayer ceci :

php artisan passport:keys --force
php artisan key:generate
sudo chmod -R 0777 ./storage

@PaulinDeuxTrois
Copy link
Author

PaulinDeuxTrois commented Dec 16, 2024
edited
Loading

Bonjour, excusez-moi j'étais pas mal pris par autre chose et je n'ai pas eu le temps d'y revenir avant aujourd'hui.
J'ai supprimé mes clés oauth des volumes pour les générer dans le container comme vous m'avez indiqué et cela me renvoi une nouvelle erreur :

python3 testlogin.py Login Login failed with status code 500 { "message": "Personal access client not found. Please create one.", "exception": "RuntimeException", "file": "/var/www/mercator/vendor/laravel/passport/src/ClientRepository.php", "line": 122,

J'ai repéré cette ligne dans la doc :
To access the APIs, you must identify yourself as a Mercator application user. This user must have a role in Mercator that allows him/her to access/modify the objects objects accessed via the API. When authentication is successful, the API sends an "access_token", which must be passed in the "Authorization" header. header of the API request.
Est-ce que le compte admin par défaut (que j'utilise pour tester) a les droits nécessaires?

@dbarzin
Copy link
Owner

dbarzin commented Dec 16, 2024
edited
Loading

Il n'y a pas de droits API dans Mercator, si l'utilisateur peut accéder aux objets via l'interface web, il peut y accéder via l'API. Autrement, une erreur 401 est renvoyée.

@PaulinDeuxTrois
Copy link
Author

Je viens de vérifier et mon compte est bien créé et utilisable via l'interface web.
De plus, en remplaçant l'URL du script python fourni URL/api/login par URL/login, je me retrouve avec cette fois ci une erreur 419 lors du login (mauvais CSRF token).
Est-ce que cette erreur vous parle plus? Peut-être le lien était erroné ?

@dbarzin
Copy link
Owner

dbarzin commented Dec 17, 2024

Lors de l'identification via l'interface web, il faut passer un token qui a été fourni dans le formulaire de la page web.
Cela permet d'éviter les attaques avec un script via sur l'interface web.

@dbarzin dbarzin added the question Further information is requested label Jan 18, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dbarzin dbarzin

Labels
question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dbarzin @PaulinDeuxTrois