尝试使用wso2登录dockerized应用程序时出现“提供的授权授予无效”错误 [英] 'Provided Authorization Grant is invalid' error while trying to login a dockerized application using wso2
问题描述
我已经码头化了我们的Angular应用程序,该应用程序一直使用 WSO2 作为API管理器。完成配置后,我能够成功运行该应用程序,并能够访问所有现有的api。当我尝试使用 oath2 / token API来执行客户的登录操作时,会出现唯一的问题。即使使用相同的代码更早地(在dockerization之前)执行身份验证,也没有任何问题,现在我报错了
I have dockerized our Angular application which have been using WSO2 as API manager . After doing the configurations, i was able to run the application successfully and able to hit all existing api's. The only issue arises when i tried to use oath2/token api for performing login operation of our customer . Even though, the same code was used to perform authentication earlier(before dockerization) without any issues,now i am getting error as
{
"error": "invalid_grant",
"error_description": "Provided Authorization Grant is invalid"
}
用于登录的令牌生成api:
Token generation api for login :
https://<myapplicationurl>:9443/oauth2/token
在尝试使用用户名'devtest7 @登录时,docker控制台出现错误mailinator.com':
Errors am getting in docker console while trying to login using username 'devtest7@mailinator.com' :
注意事项:
- WSO2 AM版本为 2.1.0 ,WSO2 IS版本为 5.3.0
- 请求的参数(标头和参数)与
使用的e arlier(用户名和密码除外)。 - 我能够创建一个新用户,并且相应的用户在Carbondb用户列表中列在
中。 - 尝试使用现有用户以及
新创建的用户登录时存在问题。 - 我最近为该应用程序生成了新的ssl证书。
- 仅可以使用超级管理员登录。使用新创建的电子邮件和用户名登录无法正常工作。
- WSO2 AM version is 2.1.0 , WSO2 IS version is 5.3.0
- Arguments(headers & parameters) for the request is the same as that used earlier(except the username and password).
- I am able to create a new users and the corresponding user is listed in Carbondb users list.
- The issue exists while trying to login using existing user as well as newly created users.
- I have recently generated new ssl certificate for the application.
- Able to login using super admin only . Login using newly created email and username is not working.
我尝试了在stackoverflow上看到的解决方案,但不能解决我的问题。有人可以帮忙吗?
I tried solutions seen on stackoverflow which doesn't fixed my issues. Can any one please help?
推荐答案
感谢所有发表评论并试图找出我提到的问题的解决方案的人。我已经解决了这个问题。当我尝试通过在配置中进行排列和组合多次登录时,身份验证对我来说被阻止了。因此,我无法登录并生成访问令牌。我可以通过更改 IS 中的 identity.xml 文件中的标记来解决该问题。
将UserOperationEventListener启用从 true更改为 false。
Thanks for everyone who commented and tried to figure out the solution for the issue i mentioned. I got the resolution for the issue . As i tried multiple times to login by doing permutations and combinations in configurations, authentication was blocked for me. As a reason, i couldn't login and generate access token . I was able to resolve it by changing a flag in identity.xml file inside IS . Changed the UserOperationEventListener enabling from 'true' to 'false' .
之前:
<EventListener enable="true" name="org.wso2.carbon.identity.governance.listener.IdentityMgtEventListener" orderId="95" type="org.wso2.carbon.user.core.listener.UserOperationEventListener"/>
之后:
<EventListener enable="false" name="org.wso2.carbon.identity.governance.listener.IdentityMgtEventListener" orderId="95" type="org.wso2.carbon.user.core.listener.UserOperationEventListener"/>
此更改使我可以阻止无效的身份验证检查。无论如何,我们从代码方面添加了该支票。
This change allowed me to block the invalid authentication check. We are anyway adding that check from our code side.
这篇关于尝试使用wso2登录dockerized应用程序时出现“提供的授权授予无效”错误的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!