尝试使用wso2登录dockerized应用程序时出现“提供的授权授予无效”错误 [英] 'Provided Authorization Grant is invalid' error while trying to login a dockerized application using wso2

问题描述

我已经码头化了我们的Angular应用程序，该应用程序一直使用 WSO2 作为API管理器。完成配置后，我能够成功运行该应用程序，并能够访问所有现有的api。当我尝试使用 oath2 / token API来执行客户的登录操作时，会出现唯一的问题。即使使用相同的代码更早地（在dockerization之前）执行身份验证，也没有任何问题，现在我报错了

I have dockerized our Angular application which have been using WSO2 as API manager . After doing the configurations, i was able to run the application successfully and able to hit all existing api's. The only issue arises when i tried to use oath2/token api for performing login operation of our customer . Even though, the same code was used to perform authentication earlier(before dockerization) without any issues,now i am getting error as

{
  "error": "invalid_grant",
  "error_description": "Provided Authorization Grant is invalid"
}

用于登录的令牌生成api：

Token generation api for login :

https://<myapplicationurl>:9443/oauth2/token

在尝试使用用户名'devtest7 @登录时，docker控制台出现错误mailinator.com'：

Errors am getting in docker console while trying to login using username 'devtest7@mailinator.com' :

注意事项：

• WSO2 AM版本为 2.1.0 ，WSO2 IS版本为 5.3.0


• 请求的参数（标头和参数）与
  使用的e arlier（用户名和密码除外）。


• 我能够创建一个新用户，并且相应的用户在Carbondb用户列表中列在
  中。


• 尝试使用现有用户以及
  新创建的用户登录时存在问题。


• 我最近为该应用程序生成了新的ssl证书。


• 仅可以使用超级管理员登录。使用新创建的电子邮件和用户名登录无法正常工作。

• WSO2 AM version is 2.1.0 , WSO2 IS version is 5.3.0
• Arguments(headers & parameters) for the request is the same as that used earlier(except the username and password).
• I am able to create a new users and the corresponding user is listed in Carbondb users list.
• The issue exists while trying to login using existing user as well as newly created users.
• I have recently generated new ssl certificate for the application.
• Able to login using super admin only . Login using newly created email and username is not working.

我尝试了在stackoverflow上看到的解决方案，但不能解决我的问题。有人可以帮忙吗？

I tried solutions seen on stackoverflow which doesn't fixed my issues. Can any one please help?

推荐答案

感谢所有发表评论并试图找出我提到的问题的解决方案的人。我已经解决了这个问题。当我尝试通过在配置中进行排列和组合多次登录时，身份验证对我来说被阻止了。因此，我无法登录并生成访问令牌。我可以通过更改 IS 中的 identity.xml 文件中的标记来解决该问题。
将UserOperationEventListener启用从 true更改为 false。

Thanks for everyone who commented and tried to figure out the solution for the issue i mentioned. I got the resolution for the issue . As i tried multiple times to login by doing permutations and combinations in configurations, authentication was blocked for me. As a reason, i couldn't login and generate access token . I was able to resolve it by changing a flag in identity.xml file inside IS . Changed the UserOperationEventListener enabling from 'true' to 'false' .

之前：

<EventListener enable="true" name="org.wso2.carbon.identity.governance.listener.IdentityMgtEventListener" orderId="95" type="org.wso2.carbon.user.core.listener.UserOperationEventListener"/>

之后：

<EventListener enable="false" name="org.wso2.carbon.identity.governance.listener.IdentityMgtEventListener" orderId="95" type="org.wso2.carbon.user.core.listener.UserOperationEventListener"/>

此更改使我可以阻止无效的身份验证检查。无论如何，我们从代码方面添加了该支票。

This change allowed me to block the invalid authentication check. We are anyway adding that check from our code side.

这篇关于尝试使用wso2登录dockerized应用程序时出现“提供的授权授予无效”错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！