尝试使用 wso2 登录 dockerized 应用程序时出现“提供的授权授予无效"错误 [英] 'Provided Authorization Grant is invalid' error while trying to login a dockerized application using wso2

问题描述

我已经将我们一直使用 WSO2 作为 API 管理器的 Angular 应用程序 docker 化.完成配置后，我能够成功运行应用程序并能够访问所有现有的 api.当我尝试使用 oath2/token api 执行我们客户的登录操作时，唯一的问题出现了.即使使用相同的代码更早地执行身份验证(在 dockerization 之前)没有任何问题，但现在我收到错误，因为

I have dockerized our Angular application which have been using WSO2 as API manager . After doing the configurations, i was able to run the application successfully and able to hit all existing api's. The only issue arises when i tried to use oath2/token api for performing login operation of our customer . Even though, the same code was used to perform authentication earlier(before dockerization) without any issues,now i am getting error as

{
  "error": "invalid_grant",
  "error_description": "Provided Authorization Grant is invalid"
}

用于登录的令牌生成 api:

Token generation api for login :

https://<myapplicationurl>:9443/oauth2/token

尝试使用用户名devtest7@mailinator.com"登录时进入 docker 控制台时出错:

Errors am getting in docker console while trying to login using username 'devtest7@mailinator.com' :

注意事项:

• WSO2 AM 版本是 2.1.0 ，WSO2 IS 版本是 5.3.0
• 请求的Arguments(headers & parameters) 与那个相同之前使用过(用户名和密码除外).
• 我能够创建一个新用户，并列出了相应的用户在 Carbondb 用户列表中.
• 尝试使用现有用户登录时存在问题新创建的用户.
• 我最近为该应用程序生成了新的 ssl 证书.
• 只能使用超级管理员登录.使用新创建的电子邮件和用户名登录无效.

• WSO2 AM version is 2.1.0 , WSO2 IS version is 5.3.0
• Arguments(headers & parameters) for the request is the same as that used earlier(except the username and password).
• I am able to create a new users and the corresponding user is listed in Carbondb users list.
• The issue exists while trying to login using existing user as well as newly created users.
• I have recently generated new ssl certificate for the application.
• Able to login using super admin only . Login using newly created email and username is not working.

我尝试了在 stackoverflow 上看到的解决方案，但没有解决我的问题.有谁能帮忙吗?

I tried solutions seen on stackoverflow which doesn't fixed my issues. Can any one please help?

推荐答案

感谢所有评论并试图找出我提到的问题的解决方案的人.我得到了这个问题的解决方案.当我多次尝试通过在配置中进行排列和组合登录时，身份验证对我来说被阻止了.作为一个原因，我无法登录并生成访问令牌.我能够通过更改 identity.xml 文件中 IS 中的标志来解决它.将 UserOperationEventListener 启用从 'true' 更改为 'false' .

Thanks for everyone who commented and tried to figure out the solution for the issue i mentioned. I got the resolution for the issue . As i tried multiple times to login by doing permutations and combinations in configurations, authentication was blocked for me. As a reason, i couldn't login and generate access token . I was able to resolve it by changing a flag in identity.xml file inside IS . Changed the UserOperationEventListener enabling from 'true' to 'false' .

之前:

<EventListener enable="true" name="org.wso2.carbon.identity.governance.listener.IdentityMgtEventListener" orderId="95" type="org.wso2.carbon.user.core.listener.UserOperationEventListener"/>

之后:

<EventListener enable="false" name="org.wso2.carbon.identity.governance.listener.IdentityMgtEventListener" orderId="95" type="org.wso2.carbon.user.core.listener.UserOperationEventListener"/>

此更改允许我阻止无效的身份验证检查.无论如何，我们正在从我们的代码方面添加该检查.

This change allowed me to block the invalid authentication check. We are anyway adding that check from our code side.

这篇关于尝试使用 wso2 登录 dockerized 应用程序时出现“提供的授权授予无效"错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！