kong / kong-oauth2-hello-world Goto Github PK
View Code? Open in Web Editor NEWThis is a simple node.js + express.js application that shows an authorization page for the OAuth 2.0 plugin on Kong.
License: Apache License 2.0
This is a simple node.js + express.js application that shows an authorization page for the OAuth 2.0 plugin on Kong.
License: Apache License 2.0
Considering only one provision_key is exported, can the app multiple consumers?
Wrong scopes after run the curl script:
curl -X POST
--url http://127.0.0.1:8001/services/mock-service/plugins/
--data "name=oauth2"
--data "config.scopes=email, phone, address"
--data "config.mandatory_scope=true"
--data "config.enable_authorization_code=true"
Following is the output:
{"created_at":1545989589,"config":{"refresh_token_ttl":1209600,"enable_client_credentials":false,"mandatory_scope":true,"provision_key":"TcHMQJvT7Iyk2tPlFYuqbJkUlHEYVW1a","accept_http_if_already_terminated":false,"hide_credentials":false,"enable_implicit_grant":false,"global_credentials":false,"enable_authorization_code":true,"enable_password_grant":false,"scopes":["email, phone, address"],"anonymous":null,"token_expiration":7200,"auth_header_name":"authorization"},"id":"a66aba0d-070c-4256-ae09-f2988b61ae9f","service":{"id":"9e6c0e17-70c8-4f9b-9604-7bbce191cb22"},"enabled":true,"run_on":"first","consumer":null,"route":null,"name":"oauth2"}
The correct "scopes" should be "scopes": [
"email",
"phone",
"address"
], not ["email, phone, address"].
It seems something wrong with the OAuth 2.0 plugins.
The version of kong is 1.0.0
Any plans to update this for Kong CE 0.14 to use /services
instead of /apis
? I've gotten this working myself and would be happy to submit a PR with the changes to the app.js code and README.md
I have followed the example step by step.
It work well until I click the "Authorize" button in browser, kong redirect my browser to http://getkong.org with code like in the example.
http://getkong.org/?code=e3YgIGs1TPJqKYAZJStcjaOCiqfumAfP
next step I will acquire access token with (note: I have changed client_id, client_secret and code to my configuration information)
curl https://127.0.0.1:8443/oauth2/token
-H "Host: test.com"
-d "grant_type=authorization_code"
-d "client_id=li4Th0DMMe28cgTQ1jSP6hsLvQMTiSbf"
-d "client_secret=LSVbkvq9943LbVW1NBANCbtgOEGJ3cNV"
-d "redirect_uri=http://getkong.org/"
-d "code=e3YgIGs1TPJqKYAZJStcjaOCiqfumAfP" --insecure
I expect kong should response access token in json format but I got
{"error_description":"Invalid code","error":"invalid_request"}
I have tried to remove -H "Host: test.com" and I got
curl https://127.0.0.1:8443/oauth2/token
-d "grant_type=authorization_code"
-d "client_id=li4Th0DMMe28cgTQ1jSP6hsLvQMTiSbf"
-d "client_secret=LSVbkvq9943LbVW1NBANCbtgOEGJ3cNV"
-d "redirect_uri=http://getkong.org/"
-d "code=e3YgIGs1TPJqKYAZJStcjaOCiqfumAfP" --insecure
{"message":"no API found with those values"}
I stuck at this point for 2-3 days. I don't know how to fix it.
Please note that I have successfully configured basic authentication and key authentication but oAuth2 plug-in.
Hey there !
I'm just wondering why when we create an oauth2 application we should specify an array of redirect uri (via the property redirect_uris
) and once we claim for a code (via https://kong_host/oauth2/authorize/
) we got in response only the first uri of the saved redirect_uris
{
"redirect_uri": "http://my.first.redirect.uri?code=m3kUaBX3KyYslmrXMtvQV99RroarT79u"
}
So why should we pass an array if only one of them is returned ?
If anybody has an answer I would appreciate a lot !
Cheers
I cannot get this tutorial to work. Running through the steps after installing Kong from kong-free-trials-enterprise-edition-0.34-1.tar.gz, I get
Invalid client_id
from the browser after following the steps
FOO=<my kong server fqdn>
...
$ curl -X POST \
> --url "http://$FOO:8001/services/mock-service/routes" \
> --data 'hosts[]=mockbin.org' \
> --data 'paths[]=/mock'
{"created_at":1551992655,"strip_path":true,"hosts":["mockbin.org"],"preserve_host":false,"regex_priority":0,"updated_at":1551992655,"paths":["\/mock"],"service":{"id":"77e96dbb-2783-46c7-997b-12290d0ccbfa"},"methods":null,"protocols":["http","https"],"id":"ad1ff79e-f223-483f-bebc-f80959013d63"}
$ curl -X POST \
> --url "http://$FOO:8001/consumers/thefosk/oauth2/" \
> --data "name=Hello World App" \
> --data "redirect_uri=http://konghq.com/"
{"client_id":"sOSepVNXCwad89DKFN2fCtEHnUZIy8EX","created_at":1551992762000,"id":"bdd3ee02-9288-42b3-92ac-aad3ac42f67a","redirect_uri":["http:\/\/konghq.com\/"],"name":"Hello World App","client_secret":"KuS9eoDudoEFl3EHQ4uLsETr5MdltKAj","consumer_id":"84a57f2e-645d-4022-b2f3-19a156681b22"}
$ export LISTEN_PORT=3002
$ node app.js
PROVISION_KEY is zQSEvAeah4xDcarDDP7W7rqUNoAAR39M
SERVICE_HOST is mockbin.org
KONG_ADMIN is http//kong.eng.splunkdev.com:8001
KONG_API is https://kong.eng.splunkdev.com:8443
API_PATH is /mock
SCOPES is { "email": "Grant permissions to read your email address", "address": "Grant permissions to read your address information", "phone": "Grant permissions to read your mobile phone number" }
Running at Port 3002
and copying the client_id from that last curl command into the browser bar thus:
assuming that user has authorized the app and now app sends a request to the API endpoint alongwith access token
how does the node.js app now verify the access token is valid?
I run my kong on docker.
After following instructions on https://github.com/Mashape/kong-oauth2-hello-world
I still get {"message":"no API found with those values"} .
The logs in /usr/local/kong/logs don't give much information either.
Could you please advise ?
I keep getting the following error:
{
"error_description": "You must use HTTPS",
"error":"access_denied"
}
Is there any way to disable SSL for testing in development?
undefined:1
^
SyntaxError: Unexpected token <
at Object.parse (native)
at Request._callback (/home/azureuser/kong-oauth2-hello-world/app.js:87:19)
at Request.self.callback (/home/azureuser/kong-oauth2-hello-world/node_modules/request/request.js:197:22)
at emitTwo (events.js:87:13)
at Request.emit (events.js:172:7)
at Request. (/home/azureuser/kong-oauth2-hello-world/node_modules/request/request.js:1050:14)
at emitOne (events.js:82:20)
at Request.emit (events.js:169:7)
at IncomingMessage. (/home/azureuser/kong-oauth2-hello-world/node_modules/request/request.js:996:12)
at emitNone (events.js:72:20)
thanks for the great tutorial.
I have one question.
I run your code and saw finally tokens is generated.
how does this token is generated? Does this plugin use a special service (Auth2 provider) to generate tokens?
I've gone through the example using apis
(and it works), but I can't get it to work with routes
. For example, I have a service with a /foo
route. The resulting authorize endpoint is then /foo/oauth2/authorize
and I get a "no route and no API found with those values" message. I'm guessing I'm using the wrong route because the service works fine when not using the oauth plugin.
This example uses scope with oauth2 can I use claims?
Hello, I was wondering under which license you released this code?
Thank you in advance
Hi there,
i have tried to implement oauth2 using this repo.
Everything went well till run node application with below command
node app.js
But when we hit browser below command
http://127.0.0.1:3000/authorize?response_type=code&scope=email%20address&client_id=wHsY4YI6K7gn2bYhsgPv4HB8Sw9bZ0JV
(client_id=wHsY4YI6K7gn2bYhsgPv4HB8Sw9bZ0JV : generated while creating client application)
we get this error: TypeError: Cannot read property 'length' of undefined
i have even tried this url in browser as well
gettting same error.
Check below stack-trace
osboxes@osboxes:~/kong-oauth2-hello-world$ node app.js
PROVISION_KEY is xE4QYq1PiW6L5645Y9u52xiP5Qu3jLUR
SERVICE_HOST is mockbin.org
KONG_ADMIN is http://127.0.0.1:8001
KONG_API is https://127.0.0.1:8443
API_PATH is /mock
SCOPES is { "email": "Grant permissions to read your email address", "address": "Grant permissions to read your address information", "phone": "Grant permissions to read your mobile phone number" }
Running at Port 3000
/home/osboxes/kong-oauth2-hello-world/app.js:70
if (json_response.data.length == 1) {
^
TypeError: Cannot read property 'length' of undefined
at Request._callback (/home/osboxes/kong-oauth2-hello-world/app.js:70:30)
at Request.self.callback (/home/osboxes/kong-oauth2-hello-world/node_modules/request/request.js:197:22)
at emitTwo (events.js:126:13)
at Request.emit (events.js:214:7)
at Request.<anonymous> (/home/osboxes/kong-oauth2-hello-world/node_modules/request/request.js:1050:14)
at emitOne (events.js:121:20)
at Request.emit (events.js:211:7)
at IncomingMessage.<anonymous> (/home/osboxes/kong-oauth2-hello-world/node_modules/request/request.js:996:12)
at emitNone (events.js:111:20)
at IncomingMessage.emit (events.js:208:7)
How to resolve this error
Thanks & regards
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.