kong / kong-oauth2-hello-world Goto Github PK

Considering only one provision_key is exported, can the app multiple consumers?

Wrong scopes after run the curl script:
curl -X POST
--url http://127.0.0.1:8001/services/mock-service/plugins/
--data "name=oauth2"
--data "config.scopes=email, phone, address"
--data "config.mandatory_scope=true"
--data "config.enable_authorization_code=true"

Following is the output:
{"created_at":1545989589,"config":{"refresh_token_ttl":1209600,"enable_client_credentials":false,"mandatory_scope":true,"provision_key":"TcHMQJvT7Iyk2tPlFYuqbJkUlHEYVW1a","accept_http_if_already_terminated":false,"hide_credentials":false,"enable_implicit_grant":false,"global_credentials":false,"enable_authorization_code":true,"enable_password_grant":false,"scopes":["email, phone, address"],"anonymous":null,"token_expiration":7200,"auth_header_name":"authorization"},"id":"a66aba0d-070c-4256-ae09-f2988b61ae9f","service":{"id":"9e6c0e17-70c8-4f9b-9604-7bbce191cb22"},"enabled":true,"run_on":"first","consumer":null,"route":null,"name":"oauth2"}

The correct "scopes" should be "scopes": [
"email",
"phone",
"address"
], not ["email, phone, address"].

It seems something wrong with the OAuth 2.0 plugins.
The version of kong is 1.0.0

Any plans to update this for Kong CE 0.14 to use /services instead of /apis? I've gotten this working myself and would be happy to submit a PR with the changes to the app.js code and README.md

I have followed the example step by step.

It work well until I click the "Authorize" button in browser, kong redirect my browser to http://getkong.org with code like in the example.

http://getkong.org/?code=e3YgIGs1TPJqKYAZJStcjaOCiqfumAfP

next step I will acquire access token with (note: I have changed client_id, client_secret and code to my configuration information)

curl https://127.0.0.1:8443/oauth2/token
-H "Host: test.com"
-d "grant_type=authorization_code"
-d "client_id=li4Th0DMMe28cgTQ1jSP6hsLvQMTiSbf"
-d "client_secret=LSVbkvq9943LbVW1NBANCbtgOEGJ3cNV"
-d "redirect_uri=http://getkong.org/"
-d "code=e3YgIGs1TPJqKYAZJStcjaOCiqfumAfP" --insecure

I expect kong should response access token in json format but I got
{"error_description":"Invalid code","error":"invalid_request"}

I have tried to remove -H "Host: test.com" and I got
curl https://127.0.0.1:8443/oauth2/token
-d "grant_type=authorization_code"
-d "client_id=li4Th0DMMe28cgTQ1jSP6hsLvQMTiSbf"
-d "client_secret=LSVbkvq9943LbVW1NBANCbtgOEGJ3cNV"
-d "redirect_uri=http://getkong.org/"
-d "code=e3YgIGs1TPJqKYAZJStcjaOCiqfumAfP" --insecure
{"message":"no API found with those values"}

I stuck at this point for 2-3 days. I don't know how to fix it.

Please note that I have successfully configured basic authentication and key authentication but oAuth2 plug-in.

Hey there !

I'm just wondering why when we create an oauth2 application we should specify an array of redirect uri (via the property redirect_uris) and once we claim for a code (via https://kong_host/oauth2/authorize/) we got in response only the first uri of the saved redirect_uris

{
    "redirect_uri": "http://my.first.redirect.uri?code=m3kUaBX3KyYslmrXMtvQV99RroarT79u"
}

So why should we pass an array if only one of them is returned ?

If anybody has an answer I would appreciate a lot !

Cheers

I cannot get this tutorial to work. Running through the steps after installing Kong from kong-free-trials-enterprise-edition-0.34-1.tar.gz, I get

Invalid client_id

from the browser after following the steps

FOO=<my kong server fqdn>
 ...
$ curl -X POST \
>   --url "http://$FOO:8001/services/mock-service/routes" \
>   --data 'hosts[]=mockbin.org' \
>   --data 'paths[]=/mock'
{"created_at":1551992655,"strip_path":true,"hosts":["mockbin.org"],"preserve_host":false,"regex_priority":0,"updated_at":1551992655,"paths":["\/mock"],"service":{"id":"77e96dbb-2783-46c7-997b-12290d0ccbfa"},"methods":null,"protocols":["http","https"],"id":"ad1ff79e-f223-483f-bebc-f80959013d63"}
$ curl -X POST \
>   --url "http://$FOO:8001/consumers/thefosk/oauth2/" \
>   --data "name=Hello World App" \
>   --data "redirect_uri=http://konghq.com/"
{"client_id":"sOSepVNXCwad89DKFN2fCtEHnUZIy8EX","created_at":1551992762000,"id":"bdd3ee02-9288-42b3-92ac-aad3ac42f67a","redirect_uri":["http:\/\/konghq.com\/"],"name":"Hello World App","client_secret":"KuS9eoDudoEFl3EHQ4uLsETr5MdltKAj","consumer_id":"84a57f2e-645d-4022-b2f3-19a156681b22"}
$ export LISTEN_PORT=3002
$ node app.js
PROVISION_KEY is zQSEvAeah4xDcarDDP7W7rqUNoAAR39M
SERVICE_HOST is mockbin.org
KONG_ADMIN is http//kong.eng.splunkdev.com:8001
KONG_API is https://kong.eng.splunkdev.com:8443
API_PATH is /mock
SCOPES is {   "email": "Grant permissions to read your email address",   "address": "Grant permissions to read your address information",   "phone": "Grant permissions to read your mobile phone number" }
Running at Port 3002

and copying the client_id from that last curl command into the browser bar thus:

http://localhost:3002/authorize?response_type=code&scope=email%20address&client_id=sOSepVNXCwad89DKFN2fCtEHnUZIy8EX

assuming that user has authorized the app and now app sends a request to the API endpoint alongwith access token

how does the node.js app now verify the access token is valid?

I run my kong on docker.
After following instructions on https://github.com/Mashape/kong-oauth2-hello-world
I still get {"message":"no API found with those values"} .
The logs in /usr/local/kong/logs don't give much information either.
Could you please advise ?

I keep getting the following error:

{
  "error_description": "You must use HTTPS",
  "error":"access_denied"
}

Is there any way to disable SSL for testing in development?

undefined:1

^

SyntaxError: Unexpected token <
at Object.parse (native)
at Request._callback (/home/azureuser/kong-oauth2-hello-world/app.js:87:19)
at Request.self.callback (/home/azureuser/kong-oauth2-hello-world/node_modules/request/request.js:197:22)
at emitTwo (events.js:87:13)
at Request.emit (events.js:172:7)
at Request. (/home/azureuser/kong-oauth2-hello-world/node_modules/request/request.js:1050:14)
at emitOne (events.js:82:20)
at Request.emit (events.js:169:7)
at IncomingMessage. (/home/azureuser/kong-oauth2-hello-world/node_modules/request/request.js:996:12)
at emitNone (events.js:72:20)

thanks for the great tutorial.
I have one question.
I run your code and saw finally tokens is generated.
how does this token is generated? Does this plugin use a special service (Auth2 provider) to generate tokens?

I've gone through the example using apis (and it works), but I can't get it to work with routes. For example, I have a service with a /foo route. The resulting authorize endpoint is then /foo/oauth2/authorize and I get a "no route and no API found with those values" message. I'm guessing I'm using the wrong route because the service works fine when not using the oauth plugin.

This example uses scope with oauth2 can I use claims?

Hello, I was wondering under which license you released this code?

Thank you in advance

Hi there,

i have tried to implement oauth2 using this repo.

Everything went well till run node application with below command

node app.js

But when we hit browser below command
http://127.0.0.1:3000/authorize?response_type=code&scope=email%20address&client_id=wHsY4YI6K7gn2bYhsgPv4HB8Sw9bZ0JV
(client_id=wHsY4YI6K7gn2bYhsgPv4HB8Sw9bZ0JV : generated while creating client application)

we get this error: TypeError: Cannot read property 'length' of undefined

i have even tried this url in browser as well

http://127.0.0.1:3000/authorize?response_type=code&[email protected]&client_id=wHsY4YI6K7gn2bYhsgPv4HB8Sw9bZ0JV

gettting same error.

Check below stack-trace

osboxes@osboxes:~/kong-oauth2-hello-world$ node app.js 
PROVISION_KEY is xE4QYq1PiW6L5645Y9u52xiP5Qu3jLUR
SERVICE_HOST is mockbin.org
KONG_ADMIN is http://127.0.0.1:8001
KONG_API is https://127.0.0.1:8443
API_PATH is /mock
SCOPES is {   "email": "Grant permissions to read your email address",   "address": "Grant permissions to read your address information",   "phone": "Grant permissions to read your mobile phone number" }
Running at Port 3000
/home/osboxes/kong-oauth2-hello-world/app.js:70
      if (json_response.data.length == 1) {
                             ^

TypeError: Cannot read property 'length' of undefined
    at Request._callback (/home/osboxes/kong-oauth2-hello-world/app.js:70:30)
    at Request.self.callback (/home/osboxes/kong-oauth2-hello-world/node_modules/request/request.js:197:22)
    at emitTwo (events.js:126:13)
    at Request.emit (events.js:214:7)
    at Request.<anonymous> (/home/osboxes/kong-oauth2-hello-world/node_modules/request/request.js:1050:14)
    at emitOne (events.js:121:20)
    at Request.emit (events.js:211:7)
    at IncomingMessage.<anonymous> (/home/osboxes/kong-oauth2-hello-world/node_modules/request/request.js:996:12)
    at emitNone (events.js:111:20)
    at IncomingMessage.emit (events.js:208:7)

How to resolve this error

Thanks & regards