Hello!
I’m trying to configure an HTTP resolver but it seems to have an issue and is not working.
Here a PHP code to simulate an HTTP Endpoint for users: test1, test2 and test3:
<?php
if(isset($_GET['customerid'])) {
$customerid = $_GET['customerid'];
if($customerid === 'test1' || $customerid === 'test2' || $customerid === 'test3') {
$user = array(
'username' => $customerid,
'email' => $customerid . '@test.com'
);
$json = json_encode($user);
header('Content-Type: application/json');
echo $json;
}
else {
$exit = array(
'success' => false
);
$json = json_encode($exit);
header('Content-Type: application/json');
echo $json;
}
}
else {
$exit = array(
'success' => false,
'message' => "BAD"
);
$json = json_encode($exit);
header('Content-Type: application/json');
echo $json;
}
?>
Here the HTTP Resolver config:
Endpoint (URL):
http://192.168.1.123/users.php
Method:
GET
Request Mapping (JSON format):
{"customerid": "{userid}", "accessKey": "secr3t!"}
Headers (JSON format):
{"Content-Type": "application/json; charset=UTF-8"}
Response Mapping (JSON format):
{"username": "{username}", "email": "{email}"}
Special Error Handling
[ENABLED]
Response contains (JSON format):
{"success": false}
Using the “Test HTTP Resolver” button with test1 the reply is:
{
"email": "test1@test.com",
"username": "test1"
}
and with test4 the reply is:
failed: Received an error while searching for user: test4
Now, going to create a token (Token → Enroll Token)
-
While typing, looking at Endpoint server side (apache log), nothing happens and the response is always: “X No user found”
-
Creating a Token for user test1 it’s ok (and I can see “GET /users.php?customerid=test1&accessKey=secr3t%21” for 4 times in the apache log)
-
Creating a Token for user test4 privacyIDEA generate the token (even if the user is not present) but it is not shown (qrcode image).
This is the DEBUG
[2023-03-30 16:06:37,621][4078][139703774512704][DEBUG][privacyidea.lib.apps:132] we have got 115 characters left for the token label
[2023-03-30 16:06:37,621][4078][139703774512704][DEBUG][privacyidea.lib.resolver:181] Entering get_resolver_object with arguments ('business-http',) and keywords {}
[2023-03-30 16:06:37,621][4078][139703774512704][DEBUG][privacyidea.lib.resolver:181] Entering get_resolver_list with arguments () and keywords {'filter_resolver_name': 'business-http'}
[2023-03-30 16:06:37,621][4078][139703774512704][DEBUG][privacyidea.lib.resolver:196] Exiting get_resolver_list with result HIDDEN
[2023-03-30 16:06:37,622][4078][139703774512704][DEBUG][privacyidea.lib.resolver:194] Exiting get_resolver_object with result <HTTP_RESOLVER.HTTPResolver object at 0x7f0f3dfbc8e0>
[2023-03-30 16:06:37,664][4078][139703774512704][ERROR][privacyidea.lib.tokens.hotptoken:302] Traceback (most recent call last):
File "/opt/privacyidea/lib/python3.10/site-packages/privacyidea/lib/tokens/hotptoken.py", line 269, in get_init_detail
goo_url = cr_google(key=otpkey,
File "/opt/privacyidea/lib/python3.10/site-packages/privacyidea/lib/log.py", line 190, in log_wrapper
f_result = func(*args, **kwds)
File "/opt/privacyidea/lib/python3.10/site-packages/privacyidea/lib/apps.py", line 139, in create_google_authenticator_url
givenname=user_obj.info.get("givenname", ""),
File "/opt/privacyidea/lib/python3.10/site-packages/privacyidea/lib/user.py", line 311, in info
userInfo = y.getUserInfo(uid)
File "/opt/privacyidea/lib/python3.10/site-packages/privacyidea/lib/resolvers/HTTPResolver.py", line 136, in getUserInfo
return self._getUser(userid)
File "/opt/privacyidea/lib/python3.10/site-packages/privacyidea/lib/resolvers/HTTPResolver.py", line 234, in _getUser
raise Exception('Received an error while searching for user: %s' % userid)
Exception: Received an error while searching for user: test4
[2023-03-30 16:06:37,665][4078][139703774512704][ERROR][privacyidea.lib.tokens.hotptoken:303] failed to set oath or google url: Exception('Received an error while searching for user: test4')
[2023-03-30 16:06:37,665][4078][139703774512704][DEBUG][privacyidea.lib.tokens.hotptoken:194] Exiting get_init_detail with result {'otpkey': {'description': 'OTP seed', '
- lastly, when I go to “Details for user test1 in realm …” there are no details (like email) and no request to HTTP Resolver (PHP/GET)