Hi there,
I am new here. I am trying to set up privacyIDEA so far my experience from the documentation is pretty good, but I have some strange issues with the app, specifically setting up PUSH. TL;DR push works, but the enrollment takes ages. I was already able to crash the app, and sent the related information to netknight, but maybe the community has some feedback.
Installed everything on ArchLinux, as a ordinary user I am running privacyIDEA. I am running behind haproxy, which handles my SSL. What happens? First establish that I am waiting 2 minutes to the enrollment to happen. And I guess it only happens because of the failure, after the ttype/push the app polls every 3 seconds. Obviously I have an opinion about that, but I was actually hoping that this was resolved by the firebase configuration. If for firebase I have not compile my app myself… I guess UnifiedPost would be something that could be seen as “helpful” here, but I actually hoped that the normal app had infrastructure to federate.
INFO:werkzeug:10.9.0.106 - - [03/Mar/2022 17:54:03] "POST /token/init HTTP/1.1" 200 -
INFO:werkzeug:10.9.0.106 - - [03/Mar/2022 17:54:03] "GET / HTTP/1.1" 200 -
INFO:privacyidea.lib.resolvers.PasswdIdResolver:loading users from file /etc/passwd from within '/home/skinkie/.local/bin'
INFO:werkzeug:10.9.0.106 - - [03/Mar/2022 17:54:04] "GET /token/?serial=PIPU000021BB HTTP/1.1" 200 -
INFO:privacyidea.lib.resolvers.PasswdIdResolver:loading users from file /etc/passwd from within '/home/skinkie/.local/bin'
INFO:werkzeug:10.9.0.106 - - [03/Mar/2022 17:54:06] "GET /token/?serial=PIPU000021BB HTTP/1.1" 200 -
INFO:privacyidea.lib.resolvers.PasswdIdResolver:loading users from file /etc/passwd from within '/home/skinkie/.local/bin'
INFO:werkzeug:10.9.0.106 - - [03/Mar/2022 17:54:09] "GET /token/?serial=PIPU000021BB HTTP/1.1" 200 -
...
INFO:werkzeug:10.9.0.106 - - [03/Mar/2022 17:56:43] "GET /token/?serial=PIPU000021BB HTTP/1.1" 200 -
INFO:werkzeug:10.9.0.106 - - [03/Mar/2022 17:56:46] "GET /token/?serial=PIPU000021BB HTTP/1.1" 500 -
Traceback (most recent call last):
File "/home/skinkie/.local/lib/python3.10/site-packages/jwt/api_jws.py", line 180, in _load
signing_input, crypto_segment = jwt.rsplit(b'.', 1)
ValueError: not enough values to unpack (expected 2, got 1)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/home/skinkie/.local/lib/python3.10/site-packages/flask/app.py", line 2464, in __call__
return self.wsgi_app(environ, start_response)
File "/home/skinkie/.local/lib/python3.10/site-packages/flask/app.py", line 2450, in wsgi_app
response = self.handle_exception(e)
File "/home/skinkie/.local/lib/python3.10/site-packages/flask/app.py", line 1867, in handle_exception
reraise(exc_type, exc_value, tb)
File "/home/skinkie/.local/lib/python3.10/site-packages/flask/_compat.py", line 39, in reraise
raise value
File "/home/skinkie/.local/lib/python3.10/site-packages/flask/app.py", line 2447, in wsgi_app
response = self.full_dispatch_request()
File "/home/skinkie/.local/lib/python3.10/site-packages/flask/app.py", line 1952, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/home/skinkie/.local/lib/python3.10/site-packages/flask/app.py", line 1821, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "/home/skinkie/.local/lib/python3.10/site-packages/flask/_compat.py", line 39, in reraise
raise value
File "/home/skinkie/.local/lib/python3.10/site-packages/flask/app.py", line 1948, in full_dispatch_request
rv = self.preprocess_request()
File "/home/skinkie/.local/lib/python3.10/site-packages/flask/app.py", line 2242, in preprocess_request
rv = func()
File "/home/skinkie/.local/lib/python3.10/site-packages/privacyidea/api/auth.py", line 403, in decorated_function
check_auth_token(required_role=["user", "admin"])
File "/home/skinkie/.local/lib/python3.10/site-packages/privacyidea/api/auth.py", line 423, in check_auth_token
r = verify_auth_token(auth_token, required_role)
File "/home/skinkie/.local/lib/python3.10/site-packages/privacyidea/api/lib/utils.py", line 293, in verify_auth_token
headers = jwt.get_unverified_header(auth_token)
File "/home/skinkie/.local/lib/python3.10/site-packages/jwt/api_jws.py", line 166, in get_unverified_header
headers = self._load(jwt)[2]
File "/home/skinkie/.local/lib/python3.10/site-packages/jwt/api_jws.py", line 183, in _load
raise DecodeError('Not enough segments')
jwt.exceptions.DecodeError: Not enough segments
INFO:werkzeug:10.9.0.106 - - [03/Mar/2022 17:58:11] "POST /ttype/push HTTP/1.1" 200 -