1038848 – domain-admin token does not work domain configure.

Bug 1038848 - domain-admin token does not work domain configure.

Summary: domain-admin token does not work domain configure.

Keywords:
Status:	CLOSED WORKSFORME
Alias:	None
Product:	OpenShift Online
Classification:	Red Hat
Component:	Pod
Sub Component:
Version:	2.x
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Target Release:	---
Assignee:	Abhishek Gupta
QA Contact:	libra bugs
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-12-05 23:40 UTC by Peter Ruan
Modified:	2015-05-15 00:23 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2013-12-07 00:59:06 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Peter Ruan 2013-12-05 23:40:26 UTC

Description of problem:
domain-admin token does not work with 'rhc domain configure'.  It works fine when I specify the user/pass

Version-Release number of selected component (if applicable):
PROD

How reproducible:
always.

Steps to Reproduce:
1. create a domain-admin token for the app.
2. rhc authorization add --note=test --scope domain/529d1ee44382ec27d6000cdf/admin -l pruan -p vostok08 -d 
3. run domain configure to change the allowed-gear-sizes
rhc domain configure -n gignzk --allowed-gear-sizes=small --insecure --server openshift.redhat.com -d --token 15ced9b01344247c19c67191d27ff25fbc7ff653ffc2299202c683efbab574a4


Actual results:
DEBUG: Using config file /home/pruan/.openshift/express.conf
DEBUG: Git config 'git config --get rhc.app-id' returned ''
DEBUG: Git config 'git config --get rhc.app-name' returned ''
DEBUG: Git config 'git config --get rhc.domain-name' returned ''
DEBUG: Authenticating with RHC::Auth::Token
DEBUG: Connecting to https://openshift.redhat.com/broker/rest/api
DEBUG: Finding domain gignzk
DEBUG: Client supports API versions 1.1, 1.2, 1.3, 1.4, 1.5
DEBUG: Using token authentication
DEBUG: Created new httpclient
DEBUG: Request GET https://openshift.redhat.com/broker/rest/api
DEBUG:    code 200  830 ms
DEBUG: Server supports API versions 1.0, 1.1, 1.2, 1.3, 1.4, 1.5, 1.6
DEBUG:    Using API version 1.5
DEBUG: Client API version 1.5 is not current. Refetching API
DEBUG: Using token authentication
DEBUG: Request GET https://openshift.redhat.com/broker/rest/api
DEBUG:    code 200  284 ms
DEBUG: Using token authentication
DEBUG: Request GET https://openshift.redhat.com/broker/rest/domain/gignzk
DEBUG:    code 404  155 ms
Domain 'gignzk' not found.


Expected results:
success

Additional info:

  This works fine if I run the same command with user/pass

[pruan@homer-linux <CUCUSHIFT_INT> ~]# rhc domain configure -n gignzk --allowed-gear-sizes=small,medium --insecure --server openshift.redhat.com -d -l pruan -p vostok08
DEBUG: Using config file /home/pruan/.openshift/express.conf
DEBUG: Git config 'git config --get rhc.app-id' returned ''
DEBUG: Git config 'git config --get rhc.app-name' returned ''
DEBUG: Git config 'git config --get rhc.domain-name' returned ''
DEBUG: Authenticating with RHC::Auth::Basic
DEBUG: Connecting to https://openshift.redhat.com/broker/rest/api
DEBUG: Finding domain gignzk
DEBUG: Client supports API versions 1.1, 1.2, 1.3, 1.4, 1.5
DEBUG: Created new httpclient
DEBUG: Request GET https://openshift.redhat.com/broker/rest/api
DEBUG:    code 200  721 ms
DEBUG: Server supports API versions 1.0, 1.1, 1.2, 1.3, 1.4, 1.5, 1.6
DEBUG:    Using API version 1.5
DEBUG: Client API version 1.5 is not current. Refetching API
DEBUG: Request GET https://openshift.redhat.com/broker/rest/api
DEBUG:    code 200  152 ms
DEBUG: Request GET https://openshift.redhat.com/broker/rest/domain/gignzk
DEBUG:    code 200  769 ms
Updating domain configuration ... DEBUG: Request PUT https://openshift.redhat.com/broker/rest/domain/gignzk
DEBUG:    code 200  870 ms
done

Domain gignzk configuration
---------------------------
  Allowed Gear Sizes: small, medium


[pruan@homer-linux <CUCUSHIFT_ONPREM> cucushift]# rhc authorization add --note=test --scope domain/529d1ee44382ec27d6000cdf/admin -l pruan -p vostok08 -d 
DEBUG: Using config file /home/pruan/.openshift/express.conf
Adding authorization ... DEBUG: Authenticating with RHC::Auth::Basic
DEBUG: Connecting to https://openshift.redhat.com/broker/rest/api
DEBUG: Client supports API versions 1.1, 1.2, 1.3, 1.4, 1.5
DEBUG: Created new httpclient
DEBUG: Request GET https://openshift.redhat.com/broker/rest/api
DEBUG:    code 200 1746 ms
DEBUG: Server supports API versions 1.0, 1.1, 1.2, 1.3, 1.4, 1.5, 1.6
DEBUG:    Using API version 1.5
DEBUG: Client API version 1.5 is not current. Refetching API
DEBUG: Request GET https://openshift.redhat.com/broker/rest/api
DEBUG:    code 200  321 ms
DEBUG: Created new httpclient
DEBUG: Request POST https://openshift.redhat.com/broker/rest/user/authorizations
DEBUG:    code 201 2118 ms
done

test
----
  Token:      15ced9b01344247c19c67191d27ff25fbc7ff653ffc2299202c683efbab574a4
  Scopes:     domain/529d1ee44382ec27d6000cdf/admin
  Created:    3:26 PM
  Expires In: about 6 months

Comment 1 XiuJuan Wang 2013-12-06 03:57:59 UTC

Hi,Peter,
I can't reproduce this issue on STG with rhc-1.17.6, and devenv_4102 with rhc-1.18.2.

1. On STG will pass without user/pass
$ rhc domain configure -n wxj  --allowed-gear-sizes=small --insecure --server stg.openshift.redhat.com -d --token 3f1f7a2f80d8976a933187b67f0fea242706a565e9d11cecd3ea01d9040d4f66
DEBUG: Using config file /home/openshift/.openshift/express.conf
DEBUG: Git config 'git config --get rhc.app-id' returned ''
DEBUG: Git config 'git config --get rhc.app-name' returned ''
DEBUG: Git config 'git config --get rhc.domain-name' returned ''
DEBUG: Authenticating with RHC::Auth::Token
DEBUG: Connecting to https://stg.openshift.redhat.com/broker/rest/api
DEBUG: Finding domain wxj
DEBUG: Client supports API versions 1.1, 1.2, 1.3, 1.4, 1.5
DEBUG: Using token authentication
DEBUG: Created new httpclient
DEBUG: Request GET https://stg.openshift.redhat.com/broker/rest/api
DEBUG:    code 200 1125 ms
DEBUG: Server supports API versions 1.0, 1.1, 1.2, 1.3, 1.4, 1.5, 1.6
DEBUG:    Using API version 1.5
DEBUG: Client API version 1.5 is not current. Refetching API
DEBUG: Using token authentication
DEBUG: Request GET https://stg.openshift.redhat.com/broker/rest/api
DEBUG:    code 200  301 ms
DEBUG: Using token authentication
DEBUG: Request GET https://stg.openshift.redhat.com/broker/rest/domain/wxj
DEBUG:    code 200  329 ms
Updating domain configuration ... DEBUG: Using token authentication
DEBUG: Request PUT https://stg.openshift.redhat.com/broker/rest/domain/wxj
DEBUG:    code 200  447 ms
done

Domain wxj configuration
------------------------
  Allowed Gear Sizes: small
2.On STG with user/pass, also works well for me as you.

3. On devenv_4102 will pass without user/pass.

$ rhc domain-configure -n curedog --allowed-gear-sizes= --insecure --server  ec2-23-20-237-197.compute-1.amazonaws.com -d --token a51114cd7bfc886d9d3ac057c9bad247ed4d3bd890e93174715e02b1486ab643
DEBUG: Using config file /home/openshift/.openshift/express.conf
DEBUG: Git config 'git config --get rhc.app-id' returned ''
DEBUG: Git config 'git config --get rhc.app-name' returned ''
DEBUG: Git config 'git config --get rhc.domain-name' returned ''
DEBUG: Authenticating with RHC::Auth::Token
DEBUG: Connecting to https://ec2-23-20-237-197.compute-1.amazonaws.com/broker/rest/api
DEBUG: Finding domain curedog
DEBUG: Client supports API versions 1.1, 1.2, 1.3, 1.4, 1.5
DEBUG: Using token authentication
DEBUG: Created new httpclient
DEBUG: Request GET https://ec2-23-20-237-197.compute-1.amazonaws.com/broker/rest/api
DEBUG: SSL Verification failed -- Using self signed cert
DEBUG:    code 200 1212 ms
DEBUG: Server supports API versions 1.0, 1.1, 1.2, 1.3, 1.4, 1.5, 1.6
DEBUG:    Using API version 1.5
DEBUG: Client API version 1.5 is not current. Refetching API
DEBUG: Using token authentication
DEBUG: Request GET https://ec2-23-20-237-197.compute-1.amazonaws.com/broker/rest/api
DEBUG:    code 200  295 ms
DEBUG: Using token authentication
DEBUG: Request GET https://ec2-23-20-237-197.compute-1.amazonaws.com/broker/rest/domain/curedog
DEBUG:    code 200  315 ms
Updating domain configuration ... DEBUG: Using token authentication
DEBUG: Request PUT https://ec2-23-20-237-197.compute-1.amazonaws.com/broker/rest/domain/curedog
DEBUG:    code 200  304 ms
done

Domain curedog configuration
----------------------------
  Allowed Gear Sizes: <none>
4. Add domain-admin token
$ rhc authorization-add --note=test --scopes domain/5264dd8ddbd93cf21e0005f5/admin -l xiuwang+1 -p redhat -d
DEBUG: Using config file /home/openshift/.openshift/express.conf
Adding authorization ... DEBUG: Authenticating with RHC::Auth::Basic
DEBUG: Connecting to https://stg.openshift.redhat.com/broker/rest/api
DEBUG: Client supports API versions 1.1, 1.2, 1.3, 1.4, 1.5
DEBUG: Created new httpclient
DEBUG: Request GET https://stg.openshift.redhat.com/broker/rest/api
DEBUG:    code 200 1640 ms
DEBUG: Server supports API versions 1.0, 1.1, 1.2, 1.3, 1.4, 1.5, 1.6
DEBUG:    Using API version 1.5
DEBUG: Client API version 1.5 is not current. Refetching API
DEBUG: Request GET https://stg.openshift.redhat.com/broker/rest/api
DEBUG:    code 200  306 ms
DEBUG: Created new httpclient
DEBUG: Request POST https://stg.openshift.redhat.com/broker/rest/user/authorizations
DEBUG:    code 201 2083 ms
done

test
----
  Token:      3f1f7a2f80d8976a933187b67f0fea242706a565e9d11cecd3ea01d9040d4f66
  Scopes:     domain/5264dd8ddbd93cf21e0005f5/admin
  Created:    11:46 AM
  Expires In: about 6 months

Comment 2 Peter Ruan 2013-12-07 00:59:06 UTC

tried it again and it worked for me today.  Strange.

Note You need to log in before you can comment on or make changes to this bug.