1278041 – Containers: REST API cannot accept token for creating the Openshift provider

Bug 1278041 - Containers: REST API cannot accept token for creating the Openshift provider

Summary: Containers: REST API cannot accept token for creating the Openshift provider

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat CloudForms Management Engine
Classification:	Red Hat
Component:	API
Sub Component:
Version:	5.5.0
Hardware:	x86_64
OS:	Linux
Priority:	high
Severity:	medium
Target Milestone:	GA
Target Release:	5.5.0
Assignee:	Tim Wade
QA Contact:	Jaroslav Henner
Docs Contact:
URL:
Whiteboard:	container
Duplicates (1):	1280257 (view as bug list)
Depends On:
Blocks:	1284005
TreeView+	depends on / blocked

Reported:	2015-11-04 15:26 UTC by Jaroslav Henner
Modified:	2015-12-08 13:44 UTC (History)
CC List:	10 users (show)
Fixed In Version:	5.5.0.11
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Clones:	1284005 (view as bug list)
Environment:
Last Closed:	2015-12-08 13:44:01 UTC
Category:	---
Cloudforms Team:	---
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)
token filled (12.66 KB, image/png) 2015-11-05 15:13 UTC, Jaroslav Henner	no flags	Details
token empty (12.32 KB, image/png) 2015-11-05 15:13 UTC, Jaroslav Henner	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2015:2551	0	normal	SHIPPED_LIVE	Moderate: CFME 5.5.0 bug fixes and enhancement update	2015-12-08 17:58:09 UTC

Description Jaroslav Henner 2015-11-04 15:26:35 UTC

Description of problem:
I have tried various combinations and structure of the credentials (auth_type and userid/password), but I was unable to create the provider with the token specified:

curl -k -XPOST -d@- https://localhost/api/providers/ -u admin:smartvm; do
            sleep 1
        done <<EOF
        {
            "name":"openshift-ansible-deployment_one-stack",
            "port":"8443",
            "hostname":"A.B.C.D",
            "zone_id":1,
            "type":"ManageIQ::Providers::Openshift::ContainerManager",
            "tenant_id":1,
"credentials": [{ "auth_type": "bearer", "userid": "foo", "password": "..."} ] 
        }


Version-Release number of selected component (if applicable):
API: "name":"API","description":"REST API","version":"2.1.0"
EVM: master.20151104101111_14facbb


How reproducible:
always

Steps to Reproduce:
1. Do what the description says

Actual results:
The provider is created fine, but the token in the WebGUI is empty and it seem not to be collecting the info.


Expected results:
The provider is created fine, and the token filed in  WebGUI is not empty and it is collecting the info.


Additional info:

Comment 2 Tim Wade 2015-11-04 20:22:19 UTC

Jaroslav,

Could you clarify what is meant by the token's being empty in the WebGUI? Even better if you could provide a screenshot. Thanks!

Comment 3 Jaroslav Henner 2015-11-05 15:12:02 UTC

(In reply to Tim Wade from comment #2)
> Jaroslav,
> 
> Could you clarify what is meant by the token's being empty in the WebGUI?
> Even better if you could provide a screenshot. Thanks!

Well there is nothing what you might not understand. It is simple. The token field is empty. There seem to be no way of fill it using REST.

If you set the token trough web-gui and then later you check the provider, the token is non-empty, therefore I conclude it is not being set using REST.

Comment 4 Jaroslav Henner 2015-11-05 15:13:08 UTC

Created attachment 1090159 [details]
token filled

Comment 5 Jaroslav Henner 2015-11-05 15:13:36 UTC

Created attachment 1090160 [details]
token empty

Comment 6 Tim Wade 2015-11-06 19:15:13 UTC

Jaroslav,

Thanks for the additional info. You mentioned you have tried various combinations. Have you tried providing the auth_key in the credentials?

i.e. 


{
  "name":"openshift-ansible-deployment_one-stack",
  "port":"8443",
  "hostname":"A.B.C.D",
  "zone_id":1,
  "type":"ManageIQ::Providers::Openshift::ContainerManager",
  "tenant_id":1,
  "credentials": [
    {
      "auth_type": "bearer",
      "userid": "foo",
      "password": "...",
      "auth_key": "-----BEGIN\sRSA\sPRIVATE\sKEY-----[...]"
    }
  ] 
}

Comment 7 Jaroslav Henner 2015-11-09 10:55:46 UTC

(In reply to Tim Wade from comment #6)
> Jaroslav,
> 
> Thanks for the additional info. You mentioned you have tried various
> combinations. Have you tried providing the auth_key in the credentials?
> 
> i.e. 
> 
> 
> {
>   "name":"openshift-ansible-deployment_one-stack",
>   "port":"8443",
>   "hostname":"A.B.C.D",
>   "zone_id":1,
>   "type":"ManageIQ::Providers::Openshift::ContainerManager",
>   "tenant_id":1,
>   "credentials": [
>     {
>       "auth_type": "bearer",
>       "userid": "foo",
>       "password": "...",
>       "auth_key": "-----BEGIN\sRSA\sPRIVATE\sKEY-----[...]"
>     }
>   ] 
> }

curl -k -XPOST -d@- https://A.B.C.D/api/providers/ -u admin:smartvm; do             sleep 1                                                                
                  
        done <<EOF
        {                                                   
            "name":"openshift-ansible-deployment_one-stack",
            "port":"8443",
            "hostname":"10.8.188.230",
            "zone_id":1,                                              
            "type":"ManageIQ::Providers::Openshift::ContainerManager",
            "tenant_id":1,                                                                      "credentials": [{ "auth_type": "bearer", "userid": "foo", "auth_key": "eyJhbG...NMZACgkm-jaGQ"} ] 
        }
EOF

{"error":{"kind":"bad_request","message":"Could not create the new provider - Unsupported credential attributes auth_key specified, ManageIQ::Providers::Openshift::ContainerManager supports: userid, password","klass":"ApiController::BadRequestError"}}

Comment 8 Tim Wade 2015-11-09 19:56:45 UTC

Jaroslav,

Thanks for trying that. I think I now see what's going on. I've created a PR for this here: https://github.com/ManageIQ/manageiq/pull/5364

Comment 9 Jaroslav Henner 2015-11-11 11:12:07 UTC

*** Bug 1280257 has been marked as a duplicate of this bug. ***

Comment 11 Jaroslav Henner 2015-11-19 13:15:23 UTC

curl -k -XPOST -d@- https://localhost/api/providers/ -u admin:smartvm  <<EOF
        {
            "name":"openshift-ansible-deployment_one",
            "port":"8443",
            "hostname":"A.B.C.D",
            "zone_id":1,
            "type":"ManageIQ::Providers::Openshift::ContainerManager",
            "tenant_id":1,
"credentials": [{ "auth_type": "bearer", "userid": "foo", "auth_key": "$auth" }]}
EOF  

Worked

Comment 13 errata-xmlrpc 2015-12-08 13:44:01 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2015:2551

Note You need to log in before you can comment on or make changes to this bug.