Bug 1414083 - User Name required for login on behalf
Summary: User Name required for login on behalf
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: ovirt-engine
Classification: oVirt
Component: AAA
Version: 4.1.0
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: ovirt-4.1.1
: 4.1.1
Assignee: Ravi Nori
QA Contact: Gonza
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-01-17 17:15 UTC by Ravi Nori
Modified: 2017-04-21 09:38 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-04-21 09:38:03 UTC
oVirt Team: Infra
rule-engine: ovirt-4.1+


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
oVirt gerrit 70692 0 ovirt-engine-4.1 MERGED aaa: Username is mandatory for LoginOnBehalf 2017-01-18 10:12:26 UTC
oVirt gerrit 70721 0 ovirt-engine-4.1 MERGED aaa: Username is mandatory for LoginOnBehalf 2017-02-02 12:51:03 UTC

Description Ravi Nori 2017-01-17 17:15:02 UTC
Description of problem:

If user name is missing in login on behalf request, SSO should respond back with a proper error message

Version-Release number of selected component (if applicable): 4.0


How reproducible:


Steps to Reproduce:
1. curl -v -k -H "Accept: application/json" 'http://127.0.0.1:8080/ovirt-engine/sso/oauth/token?grant_type=password&username2=admin@internal&password=1&client_id=ovirt-engine&client_secret=secret&scope=ovirt-ext=token:login-on-behalf'

Actual results:
{"error_code":"server_error","error":null}

Expected results:
{"error_code":"invalid_request","error":"Invalid request, parameter 'username' not found or contains invalid value."}

Comment 1 Gonza 2017-03-06 08:20:06 UTC
Verified with:
rhevm-4.1.1-0.1.el7.noarch

curl -k -v -H "Accept: application/json" 'https://ge2.redhat.com/ovirt-engine/sso/oauth/token?grant_type=password&username2=admin@internal&password=1&client_id=ovirt-engine&client_secret=secret&scope=ovirt-ext=token:login-on-behalf'
...
* Connection #0 to host ge2.redhat.com left intact
{"error_code":"invalid_request","error":"Invalid request, parameter 'username' not found or contains invalid value."}%

Comment 2 Gonza 2017-03-06 08:20:07 UTC
Verified with:
rhevm-4.1.1-0.1.el7.noarch

curl -k -v -H "Accept: application/json" 'https://ge2.redhat.com/ovirt-engine/sso/oauth/token?grant_type=password&username2=admin@internal&password=1&client_id=ovirt-engine&client_secret=secret&scope=ovirt-ext=token:login-on-behalf'
...
* Connection #0 to host ge2.redhat.com left intact
{"error_code":"invalid_request","error":"Invalid request, parameter 'username' not found or contains invalid value."}%


Note You need to log in before you can comment on or make changes to this bug.