1414083 – User Name required for login on behalf

Bug 1414083 - User Name required for login on behalf

Summary: User Name required for login on behalf

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	ovirt-engine
Classification:	oVirt
Component:	AAA
Sub Component:
Version:	4.1.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	medium
Target Milestone:	ovirt-4.1.1
Target Release:	4.1.1
Assignee:	Ravi Nori
QA Contact:	Gonza
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2017-01-17 17:15 UTC by Ravi Nori
Modified:	2017-04-21 09:38 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2017-04-21 09:38:03 UTC
oVirt Team:	Infra
Embargoed:
Dependent Products:
Flags:	rule-engine: ovirt-4.1+

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
oVirt gerrit	70692	0	ovirt-engine-4.1	MERGED	aaa: Username is mandatory for LoginOnBehalf	2017-01-18 10:12:26 UTC
oVirt gerrit	70721	0	ovirt-engine-4.1	MERGED	aaa: Username is mandatory for LoginOnBehalf	2017-02-02 12:51:03 UTC

Description Ravi Nori 2017-01-17 17:15:02 UTC

Description of problem:

If user name is missing in login on behalf request, SSO should respond back with a proper error message

Version-Release number of selected component (if applicable): 4.0


How reproducible:


Steps to Reproduce:
1. curl -v -k -H "Accept: application/json" 'http://127.0.0.1:8080/ovirt-engine/sso/oauth/token?grant_type=password&username2=admin@internal&password=1&client_id=ovirt-engine&client_secret=secret&scope=ovirt-ext=token:login-on-behalf'

Actual results:
{"error_code":"server_error","error":null}

Expected results:
{"error_code":"invalid_request","error":"Invalid request, parameter 'username' not found or contains invalid value."}

Comment 1 Gonza 2017-03-06 08:20:06 UTC

Verified with:
rhevm-4.1.1-0.1.el7.noarch

curl -k -v -H "Accept: application/json" 'https://ge2.redhat.com/ovirt-engine/sso/oauth/token?grant_type=password&username2=admin@internal&password=1&client_id=ovirt-engine&client_secret=secret&scope=ovirt-ext=token:login-on-behalf'
...
* Connection #0 to host ge2.redhat.com left intact
{"error_code":"invalid_request","error":"Invalid request, parameter 'username' not found or contains invalid value."}%

Comment 2 Gonza 2017-03-06 08:20:07 UTC

Verified with:
rhevm-4.1.1-0.1.el7.noarch

curl -k -v -H "Accept: application/json" 'https://ge2.redhat.com/ovirt-engine/sso/oauth/token?grant_type=password&username2=admin@internal&password=1&client_id=ovirt-engine&client_secret=secret&scope=ovirt-ext=token:login-on-behalf'
...
* Connection #0 to host ge2.redhat.com left intact
{"error_code":"invalid_request","error":"Invalid request, parameter 'username' not found or contains invalid value."}%

Note You need to log in before you can comment on or make changes to this bug.