Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1512989

Summary:	Add support to retrieve session by token
Product:	[oVirt] ovirt-engine	Reporter:	Martin Perina <mperina>
Component:	AAA	Assignee:	Ravi Nori <rnori>
Status:	CLOSED CURRENTRELEASE	QA Contact:	Gonza <grafuls>
Severity:	medium	Docs Contact:
Priority:	unspecified
Version:	---	CC:	bugs, lveyde
Target Milestone:	ovirt-4.1.8	Flags:	rule-engine: ovirt-4.1+ rule-engine: exception+
Target Release:	---
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:
Fixed In Version:	ovirt-engine-4.1.8.1	Doc Type:	If docs needed, set a value
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2017-12-11 16:30:07 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	Infra	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description Martin Perina 2017-11-14 14:53:06 UTC

Description of problem:

Add support to retrieve sessions using sso_token query parameter if it is passed in queryString. This enables obtaining a token using token endpoint and be able to login to webadmin using the token. This is a prerequisity to be able to open webadmin windows from within CFME.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 1 rhev-integ 2017-11-16 16:13:20 UTC

INFO: Bug status wasn't changed from MODIFIED to ON_QA due to the following reason:

[Tag 'ovirt-engine-4.1.8' doesn't contain patch 'https://gerrit.ovirt.org/82997']
gitweb: https://gerrit.ovirt.org/gitweb?p=ovirt-engine.git;a=shortlog;h=refs/tags/ovirt-engine-4.1.8

For more info please contact: infra

Comment 2 Vojtech Szocs 2017-11-16 16:25:25 UTC

Steps for verification:

1, obtain SSO token, represented as `access_token` in HTTP response

  $ ENGINE='https://127.0.0.1:8443'
  $ USER='admin@internal'
  $ PASS='..'

1.A, using HTTP GET

  $ curl -v -k -H "Accept: application/json" "${ENGINE}/ovirt-engine/sso/oauth/token?grant_type=password&username=${USER}&password=${PASS}&scope=ovirt-app-admin%20ovirt-app-portal"

1.B, using HTTP POST

  $ curl -v -k -H "Accept: application/json" -H "Content-Type: application/x-www-form-urlencoded" --data-urlencode "grant_type=password" --data-urlencode "username=${USER}" --data-urlencode "password=${PASS}" --data-urlencode "scope=ovirt-app-admin ovirt-app-portal" "${ENGINE}/ovirt-engine/sso/oauth/token"

2, access WebAdmin UI in browser

  $ BROWSER='..' # your favorite web browser
  $ TOKEN='..'   # obtained in step 1,
  $ ${BROWSER} "${ENGINE}/ovirt-engine/webadmin/sso/login?sso_token=${TOKEN}&app_url=${ENGINE}/ovirt-engine/webadmin"

Check that WebAdmin UI opens successfully and you are logged in.

Comment 3 Gonza 2017-11-27 10:10:53 UTC

Verified with:
ovirt-engine-4.1.8.1-0.1.el7.noarch

Webadmin succesfully logins with acquired token