Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1512989

Summary: Add support to retrieve session by token
Product: [oVirt] ovirt-engine Reporter: Martin Perina <mperina>
Component: AAAAssignee: Ravi Nori <rnori>
Status: CLOSED CURRENTRELEASE QA Contact: Gonza <grafuls>
Severity: medium Docs Contact:
Priority: unspecified    
Version: ---CC: bugs, lveyde
Target Milestone: ovirt-4.1.8Flags: rule-engine: ovirt-4.1+
rule-engine: exception+
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: ovirt-engine-4.1.8.1 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-12-11 16:30:07 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: Infra RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Martin Perina 2017-11-14 14:53:06 UTC
Description of problem:

Add support to retrieve sessions using sso_token query parameter if it is passed in queryString. This enables obtaining a token using token endpoint and be able to login to webadmin using the token. This is a prerequisity to be able to open webadmin windows from within CFME.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 1 rhev-integ 2017-11-16 16:13:20 UTC
INFO: Bug status wasn't changed from MODIFIED to ON_QA due to the following reason:

[Tag 'ovirt-engine-4.1.8' doesn't contain patch 'https://gerrit.ovirt.org/82997']
gitweb: https://gerrit.ovirt.org/gitweb?p=ovirt-engine.git;a=shortlog;h=refs/tags/ovirt-engine-4.1.8

For more info please contact: infra

Comment 2 Vojtech Szocs 2017-11-16 16:25:25 UTC
Steps for verification:

1, obtain SSO token, represented as `access_token` in HTTP response

  $ ENGINE='https://127.0.0.1:8443'
  $ USER='admin@internal'
  $ PASS='..'

1.A, using HTTP GET

  $ curl -v -k -H "Accept: application/json" "${ENGINE}/ovirt-engine/sso/oauth/token?grant_type=password&username=${USER}&password=${PASS}&scope=ovirt-app-admin%20ovirt-app-portal"

1.B, using HTTP POST

  $ curl -v -k -H "Accept: application/json" -H "Content-Type: application/x-www-form-urlencoded" --data-urlencode "grant_type=password" --data-urlencode "username=${USER}" --data-urlencode "password=${PASS}" --data-urlencode "scope=ovirt-app-admin ovirt-app-portal" "${ENGINE}/ovirt-engine/sso/oauth/token"

2, access WebAdmin UI in browser

  $ BROWSER='..' # your favorite web browser
  $ TOKEN='..'   # obtained in step 1,
  $ ${BROWSER} "${ENGINE}/ovirt-engine/webadmin/sso/login?sso_token=${TOKEN}&app_url=${ENGINE}/ovirt-engine/webadmin"

Check that WebAdmin UI opens successfully and you are logged in.

Comment 3 Gonza 2017-11-27 10:10:53 UTC
Verified with:
ovirt-engine-4.1.8.1-0.1.el7.noarch

Webadmin succesfully logins with acquired token