Bug 1777811 - `ipa otptoken-sync` fails with stack trace
Summary: `ipa otptoken-sync` fails with stack trace
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: ipa
Version: 8.0
Hardware: Unspecified
OS: Unspecified
Target Milestone: rc
: 8.2
Assignee: Thomas Woerner
QA Contact: ipa-qe
Depends On:
TreeView+ depends on / blocked
Reported: 2019-11-28 11:19 UTC by Christian Heimes
Modified: 2020-04-28 15:44 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Last Closed: 2020-04-28 15:44:12 UTC
Type: ---
Target Upstream Version:

Attachments (Terms of Use)

System ID Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2020:1640 None None None 2020-04-28 15:44:32 UTC

Description Christian Heimes 2019-11-28 11:19:39 UTC
ipa otptoken-sync has two bugs. It has not been ported to Python 3 correctly. Any sync attempt fails with a TypeError. The token parameter is not working correctly, too.

This bug is created as a clone of upstream ticket:

### Issue
When synchronizing a token using `ipa otptoken-sync`, incorrect parameters to the invocation properly fail, but correct parameters give a stack trace.

#### Steps to Reproduce
1. Follow steps in https://bugzilla.redhat.com/show_bug.cgi?id=1217009#c11

#### Actual behavior
[root@freeipa-vpn-0 /]# ipa otptoken-sync 752f744e-1879-4499-a9c5-8932f739d26a
User ID: player1
First Code: 
Second Code: 
ipa: ERROR: non-public: AttributeError: 'NoneType' object has no attribute 'name'
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/ipalib/backend.py", line 139, in execute
    result = self.Command[_name](*args, **options)
  File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 447, in __call__
    return self.__do_call(*args, **options)
  File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 475, in __do_call
    ret = self.run(*args, **options)
  File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 1199, in run
    return self.forward(*args, **options)
  File "/usr/lib/python2.7/site-packages/ipaclient/plugins/otptoken.py", line 168, in forward
    query['token'] = DN((obj.primary_key.name, args[0]),
AttributeError: 'NoneType' object has no attribute 'name'
ipa: ERROR: an internal error has occurred

#### Expected behavior
As in the example, a result of `Token synchronized.`

#### Version/Release/Distribution
[root@ns-0 /]# rpm -q freeipa-server freeipa-client ipa-server ipa-client 389-ds-base pki-ca krb5-server
package freeipa-server is not installed
package freeipa-client is not installed

#### Additional info:
Behavior was confirmed by @frenaud in https://lists.fedorahosted.org/archives/list/freeipa-users%40lists.fedorahosted.org/thread/EKJLQ3NASR6MYRT6QPD3LNFUEVEIFJHL/

Comment 1 Christian Heimes 2019-11-28 11:32:13 UTC
Upstream PR fixes two bugs with otptoken-sync and adds upstream integration tests for otptoken.

Comment 7 errata-xmlrpc 2020-04-28 15:44:12 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.


Note You need to log in before you can comment on or make changes to this bug.