Bug 996757 - setup exiting out after generating token
setup exiting out after generating token
Product: OpenShift Origin
Classification: Red Hat
Component: Command Line Interface (Show other bugs)
Unspecified Linux
unspecified Severity medium
: ---
: ---
Assigned To: Jordan Liggitt
libra bugs
: UpcomingRelease
Depends On:
  Show dependency treegraph
Reported: 2013-08-13 17:30 EDT by Lynn Root
Modified: 2015-05-14 22:20 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2014-02-05 14:39:12 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Lynn Root 2013-08-13 17:30:34 EDT
Description of problem:

When kinit'ed in locally as a user, a token during `rhc setup` can not be generated.  

Version-Release number of selected component (if applicable):

RHC version: 1.12.4

How reproducible:

Every time.

Steps to Reproduce:

1. Setup OpenShift Origin with the Broker to use `mod_auth_kerb` to defer to IPA/Kerberos for user authentication (how to here: http://www.freeipa.org/page/OpenShift_Broker_Apache_%2B_mod_auth_kerb_for_IdM)
2. `$ gem install rhc gssapi ffi`
3. `$ kinit $USER`
4. run `rhc setup` and answer "yes" to "Generate a token now? (yes|no)".

Actual results:

RHC setup returns with "Your authorization token is expired or invalid." then quits.  Tokens are in fact generated in the ~/.openshift/ folder.

Expected results:

rhc setup continues to setup the client.

Additional info:

Note: The above RHC steps should not ask for user/password.  The `kinit` on the local machine takes care of that for the user.

Related: In a different setup (client does not have gssapi & ffi rubygems installed), I was able to generate a token (based on user/pass login rather than kinit'ing) through rhc setup.  I then ran `rhc setup --token=$TOKEN_FILE` and get this error: `/usr/local/share/gems/gems/httpclient-2.3.3/lib/httpclient/auth.rb:197: stack level too deep (SystemStackError)`
Comment 1 Clayton Coleman 2013-08-19 16:04:41 EDT
I think this may be a config issue - you have to pass through requests containing Authorization: Bearer * to the backend.

Note You need to log in before you can comment on or make changes to this bug.