/oauth2/auth/requests/login route not found
cabrinoob opened this issue · 6 comments
I have deployed Hydra on my k8s cluster. I have the admin and the public endpoints that run correctly.
The running docker image is : oryd/hydra:v1.0.0
Deployed through Helm : hydra-0.0.47
With k8s label : app.kubernetes.io/version: v1.0.0-rc.14_oryOS.12
When I call GET /clients I can see the list of my OAuth clients, so nice, it seems to work.
Now, going further in the login and consent implementation, I have a problem with this route :
GET /oauth2/auth/requests/login?challenge=1234
This routes returns a 404 not found.
{
"error": "Not Found",
"error_description": "Unable to located the requested resource",
"status_code": 404,
"request_id": "d390f3f135929217c4ec59d6ec3dedc6"
}
It's very strange because other routes seem to work.
In my hydra container logs I can see this :
2019-11-20T10:45:06.442011034Z time="2019-11-20T10:45:06Z" level=info msg="completed handling request" measure#hydra/admin: https://localhost:9000/.latency=2575892 method=GET remote=172.20.28.10 request="/oauth2/auth/requests/login?challenge=1234" request_id=afd1704274d475daa93fa4ee3dfdefc7 status=404 text_status="Not Found" took=2.575892ms
2019-11-20T10:45:07.102954306Z time="2019-11-20T10:45:07Z" level=info msg="started handling request" method=GET remote=172.20.28.10 request="/oauth2/auth/requests/login?challenge=1234" request_id=da2752dd60d93275f4933b8ac88a8e61
2019-11-20T10:45:07.105381822Z time="2019-11-20T10:45:07Z" level=error msg="An error occurred while handling a request" code=404 debug= details="map[]" error="Not Found" reason= request-id=da2752dd60d93275f4933b8ac88a8e61 status="Not Found" trace="Stack trace: \ngithub.com/ory/hydra/consent.(*SQLManager).GetLoginRequest\n\t/go/src/github.com/ory/hydra/consent/manager_sql.go:271\ngithub.com/ory/hydra/consent.(*Handler).GetLoginRequest\n\t/go/src/github.com/ory/hydra/consent/handler.go:260\ngithub.com/julienschmidt/httprouter.(*Router).ServeHTTP\n\t/go/pkg/mod/github.com/julienschmidt/httprouter@v1.2.0/router.go:334\ngithub.com/urfave/negroni.Wrap.func1\n\t/go/pkg/mod/github.com/urfave/negroni@v1.0.0/negroni.go:46\ngithub.com/urfave/negroni.HandlerFunc.ServeHTTP\n\t/go/pkg/mod/github.com/urfave/negroni@v1.0.0/negroni.go:29\ngithub.com/urfave/negroni.middleware.ServeHTTP\n\t/go/pkg/mod/github.com/urfave/negroni@v1.0.0/negroni.go:38\nnet/http.HandlerFunc.ServeHTTP\n\t/usr/local/go/src/net/http/server.go:1995\ngithub.com/ory/hydra/x.RejectInsecureRequests.func1\n\t/go/src/github.com/ory/hydra/x/tls_termination.go:83\ngithub.com/urfave/negroni.HandlerFunc.ServeHTTP\n\t/go/pkg/mod/github.com/urfave/negroni@v1.0.0/negroni.go:29\ngithub.com/urfave/negroni.middleware.ServeHTTP\n\t/go/pkg/mod/github.com/urfave/negroni@v1.0.0/negroni.go:38\ngithub.com/ory/x/metricsx.(*Service).ServeHTTP\n\t/go/pkg/mod/github.com/ory/x@v0.0.64/metricsx/middleware.go:260\ngithub.com/urfave/negroni.middleware.ServeHTTP\n\t/go/pkg/mod/github.com/urfave/negroni@v1.0.0/negroni.go:38\ngithub.com/ory/hydra/metrics/prometheus.(*MetricsManager).ServeHTTP\n\t/go/src/github.com/ory/hydra/metrics/prometheus/middleware.go:26\ngithub.com/urfave/negroni.middleware.ServeHTTP\n\t/go/pkg/mod/github.com/urfave/negroni@v1.0.0/negroni.go:38\ngithub.com/meatballhat/negroni-logrus.(*Middleware).ServeHTTP\n\t/go/pkg/mod/github.com/meatballhat/negroni-logrus@v0.0.0-20170801195057-31067281800f/middleware.go:136\ngithub.com/urfave/negroni.middleware.ServeHTTP\n\t/go/pkg/mod/github.com/urfave/negroni@v1.0.0/negroni.go:38\ngithub.com/urfave/negroni.(*Negroni).ServeHTTP\n\t/go/pkg/mod/github.com/urfave/negroni@v1.0.0/negroni.go:96\nnet/http.serverHandler.ServeHTTP\n\t/usr/local/go/src/net/http/server.go:2774\nnet/http.(*conn).serve\n\t/usr/local/go/src/net/http/server.go:1878\nruntime.goexit\n\t/usr/local/go/src/runtime/asm_amd64.s:1337" writer=JSON
2019-11-20T10:45:07.105430876Z time="2019-11-20T10:45:07Z" level=info msg="completed handling request" measure#hydra/admin: https://localhost:9000/.latency=2574783 method=GET remote=172.20.28.10 request="/oauth2/auth/requests/login?challenge=1234" request_id=da2752dd60d93275f4933b8ac88a8e61 status=404 text_status="Not Found" took=2.574783ms
2019-11-20T10:45:08.289787341Z time="2019-11-20T10:45:08Z" level=info msg="started handling request" method=GET remote="10.36.18.117:14216" request=/health/ready
thank you
You probably mixed up the admin and public endpoints
The /clients is on the admin endpoint and it works. I call /oauth2/auth/requests/login?challenge=1234 on the same endpoint and it fails.
To be sure I also tried to call this route on the public endpoint and I have this (expected) response :
{"error": "Error 404 - The requested route does not exist. Make sure you are using the right path, domain, and port."}
On a previous issue, I said that I disabled maester to make it work on my K8S cluster. Do you think this may cause this problem ?
Right, try replacing challenge with login_challenge - although both should work: https://www.ory.sh/docs/hydra/sdk/api#get-an-login-request
Also, maybe redo the flow and make sure the challenge is properly propagated and that you're not confusing consent and login challenges which could cause a 404 "resource not found" error. You can also go in the SQL store and check if the challenge provided by you actually exists.
Ok,
If I understand the flow, the /oauth2/auth/requests/login will normally save the challenge string in my postresql db, until we accept it through /oauth2/auth/requests/accept ?
Hmm. But I think I have a biggest problem because I realize that /clients or /version are the only routes that work. /keys, /health or /metrics routes don't work at all ....
Thank you anyway
That sounds not right, maybe there's some routing misconfiguration or something.
hi , how was it resolved ?