Skip to content
This repository has been archived by the owner on Feb 25, 2019. It is now read-only.

Validation error when registering a new client #77

Open
simonrenoult opened this issue Jan 6, 2016 · 4 comments
Open

Validation error when registering a new client #77

simonrenoult opened this issue Jan 6, 2016 · 4 comments

Comments

@simonrenoult
Copy link

Hi there,

We're trying to automate the initialization of our AnvilConnect setup thus using the CLI quite intensively but have stumbled upon a few problems.

This is the code of the client we're trying to register:

nvl client:register \
  --trusted \
  --name "CMS" \
  --uri https://cms-test/app \
  --logo-uri http://toto.com \
  --application-type web \
  --response-type "id_token token" \
  --grant-type implicit \
  --default-max-age 3600 \
  --redirect-uri "https://cms-test/app/" \
  --redirect-uri "http://localhost:8082/app/" \
  --post-logout-redirect-uri "https://cms-test/app" \
  --post-logout-redirect-uri "http://localhost:8082/app"

This lead to a Validation Error. Since the error is not detailed, we logged the error in the connect-cli Clients API and this is the result:

{
  "valid": false,
  "errors": {
    "redirect_uris": {
      "attribute": "conform",
      "property": "redirect_uris",
      "actual": ["https://cms-test/app/","http://localhost:8082/app/"],
      "message": "Must follow guidelines in OpenID Connect Registration 1.0 specification for client metadata"
    }
  },
  "name": "ValidationError",
  "message": "Validation error.",
  "statusCode": 400
}

Nothing seems wrong to me but I might be missing something... Or is the CLI error message wrong?

Since the CLI was failing, we asked the API using POST /v1/clients with the data and the correct access token:

{
  "trusted": true,
  "client_name": "CMS",
  "client_uri": "https://cms-test/app",
  "logo_uri": "http://toto.com",
  "application_type": "web",
  "response_types": ["id_token token"],
  "grant_types": ["implicit"],
  "default_max_age": 3600,
  "redirect_uris": ["https://cms-test/app/", "http://localhost:8082/app/"],
  "post_logout_redirect_uris": ["https://cms-test/app","http://localhost:8082/app"]
}

But still got a Validation error.

Any idea or suggestion?
@simonrenoult simonrenoult changed the title Validation error whil registering a new client Validation error when registering a new client Jan 6, 2016
@christiansmith
Copy link
Member

This is discussed as part of another issue, but I can't recall which. There is a bug with the flags that deal with array properties. In addition to fixing that, I think we need to add a --json flag so you can just pass in whatever you want.

@simonrenoult
Copy link
Author

I guess it's related to #75, #70, #52 and #55

@christiansmith
Copy link
Member

Thanks for looking those up.

@JonathanLifschutz
Copy link

JonathanLifschutz commented May 24, 2016
edited
Loading

Hi @simonrenoult I suspect that the problem is with this redirect uri: http://localhost:8082/app/. Anvil's client validation ensures that no redirect uris can have a hostname of 'localhost' or a protocol of 'http' for the implicit grant type if the server is in production mode.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@christiansmith @simonrenoult @JonathanLifschutz