Token API Documentation update
LuminousPath opened this issue · comments
Hi, I noticed in your wiki documentation for the api that the endpoint for token management is under token
but it seems like the endpoint is now behind the path prefix api/token
. Any chance to get the docs updated?
right sorry about will update that asap.
meanwhile it's briefly mentioned in the release notes:
https://github.com/ZerataX/matrix-registration/releases/tag/v0.9.0
sorry to hijack this issue but I'm also trying to access the token endpoint. I'm using a docker setup (pulled everything this morning) but it seems the api/token endpoint is not available
curl --head -H "Authorization: SharedSecret mytotalsecret" http://10.66.66.16:5000/api/token
HTTP/1.1 404 NOT FOUND
Content-Length: 232
Content-Type: text/html; charset=utf-8
Date: Tue, 20 Apr 2021 08:48:26 GMT
Server: waitress
if I try the old endpoint I get a internal server error
curl --head -H "Authorization: SharedSecret mytotalsecret" http://10.66.66.16:5000/token
HTTP/1.1 500 INTERNAL SERVER ERROR
Content-Length: 290
Content-Type: text/html; charset=utf-8
Date: Tue, 20 Apr 2021 08:48:34 GMT
Server: waitress
if I use a wrong password on the old endpoint I get
curl --head -H "Authorization: SharedSecret wrongpassword" http://10.66.66.16:5000/token
HTTP/1.1 401 UNAUTHORIZED
Content-Length: 58
Content-Type: application/json
Date: Tue, 20 Apr 2021 08:49:48 GMT
Server: waitress
Www-Authenticate: SharedSecret realm="Authentication Required"
my matrix-registration is running behind a nginx proxy with the following config snippet
location ~ ^/(static|register|token) {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://matrix-registration:5000;
}
ehm @jahlives i guess you would forward api
in nginx not token
. also make sure the api shared secret is not set to the default, otherwise the api is disabled
should be updated now, if nobody complains i'm going to close this issue soon
@zeratax
also with this nginx block it does not work
location ~ ^/(static|register|api|token) {
proxy_set_header X-Forwarded-For $remote_addr;
proxy_pass http://synapse-registration:5000;
}
still getting 404 NOT FOUND even when using wrongpassword in curl call.
curl --head -H "Authorization: SharedSecret wrongpassword" http://10.66.66.16:5000/api/token
HTTP/1.1 404 NOT FOUND
Content-Length: 232
Content-Type: text/html; charset=utf-8
Date: Thu, 22 Apr 2021 05:32:10 GMT
Server: waitress
if I just use token
endpoint I'll get the expected auth required
curl --head -H "Authorization: SharedSecret wrongpassword" http://10.66.66.16:5000/token
HTTP/1.1 401 UNAUTHORIZED
Content-Length: 58
Content-Type: application/json
Date: Thu, 22 Apr 2021 05:32:04 GMT
Server: waitress
Www-Authenticate: SharedSecret realm="Authentication Required"
but using the correct password on token
gives me the internal server error
curl --head -H "Authorization: SharedSecret correctpassword" http://10.66.66.16:5000/token
HTTP/1.1 500 INTERNAL SERVER ERROR
Content-Length: 290
Content-Type: text/html; charset=utf-8
Date: Thu, 22 Apr 2021 05:34:16 GMT
Server: waitress
so for me it seems that api/token
does not exist in my container. API is up according to netstat -tunlp
in container as port 5000 is bound to 0.0.0.0
Here is the snippet from my compose file
synapse-registration:
build: ./app/synapse-registration
container_name: matrix-registration
networks: ["internal"]
volumes:
- "./configs/synapse-registration/config.yaml:/etc/config.yaml:ro"
- "./configs/synapse-registration/register.html:/usr/local/lib/python3.9/site-packages/matrix_registration/templates/register.html:ro"
- "./data/matrix-registration/:/data/"
depends_on: ["synapse"]
command: /bin/sh -c 'matrix-registration --config-path /etc/config.yaml serve'
restart: unless-stopped
and in config.yaml
the api password is set
[...]
admin_api_shared_secret: 'correctpassword'
base_url: ''
db: 'sqlite:///{cwd}/data/db.sqlite3'
filename: /data/m_reg.log
host: '0.0.0.0'
port: 5000
[...]
any hint is highly appreciated but atm I can live with that as I can manage tokens directly in the container.
docker exec -it 3d34a9e7b281 matrix-registration --config-path /etc/config.yaml status -l
ChanceBridgeJerome
But api access would be nicer ;-)
If you like you can close the issue
@zeratax
omg how could I miss that??? :-)
I still had a matrix-registration instance running locally (not in docker) which was listening on port 5000. So my curls always talked to that instance instead of docker, let aside that the curls did not go via nginx proxy
curl it correctly gives me the expected answer, although still not on api/token
but on token
curl -k -H "Authorization: SharedSecret correctpassword." https://10.66.66.16/token
[{"ex_date":null,"name":"ChanceBridgeJerome","one_time":false,"used":0,"valid":true}]
sorry for the noise I made, case closed now from my side (although I still wonder why api/token
endpoint does not work)
looks like you're not on the latest version. the api subdirectory was just last week introduced
@zeratax
found why I have an old version: my Dockerfile installs matrix-registration via pip :-) Tried your image but then I get weird errors complaining that the cli arguments are not okay
matrix-registration | Usage: matrix-registration [OPTIONS] COMMAND [ARGS]...
matrix-registration |
matrix-registration | a token based matrix registration app
matrix-registration |
matrix-registration | Options:
matrix-registration | --config-path TEXT specifies the config file to be used
matrix-registration | --version Show the flask version
matrix-registration | -h, --help Show this message and exit.
matrix-registration |
matrix-registration | Commands:
matrix-registration | generate generate new token
matrix-registration | serve start api server
matrix-registration | status view status or disable
matrix-registration exited with code 0
which makes no sense to me as the command to start is as follows
command: /bin/sh -c 'matrix-registration --config-path /etc/config.yaml serve'
in my docker-compose file. Also used the db update as described here: https://github.com/ZerataX/matrix-registration/releases/tag/v0.9.0 But the error remained. Went back to the pip version and it works
hmm unsure what's going on with that dockerimage
sorry to re-open this issue. But now seems that the version on pip updated as well. So I got my version updated today and it produces the same errors (regardless of pip or docker image directly)
registration | 2021-05-26T14:20:49.003879113Z Usage: matrix-registration [OPTIONS] COMMAND [ARGS]...
registration | 2021-05-26T14:20:49.003935786Z
registration | 2021-05-26T14:20:49.003952889Z a token based matrix registration app
registration | 2021-05-26T14:20:49.003966510Z
registration | 2021-05-26T14:20:49.003979523Z Options:
registration | 2021-05-26T14:20:49.003992439Z --config-path TEXT specifies the config file to be used
registration | 2021-05-26T14:20:49.004005534Z --version Show the flask version
registration | 2021-05-26T14:20:49.004017721Z -h, --help Show this message and exit.
my command in docker-compose looks like this
[...]
volumes:
- "./configs/synapse-registration/config.yaml:/etc/config.yaml:ro"
- "./configs/synapse-registration/register.html:/usr/local/lib/python3.9/site-packages/matrix_registration/templates/register.html:ro"
- "./data/matrix-registration/:/data/"
command: /bin/sh -c 'matrix-registration --config-path /etc/config.yaml serve'
[...]
so atm matrix-registration is completly broken for me
The only way that works for me is to change my Dockerfile for the build to install matrix-registration==0.8.0
from pip