[Freeipa-devel] [PATCH 0056] Add otptoken-sync command
Nathaniel McCallum
npmccallum at redhat.com
Tue Jun 24 16:26:19 UTC 2014
On Tue, 2014-06-24 at 15:39 +0300, Alexander Bokovoy wrote:
> On Tue, 03 Jun 2014, Nathaniel McCallum wrote:
> >On Tue, 2014-06-03 at 10:27 +0200, Petr Vobornik wrote:
> >> On 3.6.2014 05:08, Nathaniel McCallum wrote:
> >> > This command calls the token sync HTTP POST call in the server providing
> >> > the CLI interface to synchronization.
> >> >
> >> > https://fedorahosted.org/freeipa/ticket/4260
> >> >
> >> > This patch depends on my patch #0055.
> >> >
> >>
> >> Build fails on validation. You forgot to update API.txt and also the
> >> command misses __doc__.
> >>
> >> (not a proper review)
> Failed for me:
>
> [root at ipa-01 rpms]# ipa otptoken-show test.token
> Unique ID: test.token
> Description: test token
> Owner: abbra
> Vendor: FreeIPA
> Model: hotp
> [root at ipa-01 rpms]# ipa otptoken-sync abbra --token=test.token
> Password:
> First Code:
> Second Code:
> ipa: ERROR: non-public: IOError: ('http error', 401, 'Unauthorized',
> <httplib.HTTPMessage instance at 0x2cdde60>)
> Traceback (most recent call last):
> File "/usr/lib/python2.7/site-packages/ipalib/backend.py", line 129,
> in execute
> result = self.Command[_name](*args, **options)
> File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 439,
> in __call__
> ret = self.run(*args, **options)
> File "/usr/lib/python2.7/site-packages/ipalib/frontend.py", line 1118,
> in run
> return self.forward(*args, **options)
> File "/usr/lib/python2.7/site-packages/ipalib/plugins/otptoken.py",
> line 427, in forward
> rsp = urllib.urlopen(sync_uri, query)
> File "/usr/lib64/python2.7/urllib.py", line 89, in urlopen
> return opener.open(url, data)
> File "/usr/lib64/python2.7/urllib.py", line 210, in open
> return getattr(self, name)(url, data)
> File "/usr/lib64/python2.7/urllib.py", line 454, in open_https
> data)
> File "/usr/lib64/python2.7/urllib.py", line 374, in http_error
> result = method(url, fp, errcode, errmsg, headers, data)
> File "/usr/lib64/python2.7/urllib.py", line 689, in http_error_401
> errcode, errmsg, headers)
> File "/usr/lib64/python2.7/urllib.py", line 381, in http_error_default
> raise IOError, ('http error', errcode, errmsg, headers)
> IOError: ('http error', 401, 'Unauthorized', <httplib.HTTPMessage instance at 0x2cdde60>)
> ipa: ERROR: an internal error has occurred
>
> Note that I can successfully use the token. It looks like authentication
> with urllib.urlopen(sync_uri, query) fails.
Works for me (just tested). I suspect you have not updated the ipa httpd
config. Did you apply patches 0054, 0055 and 0056?
Nathaniel
More information about the Freeipa-devel
mailing list