Last active
October 8, 2020 07:47
-
-
Save kalemontes/8da33b60fbdced05843cd2e6ee415228 to your computer and use it in GitHub Desktop.
ibmsecurity issues 283 trace using `ibmsecurity.isam.aac.api_protection.definitions.set`
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mymachineTASK [isam/update_oauth_definition : Update OAuth 2.0 Definition 'oidc_app_test' parameter 'accessPolicyName'] ********************************************* | |
Using module file /etc/ansible/roles/isam-ansible-roles/start_config/library/isam.py | |
<mymachine> PUT /root/.ansible/tmp/ansible-local-2673pv736dnk/tmpzf1ycaly TO /root/.ansible/tmp/ansible-tmp-1602142544.0955336-2773-97583223816245/AnsiballZ_isam.py | |
<mymachine> EXEC /bin/sh -c 'chmod u+x /root/.ansible/tmp/ansible-tmp-1602142544.0955336-2773-97583223816245/ /root/.ansible/tmp/ansible-tmp-1602142544.0955336-2773-97583223816245/AnsiballZ_isam.py && sleep 0' | |
<mymachine> EXEC /bin/sh -c '/usr/bin/python /root/.ansible/tmp/ansible-tmp-1602142544.0955336-2773-97583223816245/AnsiballZ_isam.py && sleep 0' | |
<mymachine> EXEC /bin/sh -c 'rm -f -r /root/.ansible/tmp/ansible-tmp-1602142544.0955336-2773-97583223816245/ > /dev/null 2>&1 && sleep 0' | |
The full traceback is: | |
WARNING: The below traceback may *not* be related to the actual failure. | |
File "/tmp/ansible_isam_payload_NxVsTe/ansible_isam_payload.zip/ansible/modules/isam.py", line 135, in main | |
File "<string>", line 1, in <module> | |
File "/usr/lib/python2.7/site-packages/ibmsecurity/isam/aac/api_protection/definitions.py", line 364, in set | |
tokenCharSet=tokenCharSet, oidc=oidc, check_mode=check_mode, force=force) | |
File "/usr/lib/python2.7/site-packages/ibmsecurity/isam/aac/api_protection/definitions.py", line 319, in update | |
requires_version=requires_version, warnings=warnings) | |
File "/usr/lib/python2.7/site-packages/ibmsecurity/appliance/isamappliance.py", line 369, in invoke_put | |
requires_model=requires_model, warnings=warnings) | |
File "/usr/lib/python2.7/site-packages/ibmsecurity/appliance/isamappliance.py", line 352, in _invoke_request | |
self._process_response(return_obj=return_obj, http_response=r, ignore_error=ignore_error) | |
File "/usr/lib/python2.7/site-packages/ibmsecurity/appliance/isamappliance.py", line 67, in _process_response | |
raise IBMError("HTTP Return code: {0}".format(http_response.status_code), http_response.text) | |
fatal: [mymachine]: FAILED! => { | |
"changed": false, | |
"invocation": { | |
"module_args": { | |
"action": "ibmsecurity.isam.aac.api_protection.definitions.set", | |
"adminProxyApplianceShortName": false, | |
"adminProxyHostname": null, | |
"adminProxyPort": 443, | |
"adminProxyProtocol": "https", | |
"appliance": "mymachine", | |
"force": false, | |
"isamapi": { | |
"accessPolicyName": "oidc_prompt_eai_access_policy", | |
"accessTokenLength": 20, | |
"accessTokenLifetime": 300, | |
"authorizationCodeLength": 30, | |
"authorizationCodeLifetime": 300, | |
"description": "a description", | |
"enableMultipleRefreshTokensForFaultTolerance": true, | |
"enforceSingleAccessTokenPerGrant": false, | |
"enforceSingleUseAuthorizationGrant": true, | |
"grantTypes": [ | |
"IMPLICIT_GRANT", | |
"AUTHORIZATION_CODE" | |
], | |
"issueRefreshToken": true, | |
"maxAuthorizationGrantLifetime": 600, | |
"name": "oidc_app_test", | |
"oidc": { | |
"alg": "RS256", | |
"attributeSources": [ | |
{ | |
"attributeName": "full_name", | |
"attributeSourceId": "20" | |
}, | |
{ | |
"attributeName": "given_name", | |
"attributeSourceId": "6" | |
}, | |
{ | |
"attributeName": "family_name", | |
"attributeSourceId": "9" | |
}, | |
{ | |
"attributeName": "email", | |
"attributeSourceId": "27" | |
}, | |
{ | |
"attributeName": "locale", | |
"attributeSourceId": "8" | |
}, | |
{ | |
"attributeName": "role", | |
"attributeSourceId": "12" | |
}, | |
{ | |
"attributeName": "updated_at", | |
"attributeSourceId": "14" | |
}, | |
{ | |
"attributeName": "groups", | |
"attributeSourceId": "1" | |
}, | |
{ | |
"attributeName": "employee_number", | |
"attributeSourceId": "16" | |
}, | |
{ | |
"attributeName": "employee_type", | |
"attributeSourceId": "3" | |
}, | |
{ | |
"attributeName": "regate_code", | |
"attributeSourceId": "17" | |
}, | |
{ | |
"attributeName": "fonction", | |
"attributeSourceId": "19" | |
}, | |
{ | |
"attributeName": "apim_audience", | |
"attributeSourceId": "26" | |
} | |
], | |
"cert": "mycert", | |
"db": "oauth_idp_keys", | |
"dynamicClients": false, | |
"enabled": true, | |
"enc": { | |
"alg": null, | |
"enabled": false, | |
"enc": null | |
}, | |
"iss": "https://myissuer, | |
"issueSecret": false, | |
"lifetime": 300, | |
"poc": "https://myissuer/mga" | |
}, | |
"pinLength": 4, | |
"pinPolicyEnabled": false, | |
"refreshTokenLength": 40, | |
"tcmBehavior": "NEVER_PROMPT", | |
"tokenCharSet": "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" | |
}, | |
"lmi_port": 443, | |
"log": "INFO", | |
"omitAdminProxy": false, | |
"password": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER", | |
"username": "VALUE_SPECIFIED_IN_NO_LOG_PARAMETER" | |
} | |
}, | |
"log": "[2020-10-08 09:35:44,310] [PID:2787 TID:140276118849344] [INFO] [ibmsecurity.appliance.ibmappliance] [_log_desc():38] *** Retrieving version ***\n[2020-10-08 09:35:44,318] [PID:2787 TID:140276118849344] [INFO] [urllib3.connectionpool] [_new_conn():735] Starting new HTTPS connection (1): mymachine\n[2020-10-08 09:35:44,490] [PID:2787 TID:140276118849344] [INFO] [ibmsecurity.appliance.ibmappliance] [_log_desc():38] *** Get Setup Complete Settings ***\n[2020-10-08 09:35:44,640] [PID:2787 TID:140276118849344] [INFO] [ibmsecurity.appliance.ibmappliance] [_log_desc():38] *** Retrieving activations ***\n[2020-10-08 09:35:44,800] [PID:2787 TID:140276118849344] [INFO] [ibmsecurity.appliance.ibmappliance] [_log_desc():38] *** Retrieve a list of API protection definitions ***\n[2020-10-08 09:35:44,801] [PID:2787 TID:140276118849344] [INFO] [ibmsecurity.appliance.ibmappliance] [_process_warnings():143] Modules satisfying requirement: [u'mga', u'federation']\n[2020-10-08 09:35:45,070] [PID:2787 TID:140276118849344] [INFO] [ibmsecurity.isam.aac.api_protection.definitions] [search():59] Found definition oidc_app_test id: 25\n[2020-10-08 09:35:45,071] [PID:2787 TID:140276118849344] [INFO] [ibmsecurity.isam.aac.api_protection.definitions] [set():351] Definition oidc_app_test exists, requesting to update.\n[2020-10-08 09:35:45,071] [PID:2787 TID:140276118849344] [INFO] [ibmsecurity.appliance.ibmappliance] [_log_desc():38] *** Retrieve a list of API protection definitions ***\n[2020-10-08 09:35:45,071] [PID:2787 TID:140276118849344] [INFO] [ibmsecurity.appliance.ibmappliance] [_process_warnings():143] Modules satisfying requirement: [u'mga', u'federation']\n[2020-10-08 09:35:45,374] [PID:2787 TID:140276118849344] [INFO] [ibmsecurity.isam.aac.api_protection.definitions] [search():59] Found definition oidc_app_test id: 25\n[2020-10-08 09:35:45,374] [PID:2787 TID:140276118849344] [INFO] [ibmsecurity.appliance.ibmappliance] [_log_desc():38] *** Retrieve a specific API protection definition ***\n[2020-10-08 09:35:45,374] [PID:2787 TID:140276118849344] [INFO] [ibmsecurity.appliance.ibmappliance] [_process_warnings():143] Modules satisfying requirement: [u'mga', u'federation']\n[2020-10-08 09:35:45,632] [PID:2787 TID:140276118849344] [INFO] [ibmsecurity.appliance.ibmappliance] [_log_desc():38] *** Retrieve a list of access policies ***\n[2020-10-08 09:35:45,632] [PID:2787 TID:140276118849344] [INFO] [ibmsecurity.appliance.ibmappliance] [_process_warnings():143] Modules satisfying requirement: [u'mga', u'federation']\n[2020-10-08 09:35:45,888] [PID:2787 TID:140276118849344] [INFO] [ibmsecurity.appliance.ibmappliance] [_log_desc():38] *** Update a specified API protection definition ***\n[2020-10-08 09:35:45,889] [PID:2787 TID:140276118849344] [INFO] [ibmsecurity.appliance.ibmappliance] [_process_warnings():143] Modules satisfying requirement: [u'mga', u'federation']\n[2020-10-08 09:35:47,353] [PID:2787 TID:140276118849344] [ERROR] [ibmsecurity.appliance.ibmappliance] [_process_response():62] Request failed: \n[2020-10-08 09:35:47,353] [PID:2787 TID:140276118849344] [ERROR] [ibmsecurity.appliance.ibmappliance] [_process_response():63] status code: 400\n[2020-10-08 09:35:47,354] [PID:2787 TID:140276118849344] [ERROR] [ibmsecurity.appliance.ibmappliance] [_process_response():65] text: {\"result\":\"FBTRBA241E The JSON property [enc] received an invalid type of [type]. The expected type was [[string]].<br>FBTRBA241E The JSON property [alg] received an invalid type of [type]. The expected type was [[string]].\"}\n", | |
"msg": "('HTTP Return code: 400', u'{\"result\":\"FBTRBA241E The JSON property [enc] received an invalid type of [type]. The expected type was [[string]].<br>FBTRBA241E The JSON property [alg] received an invalid type of [type]. The expected type was [[string]].\"}')", | |
"name": "ibmsecurity.isam.aac.api_protection.definitions.set" | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment