From psilva at redhat.com Thu Jul  5 14:30:24 2018
Content-Type: multipart/mixed; boundary="===============8577624598368843569=="
MIME-Version: 1.0
From: Pedro Igor Silva <psilva at redhat.com>
To: keycloak-user at lists.jboss.org
Subject: Re: [keycloak-user] Fwd: Trying to create a user in a realm I get 405
 response
Date: Thu, 05 Jul 2018 15:30:23 -0300
Message-ID: <CAJrcDBeinTEueY1kUdFY7zoQcWD-ghf5rTFhq5S6Y8ZL8OBWFg@mail.gmail.com>
In-Reply-To: CAMz5fLcJqX1+FFfOrMM4xrgXBNmeDefS5Xf5OUJb6tJLQric1Q@mail.gmail.com

--===============8577624598368843569==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

What if you set Content-Type: "application/json" to the request definition ?

On Thu, Jul 5, 2018 at 2:52 PM, Jorge Morales Pou <jmorales(a)redhat.com>
wrote:

> Hi,
> I'm deploying Che on OpenShift and I was trying to pre-create some users =
in
> Keycloak.
> This Che and Keycloak are deployed using Ansible, and so far so good. I'm
> using the templates from github.com/eclipse/che.
>
> This deployment comes preconfigured with a che realm as well as the abili=
ty
> to change the master realm admin's username and password, which I do, for
> security reasons, but the che realm don't allow me to change the
> username/password for the admin, so those default to admin/admin (as of
> now).
>
> The problem comes when I try to create a user via rest.
>
> I have the following 2 ansible tasks (they are easily understood):
>
> - name: get auth token from keycloak
> uri:
> url: http://keycloak-{{ project_name }}.{{ apps_hostname_suffix
> }}/auth/realms/che/protocol/openid-connect/token
> method: POST
> body: "username=3Dadmin&password=3Dadmin&grant_type=3Dpassword&
> client_id=3Dadmin-cli
> "
> status_code: 200
> headers:
> Content-Type: "application/x-www-form-urlencoded"
> status_code: 200
> register: access_token_result
>
> - set_fact:
> access_token_bearer: "{{ access_token_result.json |
> json_query('access_token') }}"
>
> - name: Pre-create {{ che_generate_user_count }} users in che realm with
> format ({{ che_generate_user_format }})
> uri:
> url: http://che-{{ project_name }}.{{ apps_hostname_suffix
> }}/admin/realms/che/users
> method: POST
> body: "{{ lookup('template','che-user.json.j2') }}"
> body_format: json
> status_code: 204
> headers:
> Authorization: "Bearer {{ access_token_bearer }}"
> vars:
> username: "{{ item }}"
> first_name: "User"
> last_name: "{{ item }}"
> email: "{{ item }}@none.com"
> password: "{{ che_generate_user_password }}"
> with_sequence: start=3D{{ che_generate_user_count|int if
> che_generate_user_count|int < 1 else 1}} end=3D{{ che_generate_user_count=
 }}
> format=3D{{ che_generate_user_format }}
> when: che_generate_user_count|int > 0
>
> And the che-user.json that I use for the request is this:
> {
> "username": "{{ username }}",
> "enabled": "true",
> "firstName": "{{ first_name }}",
> "lastName": "{{ last_name }}",
> "email": "{{ email }}",
> "credentials": [
> {
> "type": "password",
> "value": "{{ password }}"
> }
> ]
> }
>
>
> Everything looks perfectly configured on my end, and I've tried using curl
> as seen in many documentation to troubleshoot but with same error.
>
> I get a 405, POST method not allowed.
>
> This is the verbose stack of the request, which has all the valuable info
> (host-name is changed):
>
> ------------------------------------------------
> failed: [localhost] (item=3Duser1) =3D> {
>     "changed": false,
>     "connection": "close",
>     "content": "<!doctype html><html lang=3D\"en\"><head><title>HTTP Stat=
us
> 405 =E2=80=93 Method Not Allowed</title><style type=3D\"text/css\">h1
> {font-family:Tahoma,Arial,sans-serif;color:white;
> background-color:#525D76;font-size:22px;} h2 {font-family:Tahoma,Arial,
> sans-serif;color:white;background-color:#525D76;font-size:16px;} h3
> {font-family:Tahoma,Arial,sans-serif;color:white;
> background-color:#525D76;font-size:14px;} body {font-family:Tahoma,Arial,
> sans-serif;color:black;background-color:white;} b
> {font-family:Tahoma,Arial,
> sans-serif;color:white;background-color:#525D76;} p
> {font-family:Tahoma,Arial,sans-serif;background:white;
> color:black;font-size:12px;}
> a {color:black;} a.name {color:black;} .line
> {height:1px;background-color:#
> 525D76;border:none;}</style></head><body><h1>HTTP Status 405 =E2=80=93 Me=
thod Not
> Allowed</h1><hr class=3D\"line\" /><p><b>Type</b> Status
> Report</p><p><b>Message</b> HTTP method POST is not supported by this
> URL</p><p><b>Description</b> The method received in the request-line is
> known by the origin server but not supported by the target resource.</p><=
hr
> class=3D\"line\" /><h3>Apache Tomcat/8.5.23</h3></body></html>",
>     "content_language": "en",
>     "content_length": "1117",
>     "content_type": "text/html;charset=3Dutf-8",
>     "date": "Thu, 05 Jul 2018 17:12:32 GMT",
>     "invocation": {
>         "module_args": {
>             "attributes": null,
>             "backup": null,
>             "body": {
>                 "credentials": [
>                     {
>                         "type": "password",
>                         "value": "password"
>                     }
>                 ],
>                 "email": "user1(a)none.com",
>                 "enabled": "true",
>                 "firstName": "User",
>                 "lastName": "user1",
>                 "username": "user1"
>             },
>             "body_format": "json",
>             "client_cert": null,
>             "client_key": null,
>             "content": null,
>             "creates": null,
>             "delimiter": null,
>             "dest": null,
>             "directory_mode": null,
>             "follow": false,
>             "follow_redirects": "safe",
>             "force": false,
>             "force_basic_auth": false,
>             "group": null,
>             "headers": {
>                 "Authorization": "Bearer eyJhbGciOiJSUzI1NiIsInR5cCIgOi
> AiSldUIiwia2lkIiA6ICJlMjNGc3kzRlI5dnRUZms3TGlkX1lQOGU0cDNoY0
> psM20wQTRnckIzNnJJIn0.eyJqdGkiOiIzYjkyZTUxZi1iZTc0LT
> QwODItYmFjZS01YjAwNTA0MWE2YmIiLCJleHAiOjE1MzA4MTEwNTEsIm5iZi
> I6MCwiaWF0IjoxNTMwODEwNzUxLCJpc3MiOiJodHRwOi8va2V5Y2xvYWstc3
> RhcnRlci13b3Jrc2hvcC1hcGItdGVzdC5hcHBzLm9zZXZnLm9wZW5zaGlmdH
> dvcmtzaG9wLmNvbS9hdXRoL3JlYWxtcy9jaGUiLCJhdWQiOiJhZG1pbi1jbG
> kiLCJzdWIiOiJiMDdlM2E1OC1lZDUwLTRhNmUtYmUxNy1mY2Y0OWZmOGIyND
> IiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJhZG1pbi1jbGkiLCJhdXRoX3RpbW
> UiOjAsInNlc3Npb25fc3RhdGUiOiI1MGRhMGJiNy0zOTc3LTQzMjQtOWY2OS
> 03NjkzNmEwZGIzMmMiLCJhY3IiOiIxIiwiYWxsb3dlZC1vcmlnaW5zIjpbXS
> wicmVzb3VyY2VfYWNjZXNzIjp7fSwibmFtZSI6IkFkbWluIEFkbWluIiwicH
> JlZmVycmVkX3VzZXJuYW1lIjoiYWRtaW4iLCJnaXZlbl9uYW1lIjoiQWRtaW
> 4iLCJmYW1pbHlfbmFtZSI6IkFkbWluIiwiZW1haWwiOiJhZG1pbkBhZG1pbi
> 5jb20ifQ.DTjDZ_
> Kx9QMDcLqMRtGir5PwzOhXEBc3-jg3vZgToooKfvC1b1Kw1DSHCM1hJuwriw-
> dBp2dQMAk2CjwwFNNb2lKFVxCGvmk4KQLRG3giv_BHQcoeFZ-Ol7sQJvFL-
> V-XyAV6KWO9a0WPai6C6hkHw37Ksp_klzk89jAoSSxrtOJ8zUOjzxT_
> XS99cwj6NYNJnyTczppAMB14Nm8-a9gexDnUqUmOlifFCyH7i2Fyrk2pnT
> GFEFjB92QCUWJEXpFOKdx9-IGi7y8ywRH7a9R-dcuOb1_
> Mx6Xbi79qjfow6EKJYDAjNupKOUfOO
> qNFscgwR6kUdbsEfRr3JCmmTL8cw",
>                 "Content-Type": "application/json"
>             },
>             "http_agent": "ansible-httpget",
>             "method": "POST",
>             "mode": null,
>             "owner": null,
>             "regexp": null,
>             "remote_src": null,
>             "removes": null,
>             "return_content": false,
>             "selevel": null,
>             "serole": null,
>             "setype": null,
>             "seuser": null,
>             "src": null,
>             "status_code": [
>                 "204"
>             ],
>             "timeout": 30,
>             "unsafe_writes": null,
>             "url": "http://che-starter-workshop-
> apb-test.apps.mydomain.com/
> auth/realms/che/users",
>             "url_password": null,
>             "url_username": null,
>             "use_proxy": true,
>             "validate_certs": true
>         }
>     },
>     "item": "user1",
>     "msg": "Status code was 405 and not [204]: HTTP Error 405: ",
>     "redirected": false,
>     "set_cookie": "688655d95dc9dee6e6f6057ef3239223=3D
> 5aac40b93e1fbe870f8d213baa7a4c7a; path=3D/; HttpOnly",
>     "status": 405,
>     "url": "http://che-starter-workshop-apb-test.apps.osevg.
> openshiftworkshop.com/auth/realms/che/users"
> }
> ------------------------------------------------
>
>
> Anyone can provide some insight into what I'm doing wrong? Is it the
> request or is it the che realm configuration
> <https://github.com/eclipse/che/blob/master/dockerfiles/
> init/modules/keycloak/templates/che-realm.json.erb>
> or the client in the realm
> <https://github.com/eclipse/che/blob/master/dockerfiles/
> init/modules/keycloak/templates/che-users-0.json.erb>
> used to get the token?
>
> Cheers,
>
> *Jorge Morales*
> Red Hat <https://www.openshift.com/>
> <https://www.openshift.com/>
> OpenShift <https://www.openshift.com> Developer Advocate
> =E2=80=8B
> http://jorgemoral.es/
>
> | @jorgemoralespou <https://twitter.com/jorgemoralespou>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user

--===============8577624598368843569==--