[keycloak-user] Fwd: Trying to create a user in a realm I get 405 response
Pedro Igor Silva
psilva at redhat.com
Thu Jul 5 14:30:23 EDT 2018
What if you set Content-Type: "application/json" to the request definition ?
On Thu, Jul 5, 2018 at 2:52 PM, Jorge Morales Pou <jmorales at redhat.com>
wrote:
> Hi,
> I'm deploying Che on OpenShift and I was trying to pre-create some users in
> Keycloak.
> This Che and Keycloak are deployed using Ansible, and so far so good. I'm
> using the templates from github.com/eclipse/che.
>
> This deployment comes preconfigured with a che realm as well as the ability
> to change the master realm admin's username and password, which I do, for
> security reasons, but the che realm don't allow me to change the
> username/password for the admin, so those default to admin/admin (as of
> now).
>
> The problem comes when I try to create a user via rest.
>
> I have the following 2 ansible tasks (they are easily understood):
>
> - name: get auth token from keycloak
> uri:
> url: http://keycloak-{{ project_name }}.{{ apps_hostname_suffix
> }}/auth/realms/che/protocol/openid-connect/token
> method: POST
> body: "username=admin&password=admin&grant_type=password&
> client_id=admin-cli
> "
> status_code: 200
> headers:
> Content-Type: "application/x-www-form-urlencoded"
> status_code: 200
> register: access_token_result
>
> - set_fact:
> access_token_bearer: "{{ access_token_result.json |
> json_query('access_token') }}"
>
> - name: Pre-create {{ che_generate_user_count }} users in che realm with
> format ({{ che_generate_user_format }})
> uri:
> url: http://che-{{ project_name }}.{{ apps_hostname_suffix
> }}/admin/realms/che/users
> method: POST
> body: "{{ lookup('template','che-user.json.j2') }}"
> body_format: json
> status_code: 204
> headers:
> Authorization: "Bearer {{ access_token_bearer }}"
> vars:
> username: "{{ item }}"
> first_name: "User"
> last_name: "{{ item }}"
> email: "{{ item }}@none.com"
> password: "{{ che_generate_user_password }}"
> with_sequence: start={{ che_generate_user_count|int if
> che_generate_user_count|int < 1 else 1}} end={{ che_generate_user_count }}
> format={{ che_generate_user_format }}
> when: che_generate_user_count|int > 0
>
> And the che-user.json that I use for the request is this:
> {
> "username": "{{ username }}",
> "enabled": "true",
> "firstName": "{{ first_name }}",
> "lastName": "{{ last_name }}",
> "email": "{{ email }}",
> "credentials": [
> {
> "type": "password",
> "value": "{{ password }}"
> }
> ]
> }
>
>
> Everything looks perfectly configured on my end, and I've tried using curl
> as seen in many documentation to troubleshoot but with same error.
>
> I get a 405, POST method not allowed.
>
> This is the verbose stack of the request, which has all the valuable info
> (host-name is changed):
>
> ------------------------------------------------
> failed: [localhost] (item=user1) => {
> "changed": false,
> "connection": "close",
> "content": "<!doctype html><html lang=\"en\"><head><title>HTTP Status
> 405 – Method Not Allowed</title><style type=\"text/css\">h1
> {font-family:Tahoma,Arial,sans-serif;color:white;
> background-color:#525D76;font-size:22px;} h2 {font-family:Tahoma,Arial,
> sans-serif;color:white;background-color:#525D76;font-size:16px;} h3
> {font-family:Tahoma,Arial,sans-serif;color:white;
> background-color:#525D76;font-size:14px;} body {font-family:Tahoma,Arial,
> sans-serif;color:black;background-color:white;} b
> {font-family:Tahoma,Arial,
> sans-serif;color:white;background-color:#525D76;} p
> {font-family:Tahoma,Arial,sans-serif;background:white;
> color:black;font-size:12px;}
> a {color:black;} a.name {color:black;} .line
> {height:1px;background-color:#
> 525D76;border:none;}</style></head><body><h1>HTTP Status 405 – Method Not
> Allowed</h1><hr class=\"line\" /><p><b>Type</b> Status
> Report</p><p><b>Message</b> HTTP method POST is not supported by this
> URL</p><p><b>Description</b> The method received in the request-line is
> known by the origin server but not supported by the target resource.</p><hr
> class=\"line\" /><h3>Apache Tomcat/8.5.23</h3></body></html>",
> "content_language": "en",
> "content_length": "1117",
> "content_type": "text/html;charset=utf-8",
> "date": "Thu, 05 Jul 2018 17:12:32 GMT",
> "invocation": {
> "module_args": {
> "attributes": null,
> "backup": null,
> "body": {
> "credentials": [
> {
> "type": "password",
> "value": "password"
> }
> ],
> "email": "user1 at none.com",
> "enabled": "true",
> "firstName": "User",
> "lastName": "user1",
> "username": "user1"
> },
> "body_format": "json",
> "client_cert": null,
> "client_key": null,
> "content": null,
> "creates": null,
> "delimiter": null,
> "dest": null,
> "directory_mode": null,
> "follow": false,
> "follow_redirects": "safe",
> "force": false,
> "force_basic_auth": false,
> "group": null,
> "headers": {
> "Authorization": "Bearer eyJhbGciOiJSUzI1NiIsInR5cCIgOi
> AiSldUIiwia2lkIiA6ICJlMjNGc3kzRlI5dnRUZms3TGlkX1lQOGU0cDNoY0
> psM20wQTRnckIzNnJJIn0.eyJqdGkiOiIzYjkyZTUxZi1iZTc0LT
> QwODItYmFjZS01YjAwNTA0MWE2YmIiLCJleHAiOjE1MzA4MTEwNTEsIm5iZi
> I6MCwiaWF0IjoxNTMwODEwNzUxLCJpc3MiOiJodHRwOi8va2V5Y2xvYWstc3
> RhcnRlci13b3Jrc2hvcC1hcGItdGVzdC5hcHBzLm9zZXZnLm9wZW5zaGlmdH
> dvcmtzaG9wLmNvbS9hdXRoL3JlYWxtcy9jaGUiLCJhdWQiOiJhZG1pbi1jbG
> kiLCJzdWIiOiJiMDdlM2E1OC1lZDUwLTRhNmUtYmUxNy1mY2Y0OWZmOGIyND
> IiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJhZG1pbi1jbGkiLCJhdXRoX3RpbW
> UiOjAsInNlc3Npb25fc3RhdGUiOiI1MGRhMGJiNy0zOTc3LTQzMjQtOWY2OS
> 03NjkzNmEwZGIzMmMiLCJhY3IiOiIxIiwiYWxsb3dlZC1vcmlnaW5zIjpbXS
> wicmVzb3VyY2VfYWNjZXNzIjp7fSwibmFtZSI6IkFkbWluIEFkbWluIiwicH
> JlZmVycmVkX3VzZXJuYW1lIjoiYWRtaW4iLCJnaXZlbl9uYW1lIjoiQWRtaW
> 4iLCJmYW1pbHlfbmFtZSI6IkFkbWluIiwiZW1haWwiOiJhZG1pbkBhZG1pbi
> 5jb20ifQ.DTjDZ_
> Kx9QMDcLqMRtGir5PwzOhXEBc3-jg3vZgToooKfvC1b1Kw1DSHCM1hJuwriw-
> dBp2dQMAk2CjwwFNNb2lKFVxCGvmk4KQLRG3giv_BHQcoeFZ-Ol7sQJvFL-
> V-XyAV6KWO9a0WPai6C6hkHw37Ksp_klzk89jAoSSxrtOJ8zUOjzxT_
> XS99cwj6NYNJnyTczppAMB14Nm8-a9gexDnUqUmOlifFCyH7i2Fyrk2pnT
> GFEFjB92QCUWJEXpFOKdx9-IGi7y8ywRH7a9R-dcuOb1_
> Mx6Xbi79qjfow6EKJYDAjNupKOUfOO
> qNFscgwR6kUdbsEfRr3JCmmTL8cw",
> "Content-Type": "application/json"
> },
> "http_agent": "ansible-httpget",
> "method": "POST",
> "mode": null,
> "owner": null,
> "regexp": null,
> "remote_src": null,
> "removes": null,
> "return_content": false,
> "selevel": null,
> "serole": null,
> "setype": null,
> "seuser": null,
> "src": null,
> "status_code": [
> "204"
> ],
> "timeout": 30,
> "unsafe_writes": null,
> "url": "http://che-starter-workshop-
> apb-test.apps.mydomain.com/
> auth/realms/che/users",
> "url_password": null,
> "url_username": null,
> "use_proxy": true,
> "validate_certs": true
> }
> },
> "item": "user1",
> "msg": "Status code was 405 and not [204]: HTTP Error 405: ",
> "redirected": false,
> "set_cookie": "688655d95dc9dee6e6f6057ef3239223=
> 5aac40b93e1fbe870f8d213baa7a4c7a; path=/; HttpOnly",
> "status": 405,
> "url": "http://che-starter-workshop-apb-test.apps.osevg.
> openshiftworkshop.com/auth/realms/che/users"
> }
> ------------------------------------------------
>
>
> Anyone can provide some insight into what I'm doing wrong? Is it the
> request or is it the che realm configuration
> <https://github.com/eclipse/che/blob/master/dockerfiles/
> init/modules/keycloak/templates/che-realm.json.erb>
> or the client in the realm
> <https://github.com/eclipse/che/blob/master/dockerfiles/
> init/modules/keycloak/templates/che-users-0.json.erb>
> used to get the token?
>
> Cheers,
>
> *Jorge Morales*
> Red Hat <https://www.openshift.com/>
> <https://www.openshift.com/>
> OpenShift <https://www.openshift.com> Developer Advocate
>
> http://jorgemoral.es/
>
> | @jorgemoralespou <https://twitter.com/jorgemoralespou>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list