Though i successfully added service providers, it is not listed down in the UI. When i add same one again it gives message like already exist. What is wrong here with me.
This is an already reported bug for IS-5.12.0-m13 and 5.12.0-m14-SNAPSHOT https://github.com/wso2/product-is/issues/11498.
You will be able to view the service providers using the console app (https://localhost:9443/console)
NOTE: This issue is not in 5.12.0-m12 - https://github.com/wso2/product-is/releases/tag/v5.12.0-m12
Related
I'm trying to use bigrquery from an interactive R session for the first time. I've installed the R bigrquery package and successfully established a connection. I've authenticated following a redirect from the interactive RStudio session to the web browser for login, so oauth seems to be working correctly. However, when I try to run a query, such as DBI::dbReadTable(con, "A549_raw_merged_TADs")[1:6, ], I get the error Error: The project variant-annotation has not enabled BigQuery. [invalid].
I am sure I need to enable something else in the project on the Google side, but I'm not sure what I need to enable, or how to do that from the web console interface.
Is this documented anywhere, or can anyone here give me instructions?
Note: I have confirmed that the BigQuery API has Activation status of Enabled via the console at https://console.cloud.google.com/apis/api/bigquery-json.googleapis.com/overview, so although my question is the same as Error processing job: Project has not enabled BigQuery, the issue appears to be different.
Additional information: when I check the BigQuery API status via the console link above, there's a notification that "To use this API, you may need credentials. Click 'Create credentials' to get started."
So it may be that my assumption that oauth seems to be working is not correct.
You can enable the BigQuery API with this command gcloud services enable bigquery.googleapis.com, but, since you mention it is already enabled, you may be pointing to a different project.
Feel free to ping me on a new thread if you require assistance on the new issue.
I have asked a similar question in a previous post, but I think this deserves it's own post.
In WSO2 Identity Server, I understand that service providers can be configured (on first startup only) if they are placed in the folder /repository/conf/identity/service-providers. I also understand that they are not visible through the management console ui if they are configured on first startup.
How do you edit them though? Let's say I want to want to edit the claims of an existing service provider? Change the allowed OAuth grant types? Even delete the service provider?
If I can't see the service provider in the console, how can I edit or delete it?
A follow-up but related question: What's the reasoning behind the "one and done" service provider setup that WSO2 provides? I expect to be adding service providers through the lifetime of my WSO2 implementation and it would be much easier if I could just place a file in a folder (the repository/conf/identity/service-providers folder that only works on first startup) and restart my server instead of going into the UI and performing multiple clicks to configure the service provider manually or upload it manually via file.
EDIT: #sajith pointed out that you should be able to configure service providers even after the server has started up once based on information in this article: https://docs.wso2.com/display/IS570/Configuring+a+SP+and+IdP+Using+Configuration+Files. However, I have not seen it work successfully. I know that something is happening because if I try to upload a service provider through the console (with a file upload) I get an error:
Console output:
Caused by: org.wso2.carbon.identity.application.common.IdentityApplicationManagementException: Application with the same name loaded from the file system.
So it looks like the WSO2 server is recognizing and loading the new service providers (even after the first startup) but I can't authenticate against them. Example response when attempting to authenticate against a new service provider:
{
"error_description": "A valid OAuth client could not be found for client_id: test",
"error": "invalid_client"
}
If I can't see the service provider in the console, how can I edit or
delete it? What's the reasoning behind the "one and done" service provider setup that WSO2 provides?
This document says you can restart the WSO2 Identity Server to apply the file-based service-provider and identity-provider configurations (configs which are placed inside <IS_HOME>/repository/conf/identity/) to the system.
I assume you have mixed with the following note regarding claim configurations.
The claims configured in /repository/conf/claim-config.xml
file get applied only when you start the product for the first time,
or for any newly created tenants. With the first startup, claim
dialects and claims will be loaded from the file and persisted in the
database. Any consecutive updates to the file will not be picked up
and claim dialects and claims will be loaded from the database.
Edit:
{
"error_description": "A valid OAuth client could not be found for client_id: test",
"error": "invalid_client" }
This is already answered in your previous question. invalid_client comes because you are setting a client id in the sp config file, but the identity server does not support to configure InboundAuthenticationConfig through this file.
Currently, the
InboundAuthenticationConfig in the deployed file is not supported.
But, you can have the SAML configurations in the
WSO2_HOME/repository/conf/identity/sso-idp-config.xml file.
Therefore, you may use SOAP admin services for that purpose.
I'm doing PoC of some GSuite custom solution which needs to listen to changes on users resource. I've created a GSuite account, linked it (and verified) with mytestdomain.com. It's also verified in API console. Basically followed instructions from https://developers.google.com/admin-sdk/directory/v1/guides/push
and fulfilled all requirements from there.
Unfortunately when I try to register my web hook I'm getting following error:
Watch request denied by backend [403]
Errors [
Message[Watch request denied by backend] Location[ - ] Reason[watchDenied] Domain[push]
]
I stuck with it and don't know where too look for more details about that error.
I'm using a certificate generated by Let's encrypt, but tested it with https://www.ssllabs.com/ssltest/ and got rank A. How to check if Google API treats Let's Encrypt as trusted CA?
Problem wasn't anyhow related to Let's Encrypt certificates. They're working just fine with Google's push notifications. I've contacted with Google support and with their help I've established that sending a request with showDeleted parameter set to true was a root cause of above problem.
Support guy claimed that documentation was copied from list method and that parameter cannot be used with watch method and they're going to update docs of watch method in API reference. (However it's still there).
I am just following what is on the guide
I've already populated the user's profile information but so far I only get sub. I want to get something same like in the guide:
{
"sub":"admin",
"email":"admin#wso2.com",
"website":"https://wso2.com",
"name":"admin",
"family_name":"admin",
"preferred_username":"admin",
"given_name":"admin",
"profile":"https://wso2.com",
"country":"Sri Lanka"
}
CONFIG
Identity Server - AWS Cloud with Domain and SSL + Nginx Proxy
Sample Web App - local machine
UPDATE:
It is an open bug. What
is the workaround to get the other fields? Based on that jira, only
the password grant is not fix, where to get the fix for code and
impilict grant?
I tried hosting the IS also locally, same results
To retrieve OIDC claim attributes to id_token or userinfo endpoint, the following steps needs to be done correctly(assuming you are working on IS 5.2.0).
1. Update relevant claims' Mapped Attribute with your underlying user store's matching attributes.
2. Update requested claims to Service provider [1].
3. Update missing attributes in '/_system/config/oidc' for scope 'openid' (Configuration changes in IS 5.2.0 [2]).
Have installed WSO2 IS on Ubuntu 14.04. All seems to be good, apart from when user logs in to dashboard, all the options are blank. I've searched google, but unfortunately no luck.
Dashboard screenshot :
There is no such behavior in IS 5.1.0. when I log in to the dashboard using the link https://localhost:9443/carbon/ I could see everything. Please have a look in to the image.Please refresh and see.
The issue is likely identical to the post (WSO2 V 5.0) regrading missing setup of the host and domain name. It requires adjustment of a few configuration files, as described at the following post: [ here ]
I had the same issue when using WSO2 IS on an internal domain.
Check your browser console and see if you are getting certification errors when you visit the dashboard, if so self sign a certificate with the domain name you are using and add it to the WSO2 keystore.
If remember correctly the certificates that ship with WSO2 IS are set to localhost.