[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Allowed to read oapi version without auth token, but not allowed with token !?



Khm, sorry for wasting your time.

The cause was something completely different. I used the master's hostname when doing "oc login", but I actually used the master's IP when performing the curl ( I replaced it with "master" in the email itself).

BTW: the newline isn't a problem. -H "Authorization: Bearer `oc whoami -t`" works just fine when you use the proper host.

M.


On 29. 10. 2015 15:24, Jordan Liggitt wrote:
Also, if your token is expired, you'll get a 401, even if the request would have succeeded anonymously.

On Thu, Oct 29, 2015 at 10:19 AM, Andy Goldstein <agoldste redhat com> wrote:
I'm pretty sure you need to strip the newline that `oc whoami -t` prints.

On Thu, Oct 29, 2015 at 10:14 AM, Marko Lukša <marko luksa gmail com> wrote:
Hey guys,

Is this a bug or a feature? :)

$ curl https://master:8443/oapi -k
{
  "versions": [
    "v1"
  ]
}

$ curl -H "Authorization: Bearer `oc whoami -t`" https://master:8443/oapi -k
Unauthorized

$ oc whoami
admin

$ oc get rolebindings
NAME                    ROLE                    USERS GROUPS                          SERVICE ACCOUNTS      SUBJECTS
admins                  /admin                  admin
...

Regards,
Marko

_______________________________________________
users mailing list
users lists openshift redhat com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users


_______________________________________________
users mailing list
users lists openshift redhat com
http://lists.openshift.redhat.com/openshiftmm/listinfo/users




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]