Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to return consent sessions for a user #1203

Closed
pixelblend opened this issue Dec 6, 2018 · 10 comments
Closed

Unable to return consent sessions for a user #1203

pixelblend opened this issue Dec 6, 2018 · 10 comments
Assignees
@aeneasr
Labels
bug Something is not working. package/consent
Milestone
v1.0.0-rc.4

Comments

@pixelblend
Copy link

pixelblend commented Dec 6, 2018
edited
Loading

Describe the bug

  1. Given a table with these values:

screenshot 2018-12-06 at 12 35 04

  1. Making request for consent sessions with the user value matching the subject, nothing is returned

screenshot 2018-12-06 at 14 07 54

Expected behavior
A list of the consent sessions

Version:

  • Environment: Docker
  • Version: v1.0.0-rc.2_oryOS.9-alpine
  • Database: Postgres 10.5
@aeneasr
Copy link
Member

aeneasr commented Dec 6, 2018

Could you include the whole table row? Things like "remember" and "remember_for" are important here!

@aeneasr
Copy link
Member

aeneasr commented Dec 6, 2018

Oh and could you please include logs :)

@aeneasr
Copy link
Member

aeneasr commented Dec 6, 2018

Another question @pixelblend , which DB are you using?

@pixelblend
Copy link
Author

pixelblend commented Dec 6, 2018
edited
Loading

Logs:

auth_1      | time="2018-12-06T14:08:34Z" level=info msg="started handling request" method=GET remote="172.22.0.1:43768" request=/oauth2/auth/sessions/consent/018ae5e7-cdd2-4218-9c6b-a253541bb150
auth_1      | time="2018-12-06T14:08:34Z" level=info msg="completed handling request" measure#http://localhost:9000/.latency=12635900 method=GET remote="172.22.0.1:43768" request=/oauth2/auth/sessions/consent/018ae5e7-cdd2-4218-9c6b-a253541bb150 status=200 text_status=OK took=12.6359ms

JSON export of table:

[
  {
    "challenge": "bcfaf290bc7d4fdebbbaff174f145b67",
    "verifier": "6bb42f66b19a46a586c1209a0b51a82d",
    "client_id": "XXX",
    "subject": "018ae5e7-cdd2-4218-9c6b-a253541bb150",
    "request_url": "http://localhost:9000/oauth2/auth?brand=codeclub&client_id=union-dev&redirect_uri=http%3A%2F%2Flocalhost%3A3333%2Fcb&response_type=code&scope=openid+email+profile+force-consent&state=b63450d7ffab76cf61da52ba2f1a626224a54d7f5dd9e03a",
    "skip": false,
    "requested_scope": "openid|email|profile|force-consent",
    "csrf": "7ecca06501184ed78a4405711e2f487d",
    "authenticated_at": "2018-12-06 14:35:41.26738",
    "requested_at": "2018-12-06 14:35:37.320656",
    "oidc_context": "{}",
    "forced_subject_identifier": "",
    "login_session_id": null,
    "login_challenge": "7559294f0dc145f4accc6dfd9741c616",
    "requested_at_audience": "",
    "acr": ""
  }
]

@pixelblend
Copy link
Author

Database is Postgres 10.5

@aeneasr
Copy link
Member

aeneasr commented Dec 6, 2018

Cool, that is really helpful. Could you do me another favor and give the output of:

SELECT h.*, r.* FROM
	hydra_oauth2_consent_request_handled as h
JOIN
	hydra_oauth2_consent_request as r ON (h.challenge = r.challenge)
WHERE
r.subject="<YOUR SUBJECT ID GOES HERE>"

and print the (redacted) output here?

@pixelblend
Copy link
Author

Cool, that is really helpful. Could you do me another favor and give the output of:
and print the (redacted) output here?

[
  {
    "granted_scope": "openid|email|profile|force-consent",
    "remember": false,
    "remember_for": 3600,
    "error": "{}",
    "session_access_token": "{}",
    "session_id_token": "{\"email\":\"jane.doe@example.com\",\"email_verified\":true,\"name\":\"Jane Doe\",\"nickname\":\"Jane\",\"picture\":\"http://localhost:3000/profile/018ae5e7-cdd2-4218-9c6b-a253541bb150/avatar\",\"profile\":\"http://localhost:3000/profile\",\"uuid\":\"018ae5e7-cdd2-4218-9c6b-a253541bb150\"}",
    "was_used": true,
    "granted_at_audience": "",
    "challenge": "bcfaf290bc7d4fdebbbaff174f145b67",
    "verifier": "6bb42f66b19a46a586c1209a0b51a82d",
    "client_id": "XXX",
    "subject": "018ae5e7-cdd2-4218-9c6b-a253541bb150",
    "request_url": "http://localhost:9000/oauth2/auth?brand=XXX&client_id=SSS&redirect_uri=http%3A%2F%2Flocalhost%3A3333%2Fcb&response_type=code&scope=openid+email+profile+force-consent&state=b63450d7ffab76cf61da52ba2f1a626224a54d7f5dd9e03a",
    "skip": false,
    "requested_scope": "openid|email|profile|force-consent",
    "csrf": "7ecca06501184ed78a4405711e2f487d",
    "authenticated_at": "2018-12-06 14:35:41.26738",
    "requested_at": "2018-12-06 14:35:37.320656",
    "oidc_context": "{}",
    "forced_subject_identifier": "",
    "login_session_id": null,
    "login_challenge": "7559294f0dc145f4accc6dfd9741c616",
    "requested_at_audience": "",
    "acr": ""
  }
]

@aeneasr
Copy link
Member

aeneasr commented Dec 6, 2018

Ok so remember is set to false here, so the consent request has actually not been remembered. I realize that this is misleading as the app still has access. If it were set to true, you would see the values. I'll get onto that with the next release.

@aeneasr aeneasr added this to the v1.0.0-rc.3 milestone Dec 6, 2018
@aeneasr aeneasr self-assigned this Dec 6, 2018
@aeneasr aeneasr added bug Something is not working. package/consent labels Dec 6, 2018
@aeneasr
Copy link
Member

aeneasr commented Dec 6, 2018

In the meanwhile, set remember to true and you will see the values, which should help you build the UI while the issue is being fixed.

@pixelblend
Copy link
Author

Thanks, I'll give that a try.

aeneasr added a commit that referenced this issue Dec 7, 2018
@aeneasr
consent: Show all granted consent requests
159ad3b 
Instead of just showing consent requests which have remember set to true, show all past consent request.

Closes #1203

Signed-off-by: aeneasr <aeneas@ory.sh>
@aeneasr aeneasr mentioned this issue Dec 7, 2018
Merged
aeneasr added a commit that referenced this issue Dec 7, 2018
@aeneasr
consent: Show all granted consent requests (#1206)
f54448c 
Instead of just showing consent requests which have remember set to true, show all past consent request.

Closes #1203

Signed-off-by: aeneasr <aeneas@ory.sh>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@aeneasr aeneasr

Labels
bug Something is not working. package/consent
Projects
None yet
Milestone
v1.0.0-rc.4
Development

No branches or pull requests
2 participants
@pixelblend @aeneasr