Apicurio-studio: API ๊ฒŒ์‹œ ์ค‘ ์˜ค๋ฅ˜

์— ๋งŒ๋“  2019๋…„ 06์›” 24์ผ  ยท  5์ฝ”๋ฉ˜ํŠธ  ยท  ์ถœ์ฒ˜: Apicurio/apicurio-studio

ApiCurio(http, ํฌํŠธ 8080)๋Š” Nginx(http, ํฌํŠธ 80) ๋’ค์—์„œ ์‹คํ–‰๋ฉ๋‹ˆ๋‹ค. F5(https)๋Š” ์š”์ฒญ์„ Nginx๋กœ ์ „๋‹ฌํ•ฉ๋‹ˆ๋‹ค. https://github.com ์„ ์„ฑ๊ณต์ ์œผ๋กœ ์—ฐ๊ฒฐํ•  ์ˆ˜ ์žˆ์ง€๋งŒ " Publish API "๋ฅผ ์‹œ๋„ํ•˜๋Š” ๋™์•ˆ " _Keycloak์—์„œ ์™ธ๋ถ€ IDP ์•ก์„ธ์Šค ํ† ํฐ์— ์•ก์„ธ์Šคํ•˜์ง€ ๋ชปํ–ˆ์Šต๋‹ˆ๋‹ค: 403 - Forbidden_ " ์˜ค๋ฅ˜๊ฐ€ ๋ฐœ์ƒํ–ˆ์Šต๋‹ˆ๋‹ค.

KeyCloak ๋ฒ„์ „: 3.4.3.์ตœ์ข….

์ฐธ๊ณ ๋กœ ์‚ฌ์ง„์—์„œ F5์™€ Nginx๋ฅผ ๋นผ๊ณ  ApiCurio๋ฅผ ์ง์ ‘ ์ฒ˜๋ฆฌํ•ด๋„ ๊ฐ™์€ ์—๋Ÿฌ๊ฐ€ ๋‚ฉ๋‹ˆ๋‹ค.

_์˜ค๋ฅ˜ ๋ฉ”์‹œ์ง€:-_
image

์„ธ๋ถ€ ์‚ฌํ•ญ ํ† ๊ธ€ :-

io.apicurio.hub.core.exceptions.ServerError: ์˜ˆ๊ธฐ์น˜ ์•Š์€ ์„œ๋ฒ„ ์˜ค๋ฅ˜
io.apicurio.hub.api.rest.impl.AccountsResource.getOrganizations(AccountsResource.java:241)
io.apicurio.hub.api.rest.impl.AccountsResource$Proxy$_$$_WeldClientProxy.getOrganizations(์•Œ ์ˆ˜ ์—†๋Š” ์ถœ์ฒ˜)
sun.reflect.NativeMethodAccessorImpl.invoke0์—์„œ(๋„ค์ดํ‹ฐ๋ธŒ ๋ฉ”์„œ๋“œ)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)์—์„œ
sun.reflect.DelegatingMethodAccessorImpl.invoke์—์„œ(DelegatingMethodAccessorImpl.java:43)
java.lang.reflect.Method.invoke(Method.java:497)์—์„œ
org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:140)
org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:509)
org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:399)
org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$0(ResourceMethodInvoker.java:363)
org.jboss.resteasy.core.interception.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:358)์—์„œ
org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:365)
org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:337)
org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:310)
org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:443)์—์„œ
org.jboss.resteasy.core.SynchronousDispatcher.lambda$invoke$4(SynchronousDispatcher.java:233)
org.jboss.resteasy.core.SynchronousDispatcher.lambda$preprocess$0(SynchronousDispatcher.java:139)
org.jboss.resteasy.core.interception.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:358)์—์„œ
org.jboss.resteasy.core.SynchronousDispatcher.preprocess(SynchronousDispatcher.java:142)
org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:219)์—์„œ
org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:227)์—์„œ
org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:56)์—์„œ
org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(HttpServletDispatcher.java:51)์—์„œ
javax.servlet.http.HttpServlet.service(HttpServlet.java:791)์—์„œ
io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74)
io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
io.apicurio.hub.api.security.KeycloakAuthenticationFilter.doFilter(KeycloakAuthenticationFilter.java:72)
io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
io.apicurio.hub.api.filters.DisableCachingFilter.doFilter(DisableCachingFilter.java:66)
io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
io.apicurio.hub.api.filters.CorsFilter.doFilter(CorsFilter.java:64)
io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
io.opentracing.contrib.jaxrs2.server.SpanFinishingFilter.doFilter(SpanFinishingFilter.java:55)
io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)
io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
org.keycloak.adapters.undertow.UndertowAuthenticatedActionsHandler.handleRequest(UndertowAuthenticatedActionsHandler.java:66)
io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:132)
io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCacheHandler.java:33)
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:53)
io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59)
io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
org.wildfly.extension.undertow.deployment.GlobalRequestControllerHandler.handleRequest(GlobalRequestControllerHandler.java:68)
org.keycloak.adapters.undertow.ServletPreAuthActionsHandler.handleRequest(ServletPreAuthActionsHandler.java:69)
io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292)
io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81)
io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138)
io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135)
io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105)
org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)
io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272)
io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)
io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104)
io.undertow.server.Connectors.executeRootHandler(Connectors.java:360)
io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:830)
org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)์—์„œ
org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)
org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)
org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378)
java.lang.Thread.run(Thread.java:745)์—์„œ
์›์ธ: io.apicurio.hub.api.connectors.SourceConnectorException: java.io.IOException: Keycloak์˜ ์˜ˆ๊ธฐ์น˜ ์•Š์€ ์‘๋‹ต: 403::Forbidden
io.apicurio.hub.api.connectors.AbstractSourceConnector.getExternalToken(AbstractSourceConnector.java:102)
io.apicurio.hub.api.github.GitHubSourceConnector.githubClient(GitHubSourceConnector.java:88)
io.apicurio.hub.api.github.GitHubSourceConnector.getOrganizations(GitHubSourceConnector.java:313)
io.apicurio.hub.api.github.GitHubSourceConnector$Proxy$_$$_WeldClientProxy.getOrganizations(์•Œ ์ˆ˜ ์—†๋Š” ์†Œ์Šค)
io.apicurio.hub.api.rest.impl.AccountsResource.getOrganizations(AccountsResource.java:239)
... 83๊ฐœ ๋”
์›์ธ: java.io.IOException: Keycloak์˜ ์˜ˆ๊ธฐ์น˜ ์•Š์€ ์‘๋‹ต: 403::Forbidden
io.apicurio.hub.api.security.KeycloakLinkedAccountsProvider.getLinkedAccountToken(KeycloakLinkedAccountsProvider.java:187)
io.apicurio.hub.api.security.KeycloakLinkedAccountsProvider$Proxy$_$$_WeldClientProxy.getLinkedAccountToken(์•Œ ์ˆ˜ ์—†๋Š” ์ถœ์ฒ˜)
io.apicurio.hub.api.connectors.AbstractSourceConnector.getExternalToken(AbstractSourceConnector.java:94)
... 87๊ฐœ ๋”

๋ธŒ๋ผ์šฐ์ € ๋กœ๊ทธ:-
image

์ถ”๊ฐ€ ์ •๋ณด๊ฐ€ ํ•„์š”ํ•˜๋ฉด ์•Œ๋ ค์ฃผ์‹ญ์‹œ์˜ค.

bug question
์ถœ์ฒ˜
picture 0x218

๊ฐ€์žฅ ์œ ์šฉํ•œ ๋Œ“๊ธ€

keycloak ๋กœ๊ทธ์˜ ์˜ค๋ฅ˜๋กœ ์ธํ•ด ์—ฌ๊ธฐ์— ์žˆ๋Š” ๋ถˆ์Œํ•œ ์˜ํ˜ผ์„ ์œ„ํ•ด: ํด๋ผ์ด์–ธํŠธ [apicurio-studio]๊ฐ€ ID ์ œ๊ณต์ž [github]์—์„œ ํ† ํฐ์„ ๊ฒ€์ƒ‰ํ•  ๊ถŒํ•œ์ด ์—†์Šต๋‹ˆ๋‹ค.

์ฝ๊ธฐ ํ† ํฐ ์—ญํ• ์ด ๋‹ค์Œ ๋‘ ๊ณณ์—์„œ ๋ˆ„๋ฝ๋  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

  1. ๋ธŒ๋กœ์ปค์˜ ํด๋ผ์ด์–ธํŠธ ๊ธฐ๋ณธ ์—ญํ• : ์ฝ๊ธฐ ํ† ํฐ ๋ธŒ๋กœ์ปค๋ฅผ ๊ธฐ๋ณธ๊ฐ’์œผ๋กœ ์ถ”๊ฐ€ํ•ฉ๋‹ˆ๋‹ค.
  2. ๊ธฐ์กด ์‚ฌ์šฉ์ž: ์—ญํ• ์„ ์ถ”๊ฐ€ํ•ฉ๋‹ˆ๋‹ค(์‚ฌ์šฉ์ž->[์‚ฌ์šฉ์ž]->์—ญํ•  ๋งคํ•‘). ํด๋ผ์ด์–ธํŠธ ์—ญํ•  ๋ธŒ๋กœ์ปค๋ฅผ ์„ ํƒํ•ฉ๋‹ˆ๋‹ค. ์ฝ๊ธฐ ํ† ํฐ ์—ญํ• ์„ ํ• ๋‹นํ•ฉ๋‹ˆ๋‹ค.
picture reitsma ์— 2019๋…„ 09์›” 13์ผ
👍5

๋ชจ๋“  5 ๋Œ“๊ธ€

ํ . ์ด ์˜ค๋ฅ˜๋Š” Apicurio๊ฐ€ Keycloak์ด ๊ด€๋ฆฌํ•˜๋Š” GitHub ์•ก์„ธ์Šค ํ† ํฐ์„ ๊ฒ€์ƒ‰ํ•˜๊ธฐ ์œ„ํ•ด Keycloak REST API๋ฅผ ํ˜ธ์ถœํ•˜๋ ค๊ณ  ํ•  ๋•Œ ๋ฐœ์ƒํ•ฉ๋‹ˆ๋‹ค. ์ด ํ† ํฐ์€ Apicurio๊ฐ€ ์ธ์ฆ๋œ ์‚ฌ์šฉ์ž๋ฅผ ๋Œ€์‹ ํ•˜์—ฌ GitHub์— ์ธ์ฆ๋œ ํ˜ธ์ถœ์„ ํ•  ์ˆ˜ ์žˆ๋„๋ก ํ•˜๊ธฐ ์œ„ํ•ด ํ•„์š”ํ•ฉ๋‹ˆ๋‹ค.

Keycloak์ด 403์œผ๋กœ ์‘๋‹ตํ•˜๋Š” ์ด์œ ๋ฅผ ์•Œ ์ˆ˜ ์—†์Šต๋‹ˆ๋‹ค. Keycloak ์„œ๋ฒ„ ๋กœ๊ทธ์— ์Šคํƒ ์ถ”์ ์ด ์žˆ์Šต๋‹ˆ๊นŒ?

EricWittmann picture EricWittmann ์— 2019๋…„ 06์›” 25์ผ

_GitHub OAuth ์• ํ”Œ๋ฆฌ์ผ€์ด์…˜:-_
image

_KeyCloak์˜ GitHub ๊ตฌ์„ฑ :-_
image

_๋‚ด GitHub ๊ณ„์ • ์—ฐ๊ฒฐ:-_
image

_๋งํฌ๋œ GitHub์— ๋‚ด API
image

_KeyCloak ๋กœ๊ทธ: -_

2019-06-25 10:17:58,183 ๊ฒฝ๊ณ  [org.keycloak.events] (๊ธฐ๋ณธ ์ž‘์—…-24) type=IDENTITY_PROVIDER_RETRIEVE_TOKEN_ERROR, realmId=internal, clientId=null, userId=null, ipcaAddress=10. error=ํด๋ผ์ด์–ธํŠธ [apicurio-studio]๋Š” ID ๊ณต๊ธ‰์ž [github]์—์„œ ํ† ํฐ์„ ๊ฒ€์ƒ‰ํ•  ๊ถŒํ•œ์ด ์—†์Šต๋‹ˆ๋‹ค.
2019-06-25 10:17:58,184 ์˜ค๋ฅ˜ [org.keycloak.services.resources.IdentityBrokerService](๊ธฐ๋ณธ ์ž‘์—…-24) ํด๋ผ์ด์–ธํŠธ [apicurio-studio]๊ฐ€ ID ๊ณต๊ธ‰์ž [github]์—์„œ ํ† ํฐ์„ ๊ฒ€์ƒ‰ํ•  ๊ถŒํ•œ์ด ์—†์Šต๋‹ˆ๋‹ค.

0x218 picture 0x218 ์— 2019๋…„ 06์›” 25์ผ

์ด๊ฒƒ์€ (Keycloak์˜) apicurio-studio ํด๋ผ์ด์–ธํŠธ์— ํ•„์š”ํ•œ ์—ญํ• ์ด ์—†๊ธฐ ๋•Œ๋ฌธ์ผ ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. ์ง€๊ธˆ์€ ์„ธ๋ถ€ ์ •๋ณด์— ์•ก์„ธ์Šคํ•  ์ˆ˜ ์—†์ง€๋งŒ(์—ฌํ–‰ ์ค‘์ž…๋‹ˆ๋‹ค) ๊ธฐ์–ต์ƒ ํ•„์š”ํ•œ ์ผ์ข…์˜ broker ์—ญํ• ์ด ์žˆ์Šต๋‹ˆ๋‹ค. ์•„ ์ž ๊น๋งŒ - ๋‚ด๊ฐ€ ์„ค์น˜ํ•œ ๋กœ์ปฌ KC์—์„œ ์„ค์ •์„ ๊ฐ€์ ธ์˜ฌ ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค. ์—ฌ๊ธฐ์žˆ์–ด:

image

KC ์˜์—ญ์—์„œ ํ•ด๋‹น ์„ค์ •์„ ํ™•์ธํ•˜์‹ญ์‹œ์˜ค.

EricWittmann picture EricWittmann ์— 2019๋…„ 06์›” 25์ผ
👍1

@EricWittmann ์ œ ์งˆ๋ฌธ์— ๋‹ต๋ณ€

0x218 picture 0x218 ์— 2019๋…„ 06์›” 26์ผ

keycloak ๋กœ๊ทธ์˜ ์˜ค๋ฅ˜๋กœ ์ธํ•ด ์—ฌ๊ธฐ์— ์žˆ๋Š” ๋ถˆ์Œํ•œ ์˜ํ˜ผ์„ ์œ„ํ•ด: ํด๋ผ์ด์–ธํŠธ [apicurio-studio]๊ฐ€ ID ์ œ๊ณต์ž [github]์—์„œ ํ† ํฐ์„ ๊ฒ€์ƒ‰ํ•  ๊ถŒํ•œ์ด ์—†์Šต๋‹ˆ๋‹ค.

์ฝ๊ธฐ ํ† ํฐ ์—ญํ• ์ด ๋‹ค์Œ ๋‘ ๊ณณ์—์„œ ๋ˆ„๋ฝ๋  ์ˆ˜ ์žˆ์Šต๋‹ˆ๋‹ค.

  1. ๋ธŒ๋กœ์ปค์˜ ํด๋ผ์ด์–ธํŠธ ๊ธฐ๋ณธ ์—ญํ• : ์ฝ๊ธฐ ํ† ํฐ ๋ธŒ๋กœ์ปค๋ฅผ ๊ธฐ๋ณธ๊ฐ’์œผ๋กœ ์ถ”๊ฐ€ํ•ฉ๋‹ˆ๋‹ค.
  2. ๊ธฐ์กด ์‚ฌ์šฉ์ž: ์—ญํ• ์„ ์ถ”๊ฐ€ํ•ฉ๋‹ˆ๋‹ค(์‚ฌ์šฉ์ž->[์‚ฌ์šฉ์ž]->์—ญํ•  ๋งคํ•‘). ํด๋ผ์ด์–ธํŠธ ์—ญํ•  ๋ธŒ๋กœ์ปค๋ฅผ ์„ ํƒํ•ฉ๋‹ˆ๋‹ค. ์ฝ๊ธฐ ํ† ํฐ ์—ญํ• ์„ ํ• ๋‹นํ•ฉ๋‹ˆ๋‹ค.
reitsma picture reitsma ์— 2019๋…„ 09์›” 13์ผ
👍5
์ด ํŽ˜์ด์ง€๊ฐ€ ๋„์›€์ด ๋˜์—ˆ๋‚˜์š”?
0 / 5 - 0 ๋“ฑ๊ธ‰

๊ด€๋ จ ๋ฌธ์ œ

turutosiya picture turutosiya  ยท  5์ฝ”๋ฉ˜ํŠธ
daida00 picture daida00  ยท  3์ฝ”๋ฉ˜ํŠธ
askfor picture askfor  ยท  7์ฝ”๋ฉ˜ํŠธ
0815fox picture 0815fox  ยท  3์ฝ”๋ฉ˜ํŠธ
zigouras picture zigouras  ยท  7์ฝ”๋ฉ˜ํŠธ