Juju 3.2 doesn't accept token login
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Canonical Juju |
Fix Released
|
High
|
Yang Kelvin Liu |
Bug Description
Hi,
In Juju 3.2 there was work done to enable token login where Juju would verify a JWT as part of the login flow when the controller was configured with `--config login-token-
A problem has surfaced with the Juju dashboard where a similar flow is performed as above except the Juju controller is responding with a "bakery-
This was attempted to be addressed in JIMM, where we are now attempting to strip the macaroon from the login request but now instead, even CLI requests fail with the error "ERROR no credentials provided (no credentials provided)". I think this warrants further investigation.
Juju controller version: 3.2.3.1 and 3.2.0
To reproduce:
- Install juju from 3.2/edge (currently using 3.2.3-409e58a)
- juju bootstrap --config login-token-
- juju add-model test
- juju show-model test (grab model uuid)
Now using Postman connect to wss://<
{
"request-id": 1,
"type": "Admin",
"version": 3,
"request": "Login",
"params": {
"auth-tag": "",
"nonce": "",
"cli-args": "/snap/
"token": "test"
}
}
Or via CLI using wscat
- wscat -n -c wss://<
- {"request-
The controller returns {"request-
but I expect an error about an invalid JWT token.
tags: | added: jaas |
Changed in juju: | |
milestone: | none → 3.2.2 |
importance: | Undecided → High |
status: | New → Triaged |
Changed in juju: | |
assignee: | nobody → Yang Kelvin Liu (kelvin.liu) |
milestone: | 3.2.2 → 3.2.3 |
Changed in juju: | |
status: | Triaged → In Progress |
Changed in juju: | |
status: | Fix Committed → Fix Released |
https:/ /github. com/juju/ juju/pull/ 16123