Id-authentication websub subscribing error

Developer
1

I working on id-authentocation-internal service release 1.2.0.1 i have this issue on subscribing to websub.

io.mosip.authentication.core.exception.IdAuthRetryException: KER-WSC-105 → Error occured while subscribing at hub :- hub.mode=denied&hub.reason=Something wrong with the connection;
nested exception is io.mosip.kernel.websub.api.exception.WebSubClientException: KER-WSC-105 → Error occured while subscribing at hub :- hub.mode=denied&hub.reason=Something wrong with the connection
at io.mosip.authentication.common.service.websub.impl.BaseWebSubEventsInitializer.subscribe(BaseWebSubEventsInitializer.java:54)
at io.mosip.authentication.common.service.websub.impl.BaseWebSubEventsInitializer$$FastClassBySpringCGLIB$$f929bf1c.invoke()
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:746)

2

Hi @bch,

I would like to understand your setup. Can you give us more details on where websub is running and where IDA is running and how they are connected ?

When IDA subscribes to the Websub, the callback URL used should be possible for websub to reach back to the IDA to complete the intent verification.

3

Hi @vishwa thank you fro the reply,
Websub instaled on the VM with java -jar run comand,
websub port 9191

otherwise id-authentication-internal instaled on docker container

kernel configuration
syncdata.websub.topic.ca-cert=CA_CERTIFICATE_UPLOADED
syncdata.websub.callback.secret.ca-cert=secret
syncdata.websub.callback.url.path.ca-cert=/callback/partner/ca_certificate
syncdata.websub.callback.url.ca-cert=${mosip.kernel.syncdata.url}/v1/syncdata/callback/partner/ca_certificate
syncdata.websub.resubscription.retry.count=3
subscriptions-delay-on-startup=120000

PACKET_RESUME_API=${mosip.regproc.workflow.url}/registrationprocessor/v1/workflowmanager/workflowaction
PACKET_PAUSE_API=${mosip.regproc.workflow.url}/registrationprocessor/v1/workflowmanager/workflow/search
KEYBASEDTOKENAPI=${mosip.kernel.authmanager.url}/authmanager/authenticate/clientidsecretkey

masterdata.websub.resubscription.delay.millis=48000000
masterdata.subscriptions-delay-on-startup=120000

syncdata.websub.resubscription.delay.millis=48000000

application default configuration
websub.hub.url=http://{{VM IP}}:9191/hub/
websub.publish.url=http://{{VM IP}}:9191/hub/

id-authentication configuration
mosip.websub.url=http://{{VM IP}}:9191

ida-websub-masterdata-templates-callback-relative-url=${server.servlet.context-path}/callback/masterdata/templates
ida-websub-masterdata-templates-callback-url=${mosip.ida.internal.url}${ida-websub-masterdata-templates-callback-relative-url}
ida-websub-masterdata-titles-callback-relative-url=${server.servlet.context-path}/callback/masterdata/titles
ida-websub-masterdata-titles-callback-url=${mosip.ida.internal.url}${ida-websub-masterdata-titles-callback-relative-url}
ida-websub-hotlist-callback-relative-url=${server.servlet.context-path}/callback/hotlist
ida-websub-hotlist-callback-url=${mosip.ida.internal.url}${ida-websub-hotlist-callback-relative-url}

ida-websub-auth-type-callback-relative-url=${server.servlet.context-path}/callback/authTypeCallback/${ida-auth-partner-id}
ida-websub-auth-type-callback-url=${mosip.ida.internal.url}${ida-websub-auth-type-callback-relative-url}
ida-websub-idchage-callback-url=${mosip.ida.internal.url}${server.servlet.context-path}/callback/idchange/{eventType}/${ida-auth-partner-id}
ida-websub-idchange-credential-issued-callback-relative-url=${server.servlet.context-path}/callback/idchange/credential_issued/${ida-auth-partner-id}
ida-websub-idchange-remove-id-callback-relative-url=${server.servlet.context-path}/callback/idchange/remove_id/${ida-auth-partner-id}
ida-websub-idchange-deactivate-id-callback-relative-url=${server.servlet.context-path}/callback/idchange/deactivate_id/${ida-auth-partner-id}
ida-websub-idchange-activate-id-callback-relative-url=${server.servlet.context-path}/callback/idchange/activate_id/${ida-auth-partner-id}

4

Hi @bch, thanks for the details.

I would like to get the value of “mosip.ida.internal.url” property.

Also can you confirm using the domain name configured in the above property, it is possible to send a request from websub VM to the IDA running in the docker container ?

5

hi @vishwa, thank you again for your reply,

I changed this url mosip.ida.internal.url with the right host and port oof authentication-internal-service (mosip.ida.internal.url=http://{VM_IP}:8098), i have another issue Error occured while registering topic to hub :- hub.mode=denied&hub.reason=Http header does not exist

otherwise i run curl http://{{VM_IP}:8098/idauthentication/v1/internal/actuator/health from VM of websub it works.

7

This looks like issue with authorization, for local development you can switch off access control by changing the below websub property to false

8

Thank you @vishwa for your help wroks with this recomendation