Id-authentication websub subscribing error

I working on id-authentocation-internal service release 1.2.0.1 i have this issue on subscribing to websub.

io.mosip.authentication.core.exception.IdAuthRetryException: KER-WSC-105 → Error occured while subscribing at hub :- hub.mode=denied&hub.reason=Something wrong with the connection;
nested exception is io.mosip.kernel.websub.api.exception.WebSubClientException: KER-WSC-105 → Error occured while subscribing at hub :- hub.mode=denied&hub.reason=Something wrong with the connection
at io.mosip.authentication.common.service.websub.impl.BaseWebSubEventsInitializer.subscribe(BaseWebSubEventsInitializer.java:54)
at io.mosip.authentication.common.service.websub.impl.BaseWebSubEventsInitializer$$FastClassBySpringCGLIB$$f929bf1c.invoke()
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:746)

Hi @bch,

I would like to understand your setup. Can you give us more details on where websub is running and where IDA is running and how they are connected ?

When IDA subscribes to the Websub, the callback URL used should be possible for websub to reach back to the IDA to complete the intent verification.

Hi @vishwa thank you fro the reply,
Websub instaled on the VM with java -jar run comand,
websub port 9191

otherwise id-authentication-internal instaled on docker container

kernel configuration
syncdata.websub.topic.ca-cert=CA_CERTIFICATE_UPLOADED
syncdata.websub.callback.secret.ca-cert=secret
syncdata.websub.callback.url.path.ca-cert=/callback/partner/ca_certificate
syncdata.websub.callback.url.ca-cert=${mosip.kernel.syncdata.url}/v1/syncdata/callback/partner/ca_certificate
syncdata.websub.resubscription.retry.count=3
subscriptions-delay-on-startup=120000

PACKET_RESUME_API=${mosip.regproc.workflow.url}/registrationprocessor/v1/workflowmanager/workflowaction
PACKET_PAUSE_API=${mosip.regproc.workflow.url}/registrationprocessor/v1/workflowmanager/workflow/search
KEYBASEDTOKENAPI=${mosip.kernel.authmanager.url}/authmanager/authenticate/clientidsecretkey

masterdata.websub.resubscription.delay.millis=48000000
masterdata.subscriptions-delay-on-startup=120000

syncdata.websub.resubscription.delay.millis=48000000

application default configuration
websub.hub.url=http://{{VM IP}}:9191/hub/
websub.publish.url=http://{{VM IP}}:9191/hub/

id-authentication configuration
mosip.websub.url=http://{{VM IP}}:9191

ida-websub-masterdata-templates-callback-relative-url=${server.servlet.context-path}/callback/masterdata/templates
ida-websub-masterdata-templates-callback-url=${mosip.ida.internal.url}${ida-websub-masterdata-templates-callback-relative-url}
ida-websub-masterdata-titles-callback-relative-url=${server.servlet.context-path}/callback/masterdata/titles
ida-websub-masterdata-titles-callback-url=${mosip.ida.internal.url}${ida-websub-masterdata-titles-callback-relative-url}
ida-websub-hotlist-callback-relative-url=${server.servlet.context-path}/callback/hotlist
ida-websub-hotlist-callback-url=${mosip.ida.internal.url}${ida-websub-hotlist-callback-relative-url}

ida-websub-auth-type-callback-relative-url=${server.servlet.context-path}/callback/authTypeCallback/${ida-auth-partner-id}
ida-websub-auth-type-callback-url=${mosip.ida.internal.url}${ida-websub-auth-type-callback-relative-url}
ida-websub-idchage-callback-url=${mosip.ida.internal.url}${server.servlet.context-path}/callback/idchange/{eventType}/${ida-auth-partner-id}
ida-websub-idchange-credential-issued-callback-relative-url=${server.servlet.context-path}/callback/idchange/credential_issued/${ida-auth-partner-id}
ida-websub-idchange-remove-id-callback-relative-url=${server.servlet.context-path}/callback/idchange/remove_id/${ida-auth-partner-id}
ida-websub-idchange-deactivate-id-callback-relative-url=${server.servlet.context-path}/callback/idchange/deactivate_id/${ida-auth-partner-id}
ida-websub-idchange-activate-id-callback-relative-url=${server.servlet.context-path}/callback/idchange/activate_id/${ida-auth-partner-id}

Hi @bch, thanks for the details.

I would like to get the value of “mosip.ida.internal.url” property.

Also can you confirm using the domain name configured in the above property, it is possible to send a request from websub VM to the IDA running in the docker container ?

hi @vishwa, thank you again for your reply,

I changed this url mosip.ida.internal.url with the right host and port oof authentication-internal-service (mosip.ida.internal.url=http://{VM_IP}:8098), i have another issue Error occured while registering topic to hub :- hub.mode=denied&hub.reason=Http header does not exist

otherwise i run curl http://{{VM_IP}:8098/idauthentication/v1/internal/actuator/health from VM of websub it works.

This looks like issue with authorization, for local development you can switch off access control by changing the below websub property to false

Thank you @vishwa for your help wroks with this recomendation