Hello. In step 2 to test MOSIP authentication, it says 2. Install Postman and import the collection attached in the prerequisites.
Please point me to documentation that explains what Postman collection to import to test MOSIP authentication ? Where to get the collection?
Thank you.
My bad, I wasn’t reading carefully.
So I downloaded the collection - Automation_M.postman_collection.json and imported it as instructed.
Then I run the collection.
How / Where do I find the IDA-DomainName folder inside the temp ?
Hi @rcsampang , the domain name is actually exported from the environment file in the Postman collection.
Can you point me out from where you downloaded the above collection, so that, we can make sure it is available in the same place?
– edit
I found the document in Confluence. I have asked @kavya to help you out!
Hi @rcsampang ,
The Domain Name you can find Here .
1)After successfully running the Postman collection you can find the domain folder here
Window R then Type %temp% and search for IDA
As per the document in our case folder will be created with this name:
IDA-minibox2.mosip.net
Yes Inside the Temp and search for your domain
Hello @nayakrounak !
Thank you.
Yes I downloaded it from this Confluence post https://mosip.atlassian.net/wiki/spaces/MSD/pages/892796967/Steps+to+test+MOSIP+authentication
@kavya Hello! Thank you. I will try it again and let you know.
@kavya I hope it is not too much to ask. Do you happen to have a step by step tutorial on how to do this?
I am not getting the desired result, I believe I may be doing things the wrong way.
I am having this error when running the collection -
POST http://{{url}}/v1/authmanager/authenticate/clientidsecretkey
Error: getaddrinfo ENOTFOUND {{url}}
Request Headers
Content-Type: application/json
User-Agent: PostmanRuntime/7.32.3
Accept: /
Postman-Token: 88c14d17-da8f-4653-9b11-439979ca083e
Host: {{url}}
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Request Body
POST http://127.0.0.1:4501/admin/role
Error: connect ECONNREFUSED 127.0.0.1:4501
Request Headers
User-Agent: PostmanRuntime/7.32.3
Accept: /
Postman-Token: 0c85969f-9d14-45b9-ae56-7dcbcca45f6c
Host: 127.0.0.1:4501
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
POST http://127.0.0.1:4501/admin/role
Error: connect ECONNREFUSED 127.0.0.1:4501
Request Headers
User-Agent: PostmanRuntime/7.32.3
Accept: /
Postman-Token: 52afcd80-9802-493e-95c2-6848f9fdd49a
Host: 127.0.0.1:4501
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Hi @rcsampang,
You need to set the {{url}} variable in your environment configuration as your domain name.
You can go through the postman tutorial to set the postman variables here: Using variables | Postman Learning Center
Or
You can hardcode the {{url}} variable in the request URL with the base URL value of your environment.
Thanks,
Rounak
Hi @Hi @nayakrounak,
I set up the url variable for with our environment configuration but I encountered an error.
POST http://api-internal.mymosip.edu.ph/v1/authmanager/authenticate/clientidsecretkey
Error: connect ECONNREFUSED 10.x.x.170:80
Request Headers
User-Agent: PostmanRuntime/7.32.3
Accept: /
Cache-Control: no-cache
Postman-Token: b4fbf861-9de3-46c9-90d4-d7d36067e16a
Host: api-internal.mymosip.edu.ph
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
POST http://{{url}}/v1/authmanager/authenticate/clientidsecretkey
Hi @rcsampang
I will ask one of my team member to look into the error that you have encountered.
Best Regards,
Team MOSIP
Hello @nayakrounak
Thank very much. I made the changes to the URL from http to https and added the URL and protocol to Postman Variables.
Looks like it is working, I found the necessary files in Windows temp directory.
However, there is another issue - in doing this step
c.1. Upload the partner certificate by using the Swagger link {{url}}/v1/partnermanager/partners/certificate/upload
replaced {{url}} with https://api-internal.mymosip.edu.ph/v1/partnermanager/partners/certificate/upload
but no response, so I modified it to - https://api-internal.mymosip.edu.ph/v1/authmanager/swagger-ui/index.html?configUrl=/v1/partnermanager/v3/api-docs/swagger-config#/partner-service-controller/uploadPartnerCertificate
What are the values that I should put in this form -
{
“id”: “string”,
“version”: “string”,
“requesttime”: “2023-10-18T06:15:04.380Z”,
“metadata”: {},
“request”: {
“partnerId”: “string”,
“certificateData”: “string”,
“partnerDomain”: “string”
}
}
Where could I find the info needed for this?
ok @rcsampang
I went through the document that you were following.
The values are as follows:
rp-partner.cer file that you would have created in the above steps.I hope this helps.
Rounak
Thank you @nayakrounak !
Follow up question - " the stringified rp-partner.cer" is this the certificate data provided in the example in the document ?
If it is, I just have to copy it in the form of the Swagger URL and upload it ?
{
“id”: “string”,
“version”: “string”,
“requesttime”: “2023-10-18T06:15:04.380Z”,
“metadata”: {},
“request”: {
“partnerId”: “647”,
“certificateData”: “-----BEGIN CERTIFICATE-----\nMIIDgzCCAmugAwIBAgIIqJQc1UUfL0UwDQYJKoZIhvcNAQELBQAwdjELMAkGA1UE\nBhMCSU4xCzAJBgNVBAgMAktBMRIwEAYDVQQHDAlCQU5HQUxPUkUxDTALBgNVBAoM\nBElJVEIxIDAeBgNVBAsMF01PU0lQLVRFQ0gtQ0VOVEVSIChQTVMpMRUwEwYDVQQD\nDAx3d3cubW9zaXAuaW8wHhcNMjEwODEwMTIxMTQ3WhcNMjIwODEwMTIxMTQ3WjBZ\nMQswCQYDVQQGEwJJTjELMAkGA1UECAwCS0ExDDAKBgNVBAoMAzY0NzEaMBgGA1UE\nCwwRSURBLVRFU1QtT1JHLVVOSVQxEzARBgNVBAMMClBBUlRORVItcnAwggEiMA0G\nCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCC3WI51xOnLI6Ex4EVPXiCawVvpbiw\nF7eC4qGR/6xPQLcspRrzY4I1WHh0TOAwGcSVwD1qCkQ9s2TjnTL/fsXkdAEvZWpy\nFzIJP7KKOiGlWLx+QW1P5I3sr18xHpjeo1MS7COiEsiOsIT7732HwmaiKp+PmN/o\nDUvMuXoG/Uhr0S4Dy8ICHxyzY4xRZ6kxg+kaosoDC01I3CKYGvgYaU9i5pT+6kY/\nFbxnSlHcfhAjTLCb0MIcIX3wBfmHE+bmc7dYCgeO7fICPx8boMiy6JBZBQat+oWf\nqphMpatFV8hAYs1zlTrEEQuTpSsGqoBynIVk4eh/pqeH8LcWJFQjvWnzAgMBAAGj\nMjAwMA8GA1UdEwEB/wQFMAMBAf8wHQYDVR0OBBYEFEovF3/Vk3XAN9vBGBmGGu6F\n3JfCMA0GCSqGSIb3DQEBCwUAA4IBAQAkE/dFXD/RLSGAHTF1B8DhC2yRSUFArH8h\nXIB/kqexcTXz+s25CNkuqoU3cd/cBQVK7k5mBX7qYdRnrPnpGW5gIeFZ0zdtDYg1\njHDG126JKr+Xf3is1i8n7EnjfuRkHErxj3mm59N3qC5smnMxt+1nhHv2JGOv2pes\nb6KwtDgO0OkEViyXu/9JwgYa8GMyOJkwjzsHBE6/Qa20d92ZYxVxVgRItoe+rNW5\nGlU5xJSii1MR25uQMhpGfOdEtrCvihV7Nr8B9Otv227tIpQZuCopNBMoZiZcHkNa\n0CMu6bmTcS75X0b8Ta6XXFZL2C8pG6mZLGUpGEUOeUL6oyWDPFn9\n-----END CERTIFICATE-----\n”,
“partnerDomain”: “Auth”
}
}
There is no rp-partner.cer in the files created using Postman
@nayakrounak Thank you.
The step I tried above did not work, it resulted to 403 error.
After looking/reading at the JSON Automation Collection file, I realized that this collection was created using an earlier version of MOSIP and/or swagger based on the API endpoints used.
I will now stop doing/trying this tutorial since it would not work with our MOSIP platform that uses/expects different API endpoints when using Swagger.
Hopefully in the near future, someone will export a Postman Collection that works with MOSIP v1.2.0.1-B2, which I could use in testing MOSIP authentication.
I deeply appreciates all the help given.
Unfortunately due to incompatibilities I don’t think I would be able to successfully follow/do this tutorial. https://mosip.atlassian.net/wiki/spaces/MSD/pages/892796967/Steps+to+test+MOSIP+authentication
Hi @rcsampang
Apologies for the trouble from our end, we will give you the right steps which you can easily build it up.
Best Regards,
Team MOSIP
Dear @rcsampang , please refer the Automation_M_1.2.postman_collection.json
Steps to test MOSIP authentication - MOSIP Support Desk - MOSIP (atlassian.net)
@thamarai_kannan Thank you for this.
After adding the variables url and protocol and editing the secretkeys I managed to run the collection almost successfully.
I still encountered some errors. What should be the correct partnerType ? In the collection uploaded it is RELYING_PARTY. I tried changing it with Auth_Partner but it is also not the correct value.
EDIT - I re-encoded RELYING_PARTY as partnerType because I saw that it didn’t produce an error when I run the Collection again as downloaded, although without any edits to the collection produces 108 errors.
So I edited the collection again to input variables, secretKey(s), user with PARTNERMANAGER role and password to reflect values in our MOSIP platform.
After doing this, there are only 22 errors, 4 tests passed, 6 tests failed which is an improvement with the previous run of 105 errors.
The first one of this error is the following
GET https://api-internal.mymosip.edu.ph/v1/keymanager/getCertificate?applicationId=ROOT: {
“Network”: {
“addresses”: {
“local”: {
“address”: “10.207.102.5”,
“family”: “IPv4”,
“port”: 56480
},
“remote”: {
“address”: “10.206.100.170”,
“family”: “IPv4”,
“port”: 443
}
},
“tls”: {
“reused”: false,
“authorized”: true,
“authorizationError”: null,
“cipher”: {
“name”: “ECDHE-RSA-AES128-GCM-SHA256”,
“standardName”: “TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256”,
“version”: “TLSv1/SSLv3”
},
“protocol”: “TLSv1.2”,
“ephemeralKeyInfo”: {},
“peerCertificate”: {
“subject”: {
“commonName”: “mymosip.edu.ph”,
“alternativeNames”: “DNS:.mymosip.edu.ph, DNS:mymosip.edu.ph"
},
“issuer”: {
“country”: “US”,
“organization”: “Let’s Encrypt”,
“commonName”: “R3”
},
“validFrom”: “Oct 26 06:25:29 2023 GMT”,
“validTo”: “Jan 24 06:25:28 2024 GMT”,
“fingerprint”: “3F:8E:A3:53:CA:90:27:9A:42:1D:7E:03:EA:5C:A2:2C:3B:6C:59:F0”,
“serialNumber”: “0439a0e83b7be954a2f67f81b35bdd246ec1”
}
}
},
“Request Headers”: {
“user-agent”: “PostmanRuntime/7.34.0”,
“accept”: "/*”,
“cache-control”: “no-cache”,
“postman-token”: “b69095aa-614b-48ea-8e49-4ed683304c1a”,
“host”: “api-internal.mymosip.edu.ph”,
“accept-encoding”: “gzip, deflate, br”,
“connection”: “keep-alive”,
“cookie”: “Authorization=eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJqc05CR01jeUh2cWJEeExnMjluRV9pMWZRc2plUlFlalpaYlJKd3FfdHE4In0.eyJleHAiOjE2OTkzNzk4MDksImlhdCI6MTY5OTM0MzgwOSwianRpIjoiZGY1MGQ4NzUtOTliMi00YzQ2LTkzNzEtNDVkNmE4NzhkMDgwIiwiaXNzIjoiaHR0cHM6Ly9pYW0uZGNzbW9zaXAuc2NpZW5jZS51cGQuZWR1LnBoL2F1dGgvcmVhbG1zL21vc2lwIiwiYXVkIjoiYWNjb3VudCIsInN1YiI6ImQwNzkzNzYzLWI5YzgtNDNiNS05M2QwLWNjNmZhYjNhNjkyMyIsInR5cCI6IkJlYXJlciIsImF6cCI6Im1vc2lwLWFkbWluLWNsaWVudCIsInNlc3Npb25fc3RhdGUiOiJhMGRiZmE0Zi04NzQzLTQ0MTYtOGFlNC1kNWY3NDQwMWNjNTYiLCJhY3IiOiIxIiwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbIlBNU19BRE1JTiIsIkFVVEgiLCJvZmZsaW5lX2FjY2VzcyIsIlBBUlRORVJNQU5BR0VSIiwiUEFSVE5FUl9BRE1JTiIsIlBPTElDWU1BTkFHRVIiLCJ1bWFfYXV0aG9yaXphdGlvbiIsImRlZmF1bHQtcm9sZXMtbW9zaXAiXX0sInJlc291cmNlX2FjY2VzcyI6eyJhY2NvdW50Ijp7InJvbGVzIjpbIm1hbmFnZS1hY2NvdW50IiwibWFuYWdlLWFjY291bnQtbGlua3MiLCJ2aWV3LXByb2ZpbGUiXX19LCJzY29wZSI6ImVtYWlsIHByb2ZpbGUiLCJzaWQiOiJhMGRiZmE0Zi04NzQzLTQ0MTYtOGFlNC1kNWY3NDQwMWNjNTYiLCJlbWFpbF92ZXJpZmllZCI6ZmFsc2UsIm5hbWUiOiJSYW1vbiBTYW1wYW5nIiwicHJlZmVycmVkX3VzZXJuYW1lIjoicmNzYW1wYW5nIiwiZ2l2ZW5fbmFtZSI6IlJhbW9uIiwiZmFtaWx5X25hbWUiOiJTYW1wYW5nIiwiZW1haWwiOiJyY3NhbXBhbmdAeWFob28uY29tIn0.lQeXU7Zuz7U80VSkqZ-vpACPady_twjGHzWwqhHT_hfTjTXWh7JiY6eZfHpt7C6GTlZqRPt-WtaeE7oKOMpdI5bnG0rrvJMS4jCknlGVEtFae7njWrD78J1IaV6D_NclDoaC2HR9tYWJVrADjulPbYYU54ecwC0Mg_OxDMG_2PuTCPeNwyRKUql2eCnycOmyY2qX-xji1D79TXxeQGAY_L56xxKu_SRaRtUKxfOS5qGNtBRx6rRjPGt7OCiNGp-oa5toLXEGafOFUDknXJ0CzkV8nAZU9uPURB6RHJRycOUg2JaI5_iUZldua6ngtXIYZEmtBO5-VzkZoLBzyDOIPQ”
},
“Response Headers”: {
“server”: “nginx/1.18.0 (Ubuntu)”,
“date”: “Tue, 07 Nov 2023 07:56:50 GMT”,
“content-type”: “application/json;charset=UTF-8”,
“content-length”: “161”,
“connection”: “keep-alive”,
“x-content-type-options”: “nosniff”,
“x-xss-protection”: “1; mode=block”,
“cache-control”: “no-cache, no-store, max-age=0, must-revalidate”,
“pragma”: “no-cache”,
“expires”: “0”,
“x-frame-options”: “SAMEORIGIN”,
“x-envoy-upstream-service-time”: “5”
},
“Response Body”: “{"id":null,"version":null,"responsetime":"2023-11-07T07:56:50.866Z","metadata":null,"response":null,"errors":[{"errorCode":"KER-ATH-403","message":"Forbidden"}]}”
}
TypeError: Cannot read properties of null (reading ‘certificate’)
Any help on how to fix this error?
The rest of the errors I think is caused by the first one.
NOTE http://create 551 in keycloak as a user and assign role auth_partner/: {
“Error”: “getaddrinfo ENOTFOUND create 551 in keycloak as a user and assign role auth_partner”,
“Request Headers”: {
“user-agent”: “PostmanRuntime/7.34.0”,
“accept”: “/”,
“cache-control”: “no-cache”,
“postman-token”: “1e181a1b-443a-4b9b-ad98-f52b952c5db7”,
“host”: “create 551 in keycloak as a user and assign role auth_partner”,
“accept-encoding”: “gzip, deflate, br”,
“connection”: “keep-alive”
}
}
TypeError: Cannot read properties of null (reading ‘certificate’)
TypeError: Cannot read properties of null (reading ‘certificate’)
TypeError: Cannot read properties of null (reading ‘signedCertificateData’)
TypeError: Cannot read properties of null (reading ‘signedCertificateData’)
TypeError: Cannot read properties of null (reading ‘certificate’)
TypeError: Cannot read properties of null (reading ‘certificate’)
TypeError: Cannot read properties of null (reading ‘signedCertificateData’)
TypeError: Cannot read properties of null (reading ‘certificate’)
TypeError: Cannot read properties of null (reading ‘certificate’)
TypeError: Cannot read properties of null (reading ‘signedCertificateData’)
JSONError: Unexpected token ‘<’ at 1:1
<!doctype html>HTTP Status 400 – Bad Request</titl
^
TypeError: Cannot read properties of null (reading ‘identity’)
JSONError: Unexpected token ‘<’ at 1:1
<!doctype html>HTTP Status 400 – Bad Request</titl
^
JSONError: Unexpected token ‘<’ at 1:1
<!doctype html>HTTP Status 400 – Bad Request</titl
^
TypeError: Cannot read properties of null (reading ‘documents’)
TypeError: Cannot read properties of undefined (reading ‘BIR’)
JSONError: Unexpected token ‘<’ at 1:1
<!doctype html>HTTP Status 400 – Bad Request</titl
^
JSONError: Unexpected token ‘<’ at 1:1
<!doctype html>HTTP Status 400 – Bad Request</titl
^
TypeError: Cannot read properties of null (reading ‘vid’)
TypeError: Cannot read properties of null (reading ‘requestId’)
