Integration problem between Keyrock, fiware-pep-proxy and orion-ld

[juanantonio-ayto]

After correctly configuring both keyrock and pep-proxy. Registering the application, users, permissions, etc. I performed the normal steps of obtaining the oauth2 token and then using it to make queries to the Context Broker. However, although it received a positive authorization from the Keyrock, it got a negative decision from the fiware-pep-proxy.

Analyzing the problem in the keyrock log I got the following: GET /user?access_token=b7d76f3bd48fdb9aa66679e77ddc8af26084cac2&app_id=2f3389f7-4893-4874-9825-bf816ff37329&action=GET&resource=/ngsi-ld/v1/entities/ 201 26,373 ms - 386.

However, from the pep-proxy side I received a: User access-token not authorized urn:dx:as:InvalidRole

It seems that the failure is in dealing with a decision by the Keyrock with empty body.

Line 60 of the lib/access_functions.js file exports.adjudicate = function (req, res, decision) { console.log("Decision: " +decision); if (decision) { //<--- Here would be the problem permit(req, res); } else { deny(res, 'User access-token not authorized', 'urn:dx:as:InvalidRole'); } };

[MarkusPfundstein]

is this even maintained anymore?

[aalonsog]

Hello, what are you getting in the log console.log("Decision: " +decision) ?