Background
- Working/running Tyk GW , Tyk Dashboard
- We’ve stood up a TIB instance
- Connectivity verified between dashboard and TIB via shell + curl
- Config supplied via ENV vars: TYK_DB_TIB_ENABLED, TYK_DB_HOST_SECRET, TYK_DB_HOST_CONNECTIONSTRING per documentation (//tyk.io/docs/tyk-dashboard/configuration/)
Exptected
- Dashboard should use TYK_DB_HOST_CONNECTIONSTRING env var for hitting tib api/profiles endpoint
Observed
- Unsupported protocol scheme: “” (empty string) error
- No logs in TIB indicate failed connections from the UI
Details / Debugging
# config dashboard via env vars...
root@tyk-dashboard-6d88b6dcbb-q97rq:/opt/tyk-dashboard# env | grep TYK_DB
TYK_DB_TIB_ENABLED=true
TYK_DB_HOST_SECRET=352d20ee67be67f6340b4c0605b044b7
TYK_DB_HOST_CONNECTIONSTRING=http://tyk-tib:3010
# we can successfully curl using env vars running TIB instance
root@tyk-dashboard-6d88b6dcbb-q97rq:/opt/tyk-dashboard# curl -H "Authorization: ${TYK_DB_HOST_SECRET}" ${TYK_DB_HOST_CONNECTIONSTRING}/api/profiles
{"Status":"ok","ID":"","Data":[]}
# let's give it bad credentials now...
root@team-apeng-tyk-tyk-dashboard-6d88b6dcbb-q97rq:/opt/tyk-dashboard# curl -H "Authorization: ${TYK_DB_HOST_SECRET}x" ${TYK_DB_HOST_CONNECTIONSTRING}/api/profiles
{"Status":"error","Error":"Authorization failed"}
# dashboard UI failures whebn interacting with TIB.... is there a mismatch between env vars?
time="Mar 19 18:59:36" level=warning msg="Login opened from: 127.0.0.1:39550"
time="Mar 19 18:59:48" level=warning msg="Successful login ([email protected]) from: 127.0.0.1:39554"
time="Mar 19 19:02:23" level=error msg="TIB: Request failed: Get /api/profiles: unsupported protocol scheme \"\""
time="Mar 19 19:04:42" level=error msg="TIB: Request failed: Get /api/profiles: unsupported protocol scheme \"\""
time="Mar 19 19:05:01" level=error msg="TIB: Request failed: Post /api/profiles/NTVhOTdjZDgtZDM0Ni00OTJmLTc2ZWQtNGU2ZGU5MTlmZWI4: unsupported protocol scheme \"\""
# TIB logs... when we auth fail via curl we see it in the logs...
time="2018-03-19T17:56:15Z" level=info msg="Tyk Identity Broker v0.3"
time="2018-03-19T17:56:15Z" level=info msg="Copyright Martin Buhr 2016\n"
time="2018-03-19T17:56:15Z" level=debug msg="[MAIN] Settings Struct: {{http://tyk-gateway 8181 352d20ee67be67f6340b4c0605b044b7} {http://tyk-dashboard 3000 12345}}"
time="2018-03-19T17:56:15Z" level=info msg="[MAIN] Initialising Profile Configuration Store"
time="2018-03-19T17:56:15Z" level=info msg="[IN-MEMORY STORE] Initialised"
time="2018-03-19T17:56:15Z" level=info msg="[MAIN] Initialising Identity Cache"
time="2018-03-19T17:58:26Z" level=info msg="[REDIS STORE] Initialised"
time="2018-03-19T17:58:26Z" level=info msg="[FILE LOADER] Loaded: 0 profiles from /etc/tyk-profiles/profiles.json"
time="2018-03-19T17:58:26Z" level=info msg="[MAIN] Broker Listening on :3010"
time="2018-03-19T18:21:23Z" level=error msg="[API] Authorization failed: Header mismatch"