Little update.
Today i prepared setup in docker-compose with dashboard.
I tried to setup OIDC auth through dasboard with Auth0, now with SINGLE PAGE APPLICATION and https://openidconnect.net/ to retrieve bearer token.
I tried curl api but always get same problem
curl -H "Authorization: Bearer $TOKEN" http://localhost:8080/test/headers
{
"error": "Key not authorized: no matching policy"
}
tyk_gateway_1 | time="Mar 06 16:34:30" level=info msg="Detected 1 APIs" prefix=main
tyk_gateway_1 | time="Mar 06 16:34:30" level=info msg="Loading API configurations." prefix=main
tyk_gateway_1 | time="Mar 06 16:34:30" level=info msg="Tracking hostname" api_name=myapi domain="(no host)" prefix=main
tyk_gateway_1 | time="Mar 06 16:34:30" level=info msg="Initialising Tyk REST API Endpoints" prefix=main
tyk_gateway_1 | time="Mar 06 16:34:30" level=info msg="API bind on custom port:0" prefix=main
tyk_gateway_1 | time="Mar 06 16:34:30" level=info msg="Initializing HealthChecker"
tyk_gateway_1 | time="Mar 06 16:34:30" level=info msg="Checking security policy: OpenID" api_id=89987cb2510d4f97642fa2c42cf02674 api_name=myapi org_id=5e61fdfda7575e00014b0be6
tyk_gateway_1 | time="Mar 06 16:34:30" level=info msg="API Loaded" api_id=89987cb2510d4f97642fa2c42cf02674 api_name=myapi org_id=5e61fdfda7575e00014b0be6 prefix=gateway server_name=-- user_id=-- user_ip=--
tyk_gateway_1 | time="Mar 06 16:34:30" level=info msg="Loading uptime tests..." prefix=host-check-mgr
tyk_gateway_1 | time="Mar 06 16:34:30" level=info msg="Initialised API Definitions" prefix=main
tyk_gateway_1 | time="Mar 06 16:34:30" level=info msg="API reload complete" prefix=main
tyk_gateway_1 | time="Mar 06 16:34:30" level=info msg="reload: complete" prefix=main
tyk_gateway_1 | time="Mar 06 16:34:30" level=info msg="Initiating coprocess reload" prefix=main
tyk_gateway_1 | time="Mar 06 16:34:30" level=info msg="Reloading middlewares" prefix=coprocess
tyk_gateway_1 | time="Mar 06 16:34:37" level=warning msg="Key not found in storage engine" err="key not found" inbound-key="****1acf" prefix=auth-mgr
tyk_gateway_1 | time="Mar 06 16:34:37" level=warning msg="Attempted access with invalid key." api_id=89987cb2510d4f97642fa2c42cf02674 api_name=myapi key="****1acf" mw=OpenIDMW org_id=5e61fdfda7575e00014b0be6 origin=172.19.0.1 path="/test/headers"
tyk_gateway_1 | time="Mar 06 16:34:37" level=error msg="Could not find a valid policy to apply to this token!" api_id=89987cb2510d4f97642fa2c42cf02674 api_name=myapi mw=OpenIDMW org_id=5e61fdfda7575e00014b0be6 origin=172.19.0.1 path="/test/headers"
I have a valid admin policy mapped to aud
field of the data paylod of the token
Token payload looks like this
{
"given_name": "Róbert",
"family_name": "Vojčík",
"nickname": "robert.vojcik",
"name": "Róbert Vojčík",
"picture": "https://lh3.googleusercontent.com/a-/AOh14GhY9nolugwTaNnfu3oLeGfTPETHKMSEdWpUp7rK",
"gender": "male",
"locale": "en-GB",
"updated_at": "2020-03-06T16:20:34.440Z",
"email": "[email protected]",
"email_verified": true,
"iss": "https://lstech.eu.auth0.com/",
"sub": "google-oauth2|105555337474725685577",
"aud": "T28tLsECRYUYIK2z1ONMz1qbhp3oCXEn",
"iat": 1583511640,
"exp": 1583547640
}