Actions
Bug #3206
closed
[Keep] Keep proxy uses API token from its env var for PUT requests, instead of token provided by client
Status:
Resolved
Priority:
Normal
Assigned To:
Category:
Keep
Target version:
Story points:
1.0
Description
PUT "foo" at the same time (~1s) yields:
acbd18db4cc2f85cedef654fccc4a4d8+3+A4c4f3a5266482fc749c72d2265c533990ebe2aae@53cde0cf ← keepserveracbd18db4cc2f85cedef654fccc4a4d8+3+A9abcab7c98791fbf0c78ee385a8f3b0c2ec5975a@53cde0cf ← keepproxy
Quick scan of source code suggests PUT requests are done with the keep proxy's ARVADOS_API_TOKEN env var.
With my own token, arv-put fails:
arv-put foo.txt
0M / 0M 100.0%
Traceback (most recent call last):
File "/usr/local/bin/arv-put", line 4, in <module>
main()
File "/usr/local/lib/python2.7/dist-packages/arvados/commands/put.py", line 394, in main
'manifest_text': writer.manifest_text(),
File "/usr/local/lib/python2.7/dist-packages/oauth2client/util.py", line 132, in positional_wrapper
return wrapped(*args, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/apiclient/http.py", line 723, in execute
raise HttpError(resp, content, uri=self.uri)
apiclient.errors.HttpError: <HttpError 403 when requesting https://qr1hi.arvadosapi.com/arvados/v1/collections?alt=json returned "Forbidden">
If I copy ARVADOS_API_TOKEN from keepproxy's environment into my own environment, arv-put succeeds:
$ arv-put foo.txt 0M / 0M 100.0% 83367e8913dcec0bf3fc25ed5a27eacb+49
...which seems to support this theory.
Updated by Tom Clegg almost 10 years ago
- Subject changed from Keep proxy uses API token from its env var for PUT requests, instead of token provided by client to [Keep] Keep proxy uses API token from its env var for PUT requests, instead of token provided by client
- Description updated (diff)
- Category set to Keep
Updated by
Updated by Anonymous almost 10 years ago
- Status changed from New to Resolved
- % Done changed from 0 to 100
Applied in changeset arvados|commit:67df686d24831e23283923e383838c1ab5c0db67.
Actions