keystore - 无法验证 fiware-idm 用户帐户
问题描述
我正在使用从源代码构建的 fiware idm letest 版本
- 首先我给用户唱歌
这是 idm 的日志
skip: /img/keyrock01.png nothing to do
[sass] skip: /fonts/neotechstd/neotechstd-regular.woff nothing to do
GET /img/keyrock01.png 304 1.480 ms - -
GET /fonts/neotechstd/neotechstd-regular.woff 304 1.200 ms - -
Executing (default): SELECT `id`, `username`, `description`, `website`, `imag
e`, `gravatar`, `email`, `password`, `date_password`, `enabled`, `admin`, `st
arters_tour_ended`, `extra`, `scope` FROM `user` AS `User` WHERE `User`.`emai
l` = 'test@test.com' LIMIT 1;
Executing (default): SELECT `id`, `username`, `description`, `website`, `imag
e`, `gravatar`, `email`, `password`, `date_password`, `enabled`, `admin`, `st
arters_tour_ended`, `extra`, `scope` FROM `user` AS `User` WHERE `User`.`emai
l` = 'test@test.com' LIMIT 1;
Executing (default): INSERT INTO `user` (`id`,`username`,`image`,`gravatar`,`
email`,`password`,`date_password`,`enabled`,`admin`,`starters_tour_ended`) VA
LUES ('aeb5a8fc-3ee7-48af-a0eb-7b9cf849cf8f','Test','default',false,'test@tes
t.com','e9f7c64ec2895eec281f8fd36e588d1bc762bcca','2018-05-23 10:54:09',false
,false,false);
Executing (437cc850-daa7-42ad-a04e-12094cad524c): START TRANSACTION;
Executing (437cc850-daa7-42ad-a04e-12094cad524c): SELECT `id`, `activation_ke
y`, `activation_expires`, `reset_key`, `reset_expires`, `verification_key`, `
verification_expires`, `user_email` FROM `user_registration_profile` AS `User
_Registration_Profile` WHERE `User_Registration_Profile`.`user_email` = 'test
@test.com' LIMIT 1;
Executing (437cc850-daa7-42ad-a04e-12094cad524c): INSERT INTO `user_registrat
ion_profile` (`id`,`activation_key`,`activation_expires`,`user_email`) VALUES
(DEFAULT,'3qfo4sfc358','2018-05-24 10:54:09','test@test.com');
Executing (437cc850-daa7-42ad-a04e-12094cad524c): COMMIT;
POST /sign_up/ 200 211.580 ms - 6803
[sass] skip: /javascripts/jquery-3.2.1.min.js nothing to do
GET /javascripts/jquery-3.2.1.min.js 304 0.876 ms - -
[sass] source: /home/ubuntu/fiware-idm/themes/default/jquery.Jcrop.scss
[sass] dest: /home/ubuntu/fiware-idm/public/stylesheets/jquery.Jcrop.css
[sass] read: /home/ubuntu/fiware-idm/themes/default/jquery.Jcrop.scss
我没有收到任何确认邮件,所以我点击未收到确认 ,这是 idm 日志
GET /fonts/neotechstd/neotechstd-regular.woff 304 1.080 ms -
执行(默认):SELECTid,username,description,
website,imag e,gravatar,email,password,date_password,
enabled,admin,st arters_tour_ended,extra,scopeFROM
userASUserWHEREUser。emai l= 'test@test.com' 限制 1;
执行(默认):UPDATEuser_registration_profileSET
activation_key= 'z0fv4m8l12k',activation_expires='2018-05-24
11:07:21' WHEREuser_email= 'test@test.com'
POST /confirmation 302 78.040 ms - 66
[sass] 跳过:/auth/登录 无事可做
GET /auth/login 200 4.321 ms - 6786
让我能够验证用户
- 我打开了mysql数据库
- 选择 idm 数据库
- 使用此更新用户表
UPDATE user SET enabled = 1 where email= "test@test.com";在此之后我能够正确访问该用户的 idm 但在我的情况下我无法执行此解决方法
所以我问是否有办法成功地从 idm 向用户发送确认邮件 使用验证链接注册邮件,并在点击链接后,帐户已验证,用户可以使用此帐户访问 idm 任何帮助
更新 我安装 smtp-server 并配置 idm 以与 smtp-server 通信并按照步骤验证帐户 - 注册测试用户,这是 idm 的日志
GET /fonts/neotechstd/neotechstd-regular.woff 304 2.783 ms - -
[sass] skip: /img/keyrock01.png nothing to do
GET /img/keyrock01.png 304 0.568 ms - -
Executing (default): SELECT `id`, `username`, `description`, `website`, `imag
e`, `gravatar`, `email`, `password`, `date_password`, `enabled`, `admin`, `st
arters_tour_ended`, `extra`, `scope` FROM `user` AS `User` WHERE `User`.`emai
l` = 'testuser@testuser.com' LIMIT 1;
Executing (default): SELECT `id`, `username`, `description`, `website`, `imag
e`, `gravatar`, `email`, `password`, `date_password`, `enabled`, `admin`, `st
arters_tour_ended`, `extra`, `scope` FROM `user` AS `User` WHERE `User`.`emai
l` = 'testuser@testuser.com' LIMIT 1;
Executing (default): INSERT INTO `user` (`id`,`username`,`image`,`gravatar`,`
email`,`password`,`date_password`,`enabled`,`admin`,`starters_tour_ended`) VA
LUES ('f11aa78f-2d48-4b36-805c-8ca8383ef44b','Testuser','default',false,'test
user@testuser.com','c178fcf003558346bb951eae536f205ab1420401','2018-05-25 18:
49:42',false,false,false);
Executing (3b3a82b6-9c0b-44ae-9abe-f3cc4746e06f): START TRANSACTION;
Executing (3b3a82b6-9c0b-44ae-9abe-f3cc4746e06f): SELECT `id`, `activation_ke
y`, `activation_expires`, `reset_key`, `reset_expires`, `verification_key`, `
verification_expires`, `user_email` FROM `user_registration_profile` AS `User
_Registration_Profile` WHERE `User_Registration_Profile`.`user_email` = 'test
user@testuser.com' LIMIT 1;
Executing (3b3a82b6-9c0b-44ae-9abe-f3cc4746e06f): INSERT INTO `user_registrat
ion_profile` (`id`,`activation_key`,`activation_expires`,`user_email`) VALUES
(DEFAULT,'v9hadxsieme','2018-05-26 18:49:42','testuser@testuser.com');
Executing (3b3a82b6-9c0b-44ae-9abe-f3cc4746e06f): COMMIT;
POST /sign_up/ 200 191.699 ms - 6803
这是 smtp-server 的日志 [
2018-05-25 18:49:43] DEBUG [#7o7cqgw2g77rqfs7] 250-SMTPUTF8
[2018-05-25 18:49:43] DEBUG [#7o7cqgw2g77rqfs7] 250-SIZE 10485760
[2018-05-25 18:49:43] DEBUG [#7o7cqgw2g77rqfs7] 250-XCLIENT NAME ADDR PORT PR
OTO HELO LOGIN
[2018-05-25 18:49:43] DEBUG [#7o7cqgw2g77rqfs7] 250 XFORWARD NAME ADDR PORT P
ROTO HELO IDENT SOURCE
[2018-05-25 18:49:43] DEBUG [#7o7cqgw2g77rqfs7] C: MAIL FROM:<noreply@localho
st>
[2018-05-25 18:49:43] DEBUG [#7o7cqgw2g77rqfs7] S: 250 Accepted
[2018-05-25 18:49:43] DEBUG [#7o7cqgw2g77rqfs7] C: RCPT TO:<testuser@testuser
.com>
[2018-05-25 18:49:43] DEBUG [#7o7cqgw2g77rqfs7] S: 250 Accepted
[2018-05-25 18:49:43] DEBUG [#7o7cqgw2g77rqfs7] C: DATA
[2018-05-25 18:49:43] DEBUG [#7o7cqgw2g77rqfs7] S: 354 End data with <CR><LF>
.<CR><LF>
Content-Type: text/html; charset=utf-8
From: noreply@localhost
To: testuser@testuser.com
Subject: Welcome to Keyrock
Message-ID: <c4b64133-9a38-39ab-bc98-0fd5647040b1@localhost>
Content-Transfer-Encoding: quoted-printable
Date: Fri, 25 May 2018 18:49:43 +0000
MIME-Version: 1.0
<!DOCTYPE html>
<html>
<head>
<meta content=3D"text/html; =
charset=3DUTF-8" http-equiv=3D"Content-Type">
</head>
<body>
<table style=3D"background-color: #F1F1F2; min-
height: 300px; =
padding-bottom: 40px; border:0; font-family: verdan
a, arial, sans-serif;" =
cellpadding=3D"0" cellspacing=3D"0" width=3D"100%">
<tr>
<td align=3D"center" valign=3D"top">
<table =
style=3D"padding: 15px 0px; border:0;" cellpadding=
3D"0" cellspacing=3D"0" =
width=3D"700">
<tr style=3D"background-color: #F1F1F2
; =
min-height: 80px; display: block;">
<td =
style=3D"background-color: white; width:700px;">
<img =
title=3D'Keyrock' alt=3D'Keyrock' style=3D"height:
70px;" =
src=3D"data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaH
aWlpb0QvLzJRPT0iL
z48L3N2Zz4=3D">
</td></tr>
<tr style=3D"height: auto; padding: =
20px 15px 10px; color: #666; background-color: #FFF
; font-size: 13px;">
<td>
<table style=3D"height: auto; =
padding: 20px 15px 10px; color: #666; background-co
lor: #FFF; font-size: =
13px;">
<tr><td>
=
<p>Hello Testuser1!</p>
<p>Welcome to Keyrock! By clicking =
on the link "I accept" below, you state that you ha
ve read and accepted the=
our Terms and Conditions and the creation of your
account will be =
confirmed:</p>
<p><a href=3D"http://localhost:3000/activate?=
activation_key=3Dpr93n16tgk8&email=3Dtestuser1@
testuser1.com" =
target=3D"_blank">I accept</a></p>
=20
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td style=3D"border-top:1px solid =
#48B9C9;"></td>
</tr>
<tr>
<td style=3D"border-top: 1px solid
#FF0; border-bottom: 1px=
solid #193B6B; height: 0px; width: 100%; display:b
lock;"></td>
</tr>
<tr style=3D"background-color: #FFF;"
> =
=20
<td style=3D"padding:15px 15px 0px;
display: =
block; padding-bottom: 30px; font-size: 11px;">
2018 =
=C2=A9=20
<a style=3D"color: #193B6B; tex
t-decoration: =
none;" href=3D"https://github.com/ging" onMouseOver
=3D "this.style.=
cssText=3D 'color: #48B9C9; text-decoration: none;'
" onMouseOut=3D "this.=
style.cssText=3D 'color: #193B6B; text-decoration:
none;'">GING DIT</a>- =
Universidad Polit=C3=A9nica de Madrid.
</td>
</tr>
</table>
</td>
</tr>
</table>
</body>
</html>
[
2018-05-25 19:01:58] DEBUG [#bjwvvi7anyru4k3d] C: <19
949 bytes of DATA>
[2018-05-25 19:01:58] DEBUG [#bjwvvi7anyru4k3d] S: 250
Message queued as abcd
ef
[2018-05-25 19:01:58] INFO [#bjwvvi7anyru4k3d] Connec
tion closed to [127.0.0
.1]
我从 smtp-server 日志中复制 HTML,这是电子邮件。发送给用户
当我点击我接受时,我收到了这个错误
所以我从日志中复制了激活链接,即“ http://localhost:3000/activate?=activation_key=3Dpr93n16tgk8&email=3Dtestuser1@testuser1.com ”
我得到了无效的 csrf 令牌作为响应,这是 idm 的日志
ass] skip: /fonts/neotechstd/neotechstd-regular.woff nothing to do
[sass] skip: /img/keyrock01.png nothing to do
GET /fonts/neotechstd/neotechstd-regular.woff 304 1.087 ms - -
GET /img/keyrock01.png 304 0.904 ms - -
[sass] skip: /activate nothing to do
Executing (default): SELECT `User_Registration_Profile`.`id`, `User_Regi s t ra t
ion_Profile`.`activation_key`, `User_Registration_Profile`.`activation_e x p ir e
s`, `User_Registration_Profile`.`reset_key`, `User_Registration_Profile` . ` re s
et_expires`, `User_Registration_Profile`.`verification_key`, `User_Regis t r at i
on_Profile`.`verification_expires`, `User_Registration_Profile`.`user_em a i l` ,
`User`.`id` AS `User.id`, `User`.`username` AS `User.username`, `User`. ` d es c
ription` AS `User.description`, `User`.`website` AS `User.website`, `Use r ` .` i
mage` AS `User.image`, `User`.`gravatar` AS `User.gravatar`, `User`.`ema i l ` A
S `User.email`, `User`.`password` AS `User.password`, `User`.`date_passw o r d`
AS `User.date_password`, `User`.`enabled` AS `User.enabled`, `User`.`adm i n ` A
S `User.admin`, `User`.`starters_tour_ended` AS `User.starters_tour_ende d ` , `
User`.`extra` AS `User.extra`, `User`.`scope` AS `User.scope` FROM `user _ r eg i
stration_profile` AS `User_Registration_Profile` LEFT OUTER JOIN `user` A S ` U
ser` ON `User_Registration_Profile`.`user_email` = `User`.`email` WHERE ` U se r
_Registration_Profile`.`user_email` = '3Dtestuser1@testuser1.com' LIMIT 1 ;
GET /activate?=activation_key=3Dpr93n16tgk8&email=3Dtestuser1@testuser1. c o m 4
03 21.857 ms - 18
[sass] skip: /activate nothing to do
我将 URL 更改为
“ http://147.27.60.37:3000/activate?=activation_key=3Dpr93n16tgk8&email=testuser1@testuser1.com ”
但是会遇到危险: 在此步骤之后激活用户和此 idm 日志时出错
Executing (default): SELECT `User_Registration_Profile`.`id`, `User_Registration_Profile`.
`activation_key`, `User_Registration_Profile`.`activation_expires`, `User_Registration_Pro
file`.`reset_key`, `User_Registration_Profile`.`reset_expires`, `User_Registration_Profile
`.`verification_key`, `User_Registration_Profile`.`verification_expires`, `User_Registrati
on_Profile`.`user_email`, `User`.`id` AS `User.id`, `User`.`username` AS `User.username`,
`User`.`description` AS `User.description`, `User`.`website` AS `User.website`, `User`.`im
age` AS `User.image`, `User`.`gravatar` AS `User.gravatar`, `User`.`email` AS `User.email`
, `User`.`password` AS `User.password`, `User`.`date_password` AS `User.date_password`, `U
ser`.`enabled` AS `User.enabled`, `User`.`admin` AS `User.admin`, `User`.`starters_tour_en
ded` AS `User.starters_tour_ended`, `User`.`extra` AS `User.extra`, `User`.`scope` AS `Use
r.scope` FROM `user_registration_profile` AS `User_Registration_Profile` LEFT OUTER JOIN `
user` AS `User` ON `User_Registration_Profile`.`user_email` = `User`.`email` WHERE `User_R
egistration_Profile`.`user_email` = 'testuser1@testuser1.com' LIMIT 1;
GET /activate?=activation_key=3Dpr93n16tgk8&email=testuser1@testuser1.com 200 22.253 ms -
6750
所以我很困惑为什么 idm dosent 在我得到激活链接后验证用户帐户任何建议
解决方案
在以前版本的 IdM (<5.0) 中,除非您设置电子邮件服务器以发送确认电子邮件,否则您必须在应用程序日志中搜索确认链接。这是因为 IdM 抛出异常并记录无法发送的邮件。
在 IdM 的最新版本中,这可能已经发生了变化,因为他们对组件的实现进行了相当多的更改。我建议您尝试将日志记录的严重性从 INFO 降低到 DEBUG 以查看确认电子邮件是否已保存。
另一方面,如果您想配置电子邮件服务器,请在config.js中根据您的情况定义适当的值。
无论如何,据我所知,仅出于实际目的,您的解决方法是完全有效的!
此致!
推荐阅读
- reactjs - 如何在反应状态对象中附加键/值(功能组件)
- python - 如何在 Linux 上使用 Python 获取文件夹组?
- python - 烧瓶测试数据库未在提交时保存
- c# - 带有 CSV 文件的 WPF DataGridComboBoxColumn
- maven - 使用 mvn failsafe:integration-test 在 jenkins 节点上运行集成测试时出现“权限被拒绝错误”
- android - 如何在扩展浮动操作按钮中居中对齐文本?
- java - 有没有办法将接口实例添加到 Java 中的 ArrayList?
- mysql - MySql 查询中的动态分组依据
- matlab - 在matlab中模拟估计
- c++ - else 语句在被提供后期待一个 if 语句