Wednesday, June 29, 2016

Unable to request an Authentication Token when calling the Oracle Storage Cloud Service REST API

Problem:

You are attempting to request an authorization token using curl. Curl is used to invoke the REST API of the Oracle Storage Cloud Service to do so.

For example, you invoke it as follows:

root@demo:/root> curl -v -s -X GET -H "X-Storage-User: Storage-myIdentityDomain:ahmed@raastech.com" -H "X-Storage-Pass: Welcome_1" https://ahmeddomain.storage.oraclecloud.com/auth/v1.0

The output shows an error as highlighted:

* About to connect() to ahmedraastech.storage.oraclecloud.com port 443 (#0)
*   Trying 192.152.172.2... connected
* Connected to ahmeddomain.storage.oraclecloud.com (192.152.172.2) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* SSL connection using TLS_RSA_WITH_AES_128_CBC_SHA
* Server certificate:
*       subject: CN=*.storage.oraclecloud.com,O=Oracle Corporation,L=Redwood Shores,ST=California,C=US
*       start date: Aug 07 00:00:00 2015 GMT
*       expire date: Oct 05 23:59:59 2016 GMT
*       common name: *.storage.oraclecloud.com
*       issuer: CN=VeriSign Class 3 Secure Server CA - G3,OU=Terms of use at https://www.verisign.com/rpa (c)10,OU=VeriSign Trust Network,O="VeriSign, Inc.",C=US
> GET /auth/v1.0 HTTP/1.1
> User-Agent: curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.16.2.3 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2
> Host: ahmeddomain.storage.oraclecloud.com
> Accept: */*
> X-Storage-User: Storage-myIdentityDomain:ahmed@raastech.com
> X-Storage-Pass: Welcome_1
>
< HTTP/1.1 401 Unauthorized
< X-Trans-Id: tx2cdb525f54cc420989925-00576ee463ga
< WWW-Authenticate: Token
< Content-Type: text/plain;charset=UTF-8
< Content-Length: 27
< Date: Sat, 25 Jun 2016 20:06:59 GMT
< Server: Oracle-Storage-Cloud-Service
<
* Connection #0 to host ahmeddomain.storage.oraclecloud.com left intact
* Closing connection #0
Invalid user id or password


Solution:

1. The format of the curl command is:

curl -v -s -X GET -H "X-Storage-User: Storage-<Identity Domain>:<Oracle Account>" -H "X-Storage-Pass: <Oracle Account Password>" https://<Identity Domain>.storage.oraclecloud.com/auth/v1.0

2. Keep in mind the following:
  • Enter your identity domain in two locations in the command above.
  • The username is your Oracle Account username.
  • The password is your Oracle Account password, not your My Services password.

WRONG: 
root@demo:/root> curl -v -s -X GET -H "X-Storage-User: Storage-myIdentityDomain:ahmed@raastech.com" -H "X-Storage-Pass: Welcome_1" https://ahmeddomain.storage.oraclecloud.com/auth/v1.0 
RIGHT: 
root@demo:/root> curl -v -s -X GET -H "X-Storage-User: Storage-ahmeddomain:ahmed@raastech.com" -H "X-Storage-Pass: mypassword" https://ahmeddomain.storage.oraclecloud.com/auth/v1.0


Applicable Versions:
  • Oracle Storage Cloud Service (2016)


No comments:

Post a Comment

Subscribe to: Post Comments (Atom)