Hey y’all,
so to fix a bug with the Data Entry (Beta) app, I performed an upgrade on my test instance from 40 to 41. Backed everything up and just downloaded the new .war file. Everything in the web UI seems to be working, including the Data Entry (Beta) app. Thanks @tzemp !
But now I am no longer to make Oauth2 connections and thus work with the APIs. These connections were working fine on 05/30 before I went on vacation, but now that I am back and post-upgrade…nothing doing.
I have recreated a couple of Oauth2 connections and I am sure that the client secrets in my code is correct.
I am trying both curl.exe in Windows cmd.exe and Invoke-RestMethod in PowerShell, and even curl on the Ubuntu machine hosting DHIS2. I am not a developer and don’t really understand the error that I am getting. It looks like I am being redirected to the web /dhis-web-login/ instead of /uaa/oauth/token/ and then I am getting the HTML for /dhis-web-login/ as the response. But I don’t understand why?
I’ll post the 3 commands and there outputs below. Any insight would be appreciated! Thanks!
################### PowerShell Invoke-RestMethod: ###################
$SECRET="13e7d5e47-eb97-92a0-6fab-e8b23e51dd2"
$POSTParams = @{
grant_type = "password"
username = "admin"
password = "password$#@!"
}
$Headers = @{
Accept = "application/json"
Authorization = "Basic "+ [System.Convert]::ToBase64String([System.Text.Encoding]::ASCII.GetBytes("PS2:13e7d5e47-eb97-92a0-6fab-e8b23e51dd2"))
}
Invoke-RestMethod -Method Post -Headers $Headers -Uri "http://192.168.1.186/uaa/oauth/token" -Body $POSTParams
################### Output: ###################
<!doctype html><html lang="en" dir="ltr"><head><meta charset="utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1,shrink-to-fit=no"/><meta na
me="theme-color" content="#ffffff"/><link rel="manifest" crossorigin="use-credentials" href="./manifest.json"/><meta name="msapplication-config" content="browserco
nfig.xml"/><link rel="icon" href="./favicon.ico"/><link rel="apple-touch-icon" sizes="180x180" href="./apple-touch-icon.png"/><link rel="icon" type="image/png" siz
es="48x48" href="./favicon-48x48.png"/><link rel="icon" type="image/png" sizes="32x32" href="./favicon-32x32.png"/><link rel="icon" type="image/png" sizes="16x16"
href="./favicon-16x16.png"/><link rel="mask-icon" href="./safari-pinned-tab.svg" color="#235b8b"/><title>Login app | DHIS2</title><script defer="defer" src="./stat
ic/js/main.9c8e3434.js"></script><link href="./static/css/main.4536e618.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.
</noscript><div id="dhis2-app-root"></div><div id="dhis2-portal-root"></div></body></html>
################### curl.exe on Windows: ###################
$SERVER="http://192.168.1.186"
$SECRET="13e7d5e47-eb97-92a0-6fab-e8b23e51dd2"
$accessTokenRequest = $(cmd /c "C:\Temp\curl-8.8.0_2-win64-mingw\bin\curl.exe -v --location-trusted -X POST -H "Accept: application/json" -u PS2:$SECRET $SERVER/uaa/oauth/token/ -d grant_type=password -d username=admin -d password=password$#@! 2>&1")
$accessTokenRequest
################### Output: ###################
Note: Unnecessary use of -X or --request, POST is already inferred.
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0* Trying 192.168.1.186:80...
* Connected to 192.168.1.186 (192.168.1.186) port 80
* Server auth using Basic with user 'PS2'
> POST /uaa/oauth/token/ HTTP/1.1
> Host: 192.168.1.186
> Authorization: Basic UFMyOjEzZTdkNWU0Ny1lYjk3LTkyYTAtNmZhYi1lOGIyM2U1MWRkMg==
> User-Agent: curl/8.8.0
> Accept: */*
> Accept: application/json
> Content-Length: 59
> Content-Type: application/x-www-form-urlencoded
>
} [59 bytes data]
* upload completely sent off: 59 bytes
< HTTP/1.1 302
< Server: nginx/1.18.0 (Ubuntu)
< Date: Mon, 17 Jun 2024 09:39:17 GMT
< Content-Length: 0
< Connection: keep-alive
< Set-Cookie: JSESSIONID=BC9783E6FFC9F76FEC5E64CC3A19DF7A; Path=/; SameSite=Lax; HttpOnly
< Content-Security-Policy: frame-ancestors 'self';
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
* Need to rewind upload for next request
< Location: http://192.168.1.186/dhis-web-login
<
* Ignoring the response-body
100 59 0 0 100 59 0 175 --:--:-- --:--:-- --:--:-- 175
* Connection #0 to host 192.168.1.186 left intact
* Issue another request to this URL: 'http://192.168.1.186/dhis-web-login'
* Switch from POST to GET
* Found bundle for host: 0x1b5d8657570 [serially]
* Can not multiplex, even if we wanted to
* Re-using existing connection with host 192.168.1.186
* Server auth using Basic with user 'PS2'
> POST /dhis-web-login HTTP/1.1
> Host: 192.168.1.186
> Authorization: Basic UFMyOjEzZTdkNWU0Ny1lYjk3LTkyYTAtNmZhYi1lOGIyM2U1MWRkMg==
> User-Agent: curl/8.8.0
> Accept: */*
> Accept: application/json
>
* Request completely sent off
< HTTP/1.1 302
< Server: nginx/1.18.0 (Ubuntu)
< Date: Mon, 17 Jun 2024 09:39:17 GMT
< Content-Length: 0
< Connection: keep-alive
< Set-Cookie: JSESSIONID=A5A7888141E984FEE15510EF83757518; Path=/; SameSite=Lax; HttpOnly
< Content-Security-Policy: frame-ancestors 'self';
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Location: http://192.168.1.186/dhis-web-login/
<
* Ignoring the response-body
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0
* Connection #0 to host 192.168.1.186 left intact
* Issue another request to this URL: 'http://192.168.1.186/dhis-web-login/'
* Found bundle for host: 0x1b5d8657570 [serially]
* Can not multiplex, even if we wanted to
* Re-using existing connection with host 192.168.1.186
* Server auth using Basic with user 'PS2'
> POST /dhis-web-login/ HTTP/1.1
> Host: 192.168.1.186
> Authorization: Basic UFMyOjEzZTdkNWU0Ny1lYjk3LTkyYTAtNmZhYi1lOGIyM2U1MWRkMg==
> User-Agent: curl/8.8.0
> Accept: */*
> Accept: application/json
>
* Request completely sent off
< HTTP/1.1 200
< Server: nginx/1.18.0 (Ubuntu)
< Date: Mon, 17 Jun 2024 09:39:17 GMT
< Content-Type: text/html;charset=UTF-8
< Content-Length: 1068
< Connection: keep-alive
< Set-Cookie: JSESSIONID=32F32D94C4C25F00129C9F2342D0BEA5; Path=/; SameSite=Lax; HttpOnly
< Content-Security-Policy: frame-ancestors 'self';
< Accept-Ranges: bytes
< ETag: W/"1068-1716967944000"
< Last-Modified: Wed, 29 May 2024 07:32:24 GMT
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
<
{ [1068 bytes data]
100 1068 100 1068 0 0 2971 0 --:--:-- --:--:-- --:--:-- 2971
* Connection #0 to host 192.168.1.186 left intact
<!doctype html><html lang="en" dir="ltr"><head><meta charset="utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1,shrink-to-fit=no"/><meta na
me="theme-color" content="#ffffff"/><link rel="manifest" crossorigin="use-credentials" href="./manifest.json"/><meta name="msapplication-config" content="browserco
nfig.xml"/><link rel="icon" href="./favicon.ico"/><link rel="apple-touch-icon" sizes="180x180" href="./apple-touch-icon.png"/><link rel="icon" type="image/png" siz
es="48x48" href="./favicon-48x48.png"/><link rel="icon" type="image/png" sizes="32x32" href="./favicon-32x32.png"/><link rel="icon" type="image/png" sizes="16x16"
href="./favicon-16x16.png"/><link rel="mask-icon" href="./safari-pinned-tab.svg" color="#235b8b"/><title>Login app | DHIS2</title><script defer="defer" src="./stat
ic/js/main.9c8e3434.js"></script><link href="./static/css/main.4536e618.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.
</noscript><div id="dhis2-app-root"></div><div id="dhis2-portal-root"></div></body></html>
################### curl on the Ubuntu host: ###################
curl -v --location-trusted -X POST -H "Accept: application/json" -u PS2:13e7d5e47-eb97-92a0-6fab-e8b23e51dd2 http://192.168.1.186/uaa/oauth/token -d grant_type=password -d username=admin -d password=password$#@!
################### Output ###################
Note: Unnecessary use of -X or --request, POST is already inferred.
* Trying 192.168.1.186:80...
* Connected to 192.168.1.186 (192.168.1.186) port 80 (#0)
* Server auth using Basic with user 'PS2'
> POST /uaa/oauth/token HTTP/1.1
> Host: 192.168.1.186
> Authorization: Basic UFMyOjEzZTdkNWU0Ny1lYjk3LTkyYTAtNmZhYi1lOGIyM2U1MWRkMg==
> User-Agent: curl/7.81.0
> Accept: application/json
> Content-Length: 58
> Content-Type: application/x-www-form-urlencoded
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 302
< Server: nginx/1.18.0 (Ubuntu)
< Date: Mon, 17 Jun 2024 09:29:19 GMT
< Content-Length: 0
< Connection: keep-alive
< Set-Cookie: JSESSIONID=A2AA3C31D742E6D20F5C40E157BF8138; Path=/; SameSite=Lax; HttpOnly
< Content-Security-Policy: frame-ancestors 'self';
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Location: http://192.168.1.186/dhis-web-login
<
* Connection #0 to host 192.168.1.186 left intact
* Issue another request to this URL: 'http://192.168.1.186/dhis-web-login'
* Switch from POST to GET
* Found bundle for host 192.168.1.186: 0x560b5a2d8010 [serially]
* Can not multiplex, even if we wanted to!
* Re-using existing connection! (#0) with host 192.168.1.186
* Connected to 192.168.1.186 (192.168.1.186) port 80 (#0)
* Server auth using Basic with user 'PS2'
> POST /dhis-web-login HTTP/1.1
> Host: 192.168.1.186
> Authorization: Basic UFMyOjEzZTdkNWU0Ny1lYjk3LTkyYTAtNmZhYi1lOGIyM2U1MWRkMg==
> User-Agent: curl/7.81.0
> Accept: application/json
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 302
< Server: nginx/1.18.0 (Ubuntu)
< Date: Mon, 17 Jun 2024 09:29:19 GMT
< Content-Length: 0
< Connection: keep-alive
< Set-Cookie: JSESSIONID=29C129F3A1813E245AA333F4DBEAB758; Path=/; SameSite=Lax; HttpOnly
< Content-Security-Policy: frame-ancestors 'self';
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< Location: http://192.168.1.186/dhis-web-login/
<
* Connection #0 to host 192.168.1.186 left intact
* Issue another request to this URL: 'http://192.168.1.186/dhis-web-login/'
* Found bundle for host 192.168.1.186: 0x560b5a2d8010 [serially]
* Can not multiplex, even if we wanted to!
* Re-using existing connection! (#0) with host 192.168.1.186
* Connected to 192.168.1.186 (192.168.1.186) port 80 (#0)
* Server auth using Basic with user 'PS2'
> POST /dhis-web-login/ HTTP/1.1
> Host: 192.168.1.186
> Authorization: Basic UFMyOjEzZTdkNWU0Ny1lYjk3LTkyYTAtNmZhYi1lOGIyM2U1MWRkMg==
> User-Agent: curl/7.81.0
> Accept: application/json
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200
< Server: nginx/1.18.0 (Ubuntu)
< Date: Mon, 17 Jun 2024 09:29:19 GMT
< Content-Type: text/html;charset=UTF-8
< Content-Length: 1068
< Connection: keep-alive
< Set-Cookie: JSESSIONID=C0242D5F508F03F344008C7A22DE473C; Path=/; SameSite=Lax; HttpOnly
< Content-Security-Policy: frame-ancestors 'self';
< Accept-Ranges: bytes
< ETag: W/"1068-1716967944000"
< Last-Modified: Wed, 29 May 2024 07:32:24 GMT
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
<
<!doctype html><html lang="en" dir="ltr"><head><meta charset="utf-8"/><meta name="viewport" content="width=device-width,initial-scale=1,shrink-to-fit=no"/><meta name="theme-color" content="#ffffff"/><link rel="manifest" crossorigin="use-credentials" href="./manifest.json"/><meta name="msapplication-config" content="browserconfig.xml"/><link rel="icon" href="./favicon.ico"/><link rel="apple-touch-icon" sizes="180x180" href="./apple-touch-icon.png"/><link rel="icon" type="image/png" sizes="48x48" href="./favicon-48x48.png"/><link rel="icon" type="image/png" sizes="32x32" href="./favicon-32x32.png"/><link rel="icon" type="image/png" sizes="16x16" href="./favicon-16x16.png"/><link rel="mask-icon" href="./safari-pinned-tab.svg" color="#235b8b"/><title>Login app | DHIS2</title><script defer="defer" src="./static/js/main.9c8e3434.js"></script><link href="./static/css/main.4536e618.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="dhis2-app-root"></div><div* Connection #0 to host 192.168.1.186 left intact
id="dhis2-portal-root"></div></body></html>