[
https://issues.apache.org/jira/browse/KNOX-3187?focusedWorklogId=982420&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-982420
]
ASF GitHub Bot logged work on KNOX-3187:
----------------------------------------
Author: ASF GitHub Bot
Created on: 09/Sep/25 13:00
Start Date: 09/Sep/25 13:00
Worklog Time Spent: 10m
Work Description: moresandeep commented on code in PR #1082:
URL: https://github.com/apache/knox/pull/1082#discussion_r2333477389
##########
knox-token-generation-ui/token-generation/app/token-generation.service.ts:
##########
@@ -73,14 +75,31 @@ export class TokenGenService {
});
}
+ isTokenHashKeyPresent(): Promise<boolean> {
+ let headers = new HttpHeaders();
+ headers = this.addHeaders(headers);
+ return this.http.get(this.metadataInfoUrl, { headers: headers})
+ .toPromise()
+ .then(response => {
+ return response['generalProxyInfo']?.['enableTokenManagement']
=== 'true';
+ })
+ .catch((err: HttpErrorResponse) => {
+ console.debug('TokenGenService --> isTokenHashKeyPresent() -->
' + this.metadataInfoUrl + '\n error: ' + err.message);
Review Comment:
Might want to remove the debug message.
##########
knox-token-management-ui/token-management/app/token.management.service.ts:
##########
@@ -129,6 +130,25 @@ export class TokenManagementService {
});
}
+ isTokenHashKeyPresent(): Promise<boolean> {
+ let headers = new HttpHeaders();
+ headers = this.addJsonHeaders(headers);
+ return this.http.get(this.metadataInfoUrl, { headers: headers})
+ .toPromise()
+ .then(response => {
+ return response['generalProxyInfo']?.['enableTokenManagement']
=== 'true';
+ })
+ .catch((err: HttpErrorResponse) => {
+ console.debug('TokenManagementService -->
isTokenHashKeyPresent() --> '
Review Comment:
Debug
##########
knox-token-management-ui/token-management/app/token.management.component.ts:
##########
@@ -121,8 +136,12 @@ export class TokenManagementComponent implements OnInit {
}
fetchKnoxTokens(): void {
- this.tokenManagementService.getKnoxTokens(this.userName,
this.canSeeAllTokens)
- .then(tokens => this.updateTokens(tokens));
+ if (this.tokenHashKeyPresent) {
+ this.tokenManagementService.getKnoxTokens(this.userName,
this.canSeeAllTokens)
+ .then(tokens => this.updateTokens(tokens));
+ } else {
+ console.debug('knox.token.hash.key is missing, skipping Knox token
fetch...');
Review Comment:
Debug :)
##########
knox-token-generation-ui/token-generation/app/token-generation.service.ts:
##########
@@ -73,14 +75,31 @@ export class TokenGenService {
});
}
+ isTokenHashKeyPresent(): Promise<boolean> {
+ let headers = new HttpHeaders();
+ headers = this.addHeaders(headers);
+ return this.http.get(this.metadataInfoUrl, { headers: headers})
+ .toPromise()
+ .then(response => {
+ return response['generalProxyInfo']?.['enableTokenManagement']
=== 'true';
+ })
+ .catch((err: HttpErrorResponse) => {
+ console.debug('TokenGenService --> isTokenHashKeyPresent() -->
' + this.metadataInfoUrl + '\n error: ' + err.message);
+ if (err.status === 401) {
+ window.location.assign(document.location.pathname);
+ } else {
+ return this.handleError(err);
+ }
+ });
+ }
getSessionInformation(): Promise<SessionInformation> {
let headers = new HttpHeaders();
headers = this.addHeaders(headers);
return this.http.get(this.sessionUrl, { headers: headers})
.toPromise()
.then(response => response['sessioninfo'] as SessionInformation)
.catch((err: HttpErrorResponse) => {
- console.debug('TokenManagementService -->
getSessionInformation() --> ' + this.sessionUrl + '\n error: ' + err.message);
+ console.debug('TokenGenService --> getSessionInformation() -->
' + this.sessionUrl + '\n error: ' + err.message);
Review Comment:
Same thing, do we need to display error messages to users on console? There
could be a case made where it might help troubleshoot issues faster but
displaying messages on console is not my favorite way to display errors :)
Issue Time Tracking
-------------------
Worklog Id: (was: 982420)
Time Spent: 0.5h (was: 20m)
> Better indicator of missing knox.token.hash.key on Token
> Management/Generation UIs
> ----------------------------------------------------------------------------------
>
> Key: KNOX-3187
> URL: https://issues.apache.org/jira/browse/KNOX-3187
> Project: Apache Knox
> Issue Type: Improvement
> Affects Versions: 2.0.0, 2.1.0
> Reporter: Sandor Molnar
> Assignee: Sandor Molnar
> Priority: Blocker
> Fix For: 2.1.0
>
> Attachments: image-2025-09-09-08-41-30-504.png,
> image-2025-09-09-08-42-19-091.png
>
> Time Spent: 0.5h
> Remaining Estimate: 0h
>
> As of now, when there is no `knox.token.hash.key` alias stored in the
> gateway-level credential store and one hits the Token Management or Token
> Generation UI, the following pop-up windows are shown:
> !image-2025-09-09-08-41-30-504.png|height=200!
> !image-2025-09-09-08-42-19-091.png|height=200!
> The only way to find out what causes this issue is to check the logs, where
> the root cause is clearly indicated:
> {code}
> Caused by: org.glassfish.hk2.api.MultiException: A MultiException has 2
> exceptions. They are:
> 1. org.apache.knox.gateway.services.ServiceLifecycleException: Missing
> knox.token.hash.key alias from Gateway's credential store
> 2. java.lang.IllegalStateException: Unable to perform operation: post
> construct on org.apache.knox.gateway.service.knoxtoken.TokenResourceV2
> {code}
> To avoid this, we need to improve the error message within the popup window
> to tell the users they need this key before they can use the token management
> feature.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
