Am Wed, Apr 30, 2025 at 09:07:12AM +0200 schrieb Anders Wittendorff:
> I have this in the logs:
> Apr 28 13:26:13 ipa-test.int.domain.net oidc_child[13187]: libcurl: > POST
> /api/oidc/devicecode HTTP/2
> Apr 28 13:26:13 ipa-test.int.domain.net oidc_child[13187]: libcurl: <
> Apr 28 13:26:13 ipa-test.int.domain.net oidc_child[13187]:
> {"user_code":"xxxx-yyyy","device_code":"xyz=","interval":5,"verification_uri_complete":"https:\/\/
> customer.de.auth.com
> \/api\/oidc\/device?user_code=xxxx-yyyy","verification_uri":"https:\/\/
> customer.de.auth.com\/api\/oidc\/device","expires_in":300}
> Apr 28 13:26:13 ipa-test.int.domain.net oidc_child[13187]: libcurl: *
> TLSv1.2 (IN), TLS header, Unknown (23):
> Apr 28 13:26:13 ipa-test.int.domain.net oidc_child[13187]: libcurl: *
> Connection #0 to host customer.de.auth.com left intact
> Apr 28 13:26:13 ipa-test.int.domain.net oidc_child[13187]: Result does not
> contain the 'message' string.
> Apr 28 13:26:13 ipa-test.int.domain.net oidc_child[13187]: user_code:
> [xxxx-yyyy].
> Apr 28 13:26:13 ipa-test.int.domain.net oidc_child[13187]:
> verification_uri: [https://customer.de.auth.com/api/oidc/device].
> Apr 28 13:26:13 ipa-test.int.domain.net oidc_child[13187]:
> verification_uri_complete: [
> https://customer.de.auth.com/api/oidc/device?user_code=xxxx-yyyy].
> Apr 28 13:26:13 ipa-test.int.domain.net oidc_child[13187]: message:
> [(null)].
> Apr 28 13:26:13 ipa-test.int.domain.net oidc_child[13187]: device_code:
> [xyz=].
> Apr 28 13:26:13 ipa-test.int.domain.net oidc_child[13187]: expires_in:
> [300].
> Apr 28 13:26:13 ipa-test.int.domain.net oidc_child[13187]: interval: [5].Hi, thanks, so the server side asks to check every 5s or less often. Can you check the timestamps of the access of the token endpoint? Did you by chance pressed enter in less than 5s after the URI var displayed in the ssh prompt? bye, Sumit > > Den tirs. 29. apr. 2025 kl. 16.18 skrev Sumit Bose <[email protected]>: > > > Am Mon, Apr 28, 2025 at 01:31:26PM -0000 schrieb Anders Wittendorff via > > FreeIPA-users: > > > I would have to remove a lot of data from it, is there specific parts of > > the flow you would like to see? > > > > Hi, > > > > there should be lines before the error which contain `expires_in: > > [SOME_VALUE].` and `interval: [%d].`. It would be good to know those > > value. Additionally the timestamps of the requests which were send to > > the token endpoint. Please note that there is already on request to the > > token endpoint in the first roundtrip where the device code and the URI > > and the one time PIN are requested. This is typically needed to make the > > IdP server waiting for the one time PIN. > > > > bye, > > Sumit > > > > > -- > > > _______________________________________________ > > > FreeIPA-users mailing list -- [email protected] > > > To unsubscribe send an email to > > [email protected] > > > Fedora Code of Conduct: > > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > > > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > > > List Archives: > > https://lists.fedorahosted.org/archives/list/[email protected] > > > Do not reply to spam, report it: > > https://pagure.io/fedora-infrastructure/new_issue > > > > -- _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
