问题
I deployed the network to query from the REST client and launched the REST instance. I wanted to use Google Oauth for the authentication needs but there happens to be an authentication error.
The network is on the localhost:3000 and looks fine; however, when I import a business card and "try it out" the /system/historian I get this response body:
"error": { "statusCode": 500, "name": "Error", "message": "Error trying login and get user Context. Error: Error trying to enroll user or load channel configuration. Error: Enrollment failed with errors [[{"code":20,"message":"Authorization failure"}]]", "stack": "Error: Error trying login and get user Context. Error: Error trying to enroll user or load channel configuration. Error: Enrollment failed with errors [[{"code":20,"message":"Authorization failure"}]]\n at client.getUserContext.then.then.catch (/home/composer/.npm-global/lib/node_modules/composer-rest-server/node_modules/composer-connector-hlfv1/lib/hlfconnection.js:395:34)\n at \n at process._tickDomainCallback (internal/process/next_tick.js:228:7)"
The expected behaviour was to get a set of transactions showed up
I checked the wallet, thinking I might have a problem with the card but there seems to be no problem. The code is 200 which is expected, and here is the response body:
[ { "name": "liner1", "default": false }, { "name": "liner1@iot-perishable-network-advanced", "default": true } ]
回答1:
If you have got as far as importing a card to a Wallet, then your Google Oauth config is fine.
This looks like a problem with the card you have imported. When the Identity is Issued (and the Card is created) a one-time secret is created. When the card is used for the first time the secret is exchanged for Certificates/Keys and the the one-time secret is invalidated.
I'm guessing that you have imported a .card file for a user which has already been used, so now the secret is invalid. If I'm right, you need to export the card from the place where it is working to a new .card file that contains the certificates/keys, and import that new .card file into the REST server wallet. Maybe the command composer card export is what you are looking for.
There is more information on cards in the Composer Knowledge Wiki.
来源:https://stackoverflow.com/questions/51778110/hyperledger-using-google-oauth2-0-with-a-rest-server