Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Topicus Keyhub integration
#1
I am trying to configure the topicus keyhub integration but i can't get it working.

In Keyhub i configured the folowing:

'manage access' > add
OAuth2/OIDC
Name = 'Visionapp'
Technical administrators group en Group with ownership: Chose keyhum administrators
grant types: 'code and implict'
confidential: on
application uris:  http://localhost:3017
scopes: profile, activate linked systems and access your vaults
I added a group where i am a member of.

Picture Visionapp Configuration
   

When i click Synchronize now it openen this the first time, after that the normal login screen.

Picture-2
   

After the login i get an error:
This site can’t be reached
The connection was reset.Try:

Checking the connection

Checking the proxy and the firewall

Running Windows Network Diagnostics
ERR_CONNECTION_RESET


With this URL:
http://localhost:3017/?code=eyJ6aXAiOiJERUYiLCJjdHkiOiJKV1QiLCJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiZGlyIn0..3rAr8O4fuLrljVrI.wWB_9qxIlBgtwIyuGRgxARmuI3-_rIN_ozeIn6itieAMD7AEiLmfjkWFtBqdVCLB07M88leUskxpWaRuKZxB3Oo0RBVV-6mte4RMFxYllz7ghBPmGb8XcxDyoqa2_NKwtS5dUPsKKQOwugxfsEjcBKPaEMCbjlNyKAPLTM7IA-O6k5uis5iQDtnno6QrcXyW4mMdjBLiQjQkOTgRBfZndP-R5GtOT3_-SESWrWD1LtVl2syfFf8b0lCnAS4iXbwaGH5WsN3ZL5qYw3l5JV3oCacbXdaW3LQ76vfIIUiMcU_mKagiP6Zg-SJkeh43VNN0ccAi3Zpc6di0N03S7psNGDeFsd8BmGo5UGTzdRl1UoxXeeLox-pw5CnbxmhaCoeXwUIa5zIlJpPc6NTAd0DtijQSdnwu4D8poJNPf2E-Qg8rlfhQzm__WPB4dSW0yd5CD0n42HZ4_1fVmiNztZAZqtI9ac0COcyICkhsipoPE-e6l9KyFxWyls9aGWrTfvesfT8FBVnS22YheVSL0itJH-3SdQc0zVULuhQ7gFg65EpdyLJ64QWo_KVcnYJqP6bIbECRKrI7gtycIGb-4kIH3EEREPwJCxeDdjg-TyTo3FHBuQS4vNrsvY_tQHVzcRxK2-Epc-ri59n4uTB6pFdWxg8b8LeOZuoSXe0dt4v9NYJS2P8eTvuuC8eGRbtq7NiLiMNb2iOr07muc0DvR5mmjJT3jrWjXhjLfgkMSbvacZV-SKhvS2YTSa_MUPrbHEBQPRhVGSe5j84du02F5GeaoM4YPfXDkB4NAiiXJ4hLIahOpvZdfgxPDLDw-M8x6sXSfVh_FXx2kXkLlY6YdCXwcMrHlGj3X3RybvEFe_3_OwV-BYq57VPannxGoDh9cLEjxN3xdlo3GVwhKehk4lH5x9HVdde7LDt44h_EBIpwb5MkFvRqH3TyciVLbIIsLflKKJpszv2ObpYdpVwUPJwkLxYoEyxNhOAR5mbvrHxUkb-qo1DVMRBk77CbaMp3DPAYCmlbteWvzOwwaJd3hn9KcdTqX4hgKMJYeBTEa9rGMiqfkFdKUhSpvLGbMj-4-ZXSayikSryvTlnUX687KcyGYjr-V4iM4H9MzUI6WlfdCzw6wY6SgFTjJIpaBPR7Ql4GwUEDdQHs7zkXGaPeHk5tu9yx_T0lrGBazP2lwAiocjkKYhUbPNSNZB7oYxH21DHihTkyvWnZ-GgFJKibl4d1wH-5UB8CeQqZ6QoiqK-BSDxECjknNGK7PrBLUzkBESlj-yO3zYDd2sjtKf3KOHGG5__3_HHbdjb1bICt_pR_WN6X.MZ2NUyZ0A0v5bG6KAUHUPA&state=authenticated

The local Windows Firewall is turned off.
I cant see anything listening on port 3017 with netstat

What am i doing wrong and how can i get it to work?
I am running version 13.0.6667.1
Reply
#2
Hi,

I'm not a specialist for Keyhub, but as far as I know the "lost" contact to the site is just a kind of beauty mistake. The authentication via browser is just needed to generate a token for syncing in ASG-RD and could be closed afterwards. The sync should take place after successfull login. The "localhost:3017....." page should only occur on successfull login. Have you checked if the sync was done ? I think my colleague could say more to this topic/correct me ;
Best regards,
Michael
-- michael.scholz@asg.com --
Reply
#3
Good to know it is a Visual thing but nothing had synced.
Reply
#4
Could you try to activate all scopes for the user who is accessing the API? Just for testing...

What is the message in ASGRD you get after pressing "Sync"? Sync successful or Error? Any details?
Regards/Gruss
Oliver
Reply
#5
I activated all scopes
Ran the sync again. Still same result
Logging in Visionapp:

Sync/import operation completed succesfully

   
Reply
#6
Difficult - there is no detailed logging...

If you login to Topicus using the same user - can you see records under the category "Vaults"? We have tested it with 2 users, and all Vaults are synced in our environment...
Regards/Gruss
Oliver
Reply
#7
(30-04-2020, 11:15 AM)DevOma Wrote: Difficult - there is no detailed logging...

If you login to Topicus using the same user - can you see records under the category "Vaults"? We have tested it with 2 users, and all Vaults are synced in our environment...
This is the current configuration:

                       

The UUID is correct, the groups are linked tot the vaults and the vaults have test users in them.
Reply
#8
I will have a look on it - will return on monday!
Regards/Gruss
Oliver
Reply
#9
Which version do you use - we have currently 15.0-1 - but I can see some settings in your screenshot that are not visible in our environment - so I guess you are using a newer version? Perhaps we need to upgrade our environment...
Regards/Gruss
Oliver
Reply
#10
we are using:

ASG-Remotedesktop 2020
Version: 13.0.6667.1
Reply
#11
Topicus Keyhub version?
Regards/Gruss
Oliver
Reply
#12
I've uploaded a small test program - there you can execute each step with a button (use it from left to right :-))

Just fill your ClientId and ClientSecret - then start with "GetAccount" - and have a look if always data is displayed - the login process is the same like in ASGRD - browser opens, if not authenticated please login, ...

Hope we can see when no data is coming back - first step should fill the field "AccountId" - if filled you can get a list of Vaults for that AccountId... Same happens inside ASGRD...
Regards/Gruss
Oliver
Reply
#13
New upload here

https://d2l2g77p7dyozs.cloudfront.net/To...PITest.zip
Regards/Gruss
Oliver
Reply
#14
(05-05-2020, 09:36 AM)DevOma Wrote: Topicus Keyhub version?
We use [color=rgba(255, 255, 255, 0.4)]keyhub-16.0[/color]
Reply
#15
Yes we upgraded also our environment to 16 - and it works again- so I asked you to run my test program to see more details - did you run it?
Regards/Gruss
Oliver
Reply
#16
Sorry, found again a hardcoded server name in the test project - uploaded again

https://d2l2g77p7dyozs.cloudfront.net/TopicusTest.zip
Regards/Gruss
Oliver
Reply
#17
(06-05-2020, 09:03 AM)DevOma Wrote: Sorry, found again a hardcoded server name in the test project - uploaded again

https://d2l2g77p7dyozs.cloudfront.net/TopicusTest.zip

I get everything exept the Vault ID.
When i try "Get vault Password" i get an System.FormatException

   
   
Reply
#18
Sorry, didn't test all buttons - there was a typo in a string

https://d2l2g77p7dyozs.cloudfront.net/TopicusTest2.zip

If you get a list of vaults you should see the VaultId in the Textbox below - copy one VaultId into the TextField on the right before pressing Get Vault Password - and of course use the new version I've uploaded :-)
Regards/Gruss
Oliver
Reply
#19
I dont get the error anymore but also i dont get the Vault, same result as before
Reply
#20
So after pressing "Get Vaults" - do you get a list of your vaults like in Keyhub UI (like in my screenshot)? If so - did you copy and paste one of the VaultId's into the textfield and then press "Get vault password"?


Attached Files Thumbnail(s)
   
Regards/Gruss
Oliver
Reply




Users browsing this thread: 2 Guest(s)