Kinto-admin: Accounts auth form posts to server root endpoint

[n1k0]

Note: this is most probably a kinto-admin issue, though I'm posting a bug here for triage.

kinto.ini

[server:main]
use = egg:waitress#main
host = 0.0.0.0
port = %(http_port)s


[app:main]
use = egg:kinto

kinto.readonly = false
kinto.batch_max_requests = 25
kinto.paginate_by = 100

# Experimental JSON-schema on collection
# kinto.experimental_collection_schema_validation = false
#
# https://kinto.readthedocs.io/en/latest/configuration/settings.html#activating-the-permissions-endpoint
# kinto.experimental_permissions_endpoint = false

# kinto.trailing_slash_redirect_enabled = true
# kinto.heartbeat_timeout_seconds = 10

# Plugins
# https://kinto.readthedocs.io/en/latest/configuration/settings.html#plugins
# https://github.com/uralbash/awesome-pyramid
kinto.includes = kinto.plugins.default_bucket
                 kinto.plugins.admin
                 kinto.plugins.accounts

# Backends
# https://kinto.readthedocs.io/en/latest/configuration/settings.html#storage
#
kinto.storage_backend = kinto.core.storage.postgresql
kinto.storage_url = postgres://postgres:postgres@db/postgres
# kinto.storage_max_fetch_size = 10000
# kinto.storage_pool_size = 25
# kinto.storage_max_overflow = 5
# kinto.storage_pool_recycle = -1
# kinto.storage_pool_timeout = 30
# kinto.storage_max_backlog = -1

# Cache
# https://kinto.readthedocs.io/en/latest/configuration/settings.html#cache
#
kinto.cache_backend = kinto.core.cache.memory
kinto.cache_url =
# kinto.cache_prefix =
# kinto.cache_max_size_bytes = 524288
# kinto.cache_pool_size = 25
# kinto.cache_max_overflow = 5
# kinto.cache_pool_recycle = -1
# kinto.cache_pool_timeout = 30
# kinto.cache_max_backlog = -1

# kinto.cache_backend = kinto.core.cache.memcached
# kinto.cache_hosts = 127.0.0.1:11211

# Permissions.
# https://kinto.readthedocs.io/en/latest/configuration/settings.html#permissions
#
kinto.permission_backend = kinto.core.permission.memory
kinto.permission_url =
# kinto.permission_pool_size = 25
# kinto.permission_max_overflow = 5
# kinto.permission_pool_recycle = 1
# kinto.permission_pool_timeout = 30
# kinto.permission_max_backlog - 1
# https://kinto.readthedocs.io/en/latest/configuration/settings.html#bypass-permissions-with-configuration
# kinto.bucket_create_principals = system.Authenticated

# Authentication
# https://kinto.readthedocs.io/en/latest/configuration/settings.html#authentication
#
kinto.userid_hmac_secret = dacfdf5fd86c5a9ef41f5d571b3923e6e471f98443b8561a76ca983b49cdc357

# Kinto-portier authentication
# https://github.com/Kinto/kinto-portier
# multiauth.policies = portier
# multiauth.policy.portier.use = kinto_portier.authentication.PortierOAuthAuthenticationPolicy
# kinto.portier.broker_url = https://broker.portier.io
# kinto.portier.webapp.authorized_domains = localhost:8888
#                                           localhost:3000
#                                           *.allo-media.net
#                                           *.github.io

# kinto.portier.cache_ttl_seconds = 300
# kinto.portier.state.ttl_seconds = 3600

# Accounts API configuration
# https://kinto.readthedocs.io//en/stable/api/1.x/accounts.html
multiauth.policies = account
multiauth.policy.account.use = kinto.plugins.accounts.authentication.AccountsAuthenticationPolicy
# Allow anyone to create accounts.
kinto.account_create_principals = system.Everyone
# Set user 'account:admin' as the administrator.
# kinto.account_write_principals = account:admin
# kinto.account_read_principals = account:admin

# Notifications
# https://kinto.readthedocs.io/en/latest/configuration/settings.html#notifications
#
# Configuration example:
# kinto.event_listeners = redis
# kinto.event_listeners.redis.use = kinto_redis.listeners
# kinto.event_listeners.redis.url = redis://localhost:6379/0
# kinto.event_listeners.redis.pool_size = 5
# kinto.event_listeners.redis.listname = queue
# kinto.event_listeners.redis.actions = create
# kinto.event_listeners.redis.resources = bucket collection

# Production settings
#
# https://kinto.readthedocs.io/en/latest/configuration/production.html

# kinto.http_scheme = https
# kinto.http_host = kinto.services.mozilla.com

# Cross Origin Requests
# https://kinto.readthedocs.io/en/latest/configuration/settings.html#cross-origin-requests-cors
#
# kinto.cors_origins = *

# Backoff indicators/end of service
# https://kinto.readthedocs.io/en/latest/configuration/settings.html#backoff-indicators
# https://kinto.readthedocs.io/en/latest/api/1.x/backoff.html#id1
#
# kinto.backoff =
# kinto.backoff_percentage =
# kinto.retry_after_seconds = 3
# kinto.eos =
# kinto.eos_message =
# kinto.eos_url =

# Project information
# https://kinto.readthedocs.io/en/latest/configuration/settings.html#project-information
#
# kinto.version_json_path = ./version.json
# kinto.error_info_link = https://github.com/kinto/kinto/issues/
# kinto.project_docs = https://kinto.readthedocs.io
# kinto.project_version =
# kinto.version_prefix_redirect_enabled = true

# Application profilling
# https://kinto.readthedocs.io/en/latest/configuration/settings.html#application-profiling
# kinto.profiler_enabled = true
# kinto.profiler_dir = /tmp/profiling

# Client cache headers
# https://kinto.readthedocs.io/en/latest/configuration/settings.html#client-caching
#
# Every bucket objects objects and list
# kinto.bucket_cache_expires_seconds = 3600
#
# Every collection objects and list of every buckets
# kinto.collection_cache_expires_seconds = 3600
#
# Every group objects and list of every buckets
# kinto.group_cache_expires_seconds = 3600
#
# Every records objects and list of every collections
# kinto.record_cache_expires_seconds = 3600
#
# Records in a specific bucket
# kinto.blog_record_cache_expires_seconds = 3600
#
# Records in a specific collection in a specific bucket
# kinto.blog_article_record_cache_expires_seconds = 3600

# Custom ID generator for POST Requests
# https://kinto.readthedocs.io/en/latest/tutorials/custom-id-generator.html#tutorial-id-generator
#
# Default generator
# kinto.bucket_id_generator=kinto.views.NameGenerator
# Custom example
# kinto.collection_id_generator = name_generator.CollectionGenerator
# kinto.group_id_generator = name_generator.GroupGenerator
# kinto.record_id_generator = name_generator.RecordGenerator

# Enabling or disabling endpoints
# https://kinto.readthedocs.io/en/latest/configuration/settings.html#enabling-or-disabling-endpoints
#
# This is a rather confusing setting due to naming conventions used in kinto.core
# For a more in depth explanation, refer to https://github.com/Kinto/kinto/issues/710
# kinto.endpoint_type_resource_name_method_enabled = false
# Where:
# endpoint_type: is either ``collection`` (plural, e.g. ``/buckets``) or ``record`` (single, e.g. ``/buckets/abc``);
# resource_name: is the name of the resource (e.g. ``bucket``, ``group``, ``collection``, ``record``);
# method: is the http method (in lower case) (e.g. ``get``, ``post``, ``put``, ``patch``, ``delete``).
# For example, to disable the POST on the list of buckets and DELETE on single records
# kinto.collection_bucket_post_enabled = false
# kinto.record_record_delete_enabled = false

# [uwsgi]
# wsgi-file = app.wsgi
# enable-threads = true
# socket = /var/run/uwsgi/kinto.sock
# chmod-socket = 666
# processes =  3
# master = true
# module = kinto
# harakiri = 120
# uid = kinto
# gid = kinto
# virtualenv = .venv
# lazy = true
# lazy-apps = true
# single-interpreter = true
# buffer-size = 65535
# post-buffering = 65535
# plugin = python

# Logging and Monitoring
#
# https://kinto.readthedocs.io/en/latest/configuration/settings.html#logging-and-monitoring
# kinto.statsd_backend = kinto.core.statsd
# kinto.statsd_prefix = kinto
# kinto.statsd_url =

# kinto.newrelic_config =
# kinto.newrelic_env = dev

# Logging configuration

[loggers]
keys = root, kinto

[handlers]
keys = console

[formatters]
keys = color

[logger_root]
level = INFO
handlers = console

[logger_kinto]
level = DEBUG
handlers = console
qualname = kinto

[handler_console]
class = StreamHandler
args = (sys.stderr,)
level = NOTSET
formatter = color

[formatter_color]
class = logging_color_formatter.ColorFormatter

Loading the admin, I can pick the Accounts auth policy. When submitting credentials, the only network activity I'm seeing is an HTTP GET request sent to the server root endpoint:

What did I do wrong?

[leplatrem]

Hmm, I don't reproduce this on the dev server. https://kinto.dev.mozaws.net/v1/admin/

Any error in the console?

[n1k0]

First thing, https://kinto.dev.mozaws.net/v1/admin/ is not reachable to me atm:

➜  ~ curl -I https://kinto.dev.mozaws.net/v1/admin/
HTTP/1.1 503 Service Unavailable: Back-end server is at capacity
Connection: keep-alive

And I'm using the latest Kinto docker image, as described in Kinto/kinto-portier#10, with the kinto.ini from the issue description. To reproduce, it's probably a good idea to setup kinto locally?

[n1k0]

Any error in the console?

Yes:

Full log:

index.js:150 Error compiling schema, function code: var refVal1 = refVal[1]; var validate =  (function  (data, dataPath, parentData, parentDataProperty, rootData) { 'use strict';  var vErrors = null;  var errors = 0;            var errs_1 = errors;    var errs_2 = errors; if ((typeof data !== "number" || (data % 1) || data !== data)) {  var err =  { keyword: 'type' , dataPath: (dataPath || '') + "" , schemaPath: '#/definitions/nonNegativeInteger/type' , params: { type: 'integer' }  , message: 'should be integer'  } ;  if (vErrors === null) vErrors = [err]; else vErrors.push(err); errors++;  }  if (typeof data === "number") {    if (  data < 0 || data !== data) {  var err =  { keyword: 'minimum' , dataPath: (dataPath || '') + "" , schemaPath: '#/definitions/nonNegativeInteger/minimum' , params: { comparison: '>=', limit: 0, exclusive: false }  , message: 'should be >= 0' } ;  if (vErrors === null) vErrors = [err]; else vErrors.push(err); errors++;  }   }  var valid2 = errors === errs_2;   var valid1 = errors === errs_1;   validate.errors = vErrors;  return errors === 0;        }); return validate;
w @ index.js:150
n @ resolve.js:54
S @ index.js:190
e.exports @ ref.js:21
e.exports @ validate.js:271
e.exports @ properties.js:204
e.exports @ validate.js:347
w @ index.js:87
n @ index.js:56
v @ ajv.js:358
c @ ajv.js:214
l @ ajv.js:198
u @ ajv.js:172
m @ ajv.js:317
o @ ajv.js:97
c @ validate.js:197
e @ Form.js:175
(anonymous) @ Form.js:90
r.onSubmit @ Form.js:103
n @ ReactErrorUtils.js:24
i @ EventPluginUtils.js:83
s @ EventPluginUtils.js:106
p @ EventPluginHub.js:41
m @ EventPluginHub.js:52
r @ forEachAccumulated.js:22
processEventQueue @ EventPluginHub.js:252
n @ ReactEventEmitterMixin.js:15
handleTopLevel @ ReactEventEmitterMixin.js:25
a @ ReactEventListener.js:70
perform @ Transaction.js:141
batchedUpdates @ ReactDefaultBatchingStrategy.js:60
a @ ReactUpdates.js:95
dispatchEvent @ ReactEventListener.js:145
notifications.js:80 {message: "Could not authenticate with Kinto Account Auth"}message: "Could not authenticate with Kinto Account Auth"__proto__: Object
s @ notifications.js:80
(anonymous) @ session.js:195
n @ runtime.js:62
(anonymous) @ runtime.js:296
e.(anonymous function) @ runtime.js:114
l @ proc.js:313
r @ proc.js:389
g @ proc.js:357
e.cont @ proc.js:110
l @ proc.js:323
r @ proc.js:389
(anonymous) @ proc.js:500
r @ scheduler.js:25
i @ scheduler.js:66
n @ scheduler.js:39
x @ proc.js:487
_ @ proc.js:436
l @ proc.js:317
r @ proc.js:389
Promise.then (async)
E @ proc.js:451
C @ proc.js:518
_ @ proc.js:436
l @ proc.js:317
s @ proc.js:272
w @ proc.js:457
C @ proc.js:518
_ @ proc.js:436
l @ proc.js:317
s @ proc.js:272
k @ proc.js:555
_ @ proc.js:436
l @ proc.js:317
r @ proc.js:389
i @ proc.js:467
t @ channel.js:85
(anonymous) @ channel.js:173
(anonymous) @ channel.js:198
r @ scheduler.js:25
i @ scheduler.js:66
n @ scheduler.js:39
(anonymous) @ channel.js:197
t @ channel.js:38
(anonymous) @ middleware.js:73
(anonymous) @ bindActionCreators.js:7
L.onSubmit @ AuthForm.js:609
r.onSubmit @ Form.js:112
n @ ReactErrorUtils.js:24
i @ EventPluginUtils.js:83
s @ EventPluginUtils.js:106
p @ EventPluginHub.js:41
m @ EventPluginHub.js:52
r @ forEachAccumulated.js:22
processEventQueue @ EventPluginHub.js:252
n @ ReactEventEmitterMixin.js:15
handleTopLevel @ ReactEventEmitterMixin.js:25
a @ ReactEventListener.js:70
perform @ Transaction.js:141
batchedUpdates @ ReactDefaultBatchingStrategy.js:60
a @ ReactUpdates.js:95
dispatchEvent @ ReactEventListener.js:145

[leplatrem]

Now that I spent some time on the kinto-admin code, I can get back of this issue :)

The fact that the auth form posts to the root URL is expected: we use the root URL response to check if the user field is present.

As for the Error compiling schema error, I'll reopen the issue on the kinto-admin repo if it pops up again.

I'll close this ;)