cat-users AT lists.geant.org
Subject: The mailing list for users of the eduroam Configuration Assistant Tool (CAT)
List archive
- From: Stefan Winter <stefan.winter AT restena.lu>
- To: Martin Božič <martin.bozic AT arnes.si>
- Cc: cat-users AT lists.geant.org
- Subject: Re: [[cat-users]] API broken after upgrade of cat.eduroam.org to 2.0
- Date: Fri, 5 Oct 2018 09:52:51 +0200
- Autocrypt: addr=stefan.winter AT restena.lu; prefer-encrypt=mutual; keydata= xsFNBFIplEwBEADTSz+DS8nio+RSvfSLLfaOnCGi1nqpn8Pb1laVUyEvnAAzZ5jemiS88Gxf iDH6hUGlWzcaW0hCfUHGiohr485adbjxRksPngWgAt/1bRxpifsW3zObFjgog01WWQV5Sihl wc4zr8zvYbFA5BJZ6YdkR9C5J015riv5OS30WTjA65SSXgYrb7zJWPwmegTFwE093uBFvC39 waz3xYpVu5j87nO6w2MVQt/8sY2/2BFPEq+xfOajl18UEwc7w8SCgnZdlVNcmEK4UBvJuwS/ 1lsR2JeQa8Gu1EDxC7PRgMgNXsDSWnnBe9aVmfG54+6ILe1QH2dwk9sPBQT5w2+vjijrb3Dv 9ur+1kN+TNU2XE436jVpnnY/3OsLdix30STQn4Q/XOm7YoVMeDwwviefilRxzK0dXA+wKj92 T68Od82CFxuZqPAgBCVmWfQM91iK9piqFK+QP+R3vF6+NGDBdwbe68iVKs0v5L8XmbxBQndj pmo+lo2asmBR2TAIfZHaKdgtBw13u3GPVVKlg/Mpko8ki9JOSem2aFyi3kQEVKptWgXT3POl 97DWJzsR5VyKz6GOx9kJAEISRyLZwm0wqh8+9LCza5oeIKW381lzq1b9x30vOh8CBSQQJ+cG 9ko0yPHAj7Suw2TmPXx1qMctmE6Ahq82ZW30SljdZby8WQuR2wARAQABzTxTdGVmYW4gV2lu dGVyIChSRVNURU5BIGtleSAyMDEzKykgPHN0ZWZhbi53aW50ZXJAcmVzdGVuYS5sdT7CwXkE EwECACMFAlIplEwCGwMHCwkIBwMCAQYVCAIJCgsEFgIDAQIeAQIXgAAKCRDA3mo1ijncZj7/ D/99hVS+mJr8dSPCaDaUFFxBiT2eI1LoR8VKEerTCRw5BsdL6pN2eRJZ9NmsqWo1ynWVHEzO 91bNZ+oZGgyoNohcBAI7p+r0qUTzkyqwdZO4kMm0pqKoM9xkP3tf2mjGujKjOz4Y7S7wnz2Z FokeUsecoRVJF/++/qHnmeWLn44J1HUKLHYCjMu+QXGOgGXgz024jQ5eUrnPwzNp0Z90AFVH lWC+bymty/ToIUUCQqS5Ff0jzdWLd8U695OG9iGvjBQT1LdEjsfbAwuKV5UcnpxNqUpUwKa5 9hdX5/2cMZP07FI1UXwnBlxa8rJfdb13FLjSKX4vUUHedYUZMjMPgcwl1a+zGE22lHiSQWgP 8QLA/W3BLsi22ERCEPZBfexOeOtaWIItDIz18fIaQoMDoRPshzar0JI2CzLYsyeKySAtYJEH FVoLmMvhkwzBmgqA/BEswUA67CfCr1jFHRXdpmWM7YkyAmMa9q6LwquWKS5+MXlUXe/3oZUc gpw/T9Uuy3Jo3RdS7B3jFcWaVr6KsO/A9u1gr/aYn5M+iJTQSj4vzqtkQaJTpSspRZoKa66H Zt3IwSYiDiYZqtM83ynuj9kjnZzGfnuTaNIi996q6Mptr33mOzIE1wmMqnJYwTr3EcNtf483 q/qrJwh5ES8Q9xY7aat/ZcSl8fKubW4TlfVr8c7BTQRSKZRMARAAvBPpn7FQq7LQ5glohtbL 6XIEo1U4X67S0TzUYieENSWSVYuWYIhCBldmWdmH8Bpj/qHeqdon7v+SLtR4WngzMR9toupK cFfHnbP9kpazTSB2ySHxXWGX1gJOpPXdCcg9iveKBHEsDn00ThTcPsvtXpnnzET16pXIvOXO 0bxTmVZ4INIF1SWgvYma/g8kBbgXLpkj8tOywBqFiiYPEZlDeCxDHiMgUDh6olda9K/0TZFT dMPUgjKuubfAeaDNCOrVt4RjmFOaRLikcZocmgJhm3z/j25x7/mnNu+0di1H/S67YGQJ+pqC FInzIXDx7aRW2+JCiqsY2X3xOPWZZzjyis5SNnfOcPH3gt2hYz1fy+thsBGf4NgCN01JRqIJ 2/MOQCgUdwh+9l8xqaJvCkUHM4hVh4W62MAe1u7UEqQbvvNEqxM5034vcvlE+/LRkrDCspw+ 2YJ9QyroLerVRwW5DVleP8Ifi8VB3yD80nqXYs9aqRy0BkDNIQ43ERhESMt8dJqrNkxgC6pe mZrhNwyDh+hy2kPNGQh/iBpdKuH1o3E24TIZoV2v3YHvzob7aAYHddE/PofAXhJW7I9mAs+H dWDmnI8ckuPDFpFH+Y/BFGvEXgcnJAJ1wEvf+4LuiIi0MHjR4EWFn9vvoFDAIqD10h3FSd3D 59HGtdSsNn4XaCsAEQEAAcLBXwQYAQIACQUCUimUTAIbDAAKCRDA3mo1ijncZhBtEACL036d djc5pFoYIdoUY1vT8SMXJNquewCnL1quDADzqDZFU5GNlQEy10krSfBwlTb9ahTtE0JFrOdZ wUZtoa1Pgfr8nU6KOgrXPHbNjS/9dyc5CwGVVIpOavIm2CsMVDJ9LCF/NT+u/t1k6eGfHhPV l3dUQyDa/lzc1chKUIVQYQkFmr0A/iXP+29lFCaI+IeyU0bSdZhezDwUROn5vEx+fiPZyHDS hCb+BxJv/o2LQp9JHenCiSbO+ioRZdxgbWfoKBuXOfmSStqMWXas/gZ5vS3xq72LNtKPRxgp jX3P8Zml1XDqpcBau7eK75VKE0Yd06YxnUIsbcEzInUc3uzW/u0DFpXYkMJb0XIvJyUt5yYP KfV13N8kSkPi5pLxm8yuftXMzfgeFMR7nafY3glTVj/TxElzg6xeZNqfC2ZjIbBtZg9ylHU8 u8wwB+dX282crs0R3N9A064C71/cXlBqcjzjlKH2NUIWGxr+od3TXFIFjszSU3NgMPKrWNhF LLwS81MpbkOe73s6aDhS8RDyNucoxtKXriLR+4Xiu4+pyj5ukYP1JqpB3ZobY/XZgCnJMye+ 7xeTpIDJ1LPORxM3NNAElyb26lxAK2P+km+EpI0Zzz6rNSCfg5jYQ474+e/GBgaSG4MlaPoZ +XAfN46u1Xjjv1/AkkA4IA6m5zP5og==
- Openpgp: id=AD3091F3AB24E05F4F722C03C0DE6A358A39DC66; url=http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66
Hello,
> Understood. Is there any possibility to apply compatibility hotfixes for
> admin API too while we prepare the rewrite on our end?
I'm sorry, that is not possible. The UserAPI had only mild changes,
mostly to remove a rather simple polymorphism in the parameters; a few
lines of code added compatiblity to the v1 API.
OTOH, the AdminAPI of version 1 was a terrible ad-hoc hack with really
ugly code. I was singing and dancing while I deleted that large chunk of
ugly code ;-) for a complete rewrite. There is no simple going back.
Greetings,
Stefan
>
> Regards,
> Martin
>
>>
>> Greetings,
>>
>> Stefan Winter
>>
>>>
>>> Martin
>>>
>>> On Thu, Oct 04, 2018 at 08:46:48PM +0200, Tomasz Wolniewicz wrote:
>>>> Hi,
>>>>
>>>> due to problems like yours I have applied some hot-fixes to the
>>>> API to
>>>> make it accept the previous syntax. Can you confirm that your problems
>>>> still exist?
>>>>
>>>> Tomasz
>>>>
>>>>
>>>> W dniu 04.10.2018 o 19:48, Martin Božič pisze:
>>>>> Hello!
>>>>>
>>>>> At Arnes we are having an urgent issue. We're in the middle of a
>>>>> massive
>>>>> Eduroam deployment in elementary and high schools and we're using
>>>>> cat.eduroam.org API in our home grown self-service provisoning portal
>>>>> which
>>>>> orchestrates the FreeRADIUS, LDAP and DHCP and CAT portal and profiles
>>>>> provisoning.
>>>>>
>>>>> It seems that that todays update of cat.eduroam.org API broke out
>>>>> provisioning system. This is what we've found out so far:
>>>>>
>>>>> - [just for context] on 3.10.2018 we've resolved an internal issue
>>>>> with on provisioning system with a simple workaround, and deployed
>>>>> on production
>>>>> in the late afternoon.
>>>>> - the last succesful provisoning by our system was completed yesterday
>>>>> morning (3.10.2018)
>>>>> - the error that we've got from debugging the self-service
>>>>> provisioning
>>>>> portal is the following:
>>>>>
>>>>> - API endpoint our portal is calling:
>>>>> https://cat.eduroam.org/admin/API.php
>>>>> - debug from example payload (note that this is Python output which
>>>>> is not
>>>>> in valid JSON format):
>>>>>
>>>>> {
>>>>> 'option[S90]': 'profile-api:eaptype',
>>>>> 'option[S3]': 'eap:ca_url',
>>>>> 'option[S1]': 'general:instname',
>>>>> 'value[S1-0]': u'OSNOVNA \u0160OLA MUTA',
>>>>> 'option[S5]': 'eap:server_name',
>>>>> 'value[S69-3]': 'on',
>>>>> 'option[S66]': 'profile:name',
>>>>> 'value[S4-0]': '',
>>>>> 'APIKEY': 'a******************f',
>>>>> 'NEWINST_PRIMARYADMIN': '',
>>>>> 'value[S4-lang]': 'C',
>>>>> 'ACTION': 'NEWINST',
>>>>> 'value[S90-0]': 1,
>>>>> 'option[S70]': 'profile-api:realm',
>>>>> 'option[S69]': 'profile:production',
>>>>> 'value[S66-0]': u'OSNOVNA \u0160OLA MUTA',
>>>>> 'option[S4]': 'support:email',
>>>>> 'value[S3-0]':
>>>>> 'ftp://ftp.arnes.si/software/eduroam/arnes_eduroam_ca_2012.pem',
>>>>> 'option[S72]': 'profile-api:anon',
>>>>> 'value[S67-1]': u'Profil za uporabnike organizacije: OSNOVNA
>>>>> \u0160OLA MUTA',
>>>>> 'option[S91]': 'profile-api:eaptype',
>>>>> 'option[S67]': 'profile:description',
>>>>> 'value[S70-0]': u'osmuta.si',
>>>>> 'value[S5-0]': 'orle.arnes.si',
>>>>> 'value[S71-3]': 'on',
>>>>> 'value[S91-0]': 2,
>>>>> 'value[S72-0]': u' AT osmuta.si',
>>>>> 'value[S66-lang]': 'C',
>>>>> 'option[S71]': 'profile-api:useanon',
>>>>> 'value[S1-lang]': 'C'
>>>>> }
>>>>>
>>>>> - response from cat.eduroam.org API:
>>>>>
>>>>> {
>>>>> "result": "ERROR",
>>>>> "details": {
>>>>> "errorcode": 8,
>>>>> "description": "Unable to decode JSON POST data."
>>>>> }
>>>>> }
>>>>>
>>>>> - our testing environment where we use API from
>>>>> https://cat-test.eduroam.org/branch/admin/API.php is doing fine.
>>>>>
>>>>>
>>>>> Unfortunately, since the hand-off from the original AAI/developer team
>>>>> that
>>>>> developed our portal somehow missed this detail on so strictly relying
>>>>> on cat.eduroam.org API, we weren't aware and ready of the coming CAT
>>>>> upgrade.
>>>>> That's why we're now in a showstopper situation and unable to meet our
>>>>> deployment deadline, thus jeopardizing the project. We can't afford to
>>>>> workaround with excluding the CAT from our provisioning system because
>>>>> it's actually a cornerstone of the rollout.
>>>>>
>>>>> We're asking for help or any information about API changes that could
>>>>> help us restore the service as soon as possible.
>>>>>
>>>>> Regards,
>>>>> Martin Božič
>>>>> To unsubscribe, send this message:
>>>>> mailto:sympa AT lists.geant.org?subject=unsubscribe%20cat-users
>>>>> Or use the following link:
>>>>> https://lists.geant.org/sympa/sigrequest/cat-users
>>>>
>>>> --
>>>> Tomasz Wolniewicz
>>>>
>>>> twoln AT umk.pl
>>>> http://www.home.umk.pl/~twoln
>>>>
>>>> Uczelniane Centrum Informatyczne Information&Communication
>>>> Technology Centre
>>>> Uniwersytet Mikolaja Kopernika Nicolaus Copernicus University,
>>>> pl. Rapackiego 1, Torun pl. Rapackiego 1, Torun, Poland
>>>> tel: +48-56-611-2750 fax: +48-56-622-1850 tel kom.:
>>>> +48-693-032-576
>>>>
>>> To unsubscribe, send this message:
>>> mailto:sympa AT lists.geant.org?subject=unsubscribe%20cat-users
>>> Or use the following link:
>>> https://lists.geant.org/sympa/sigrequest/cat-users
>>
>>
>> --
>> Stefan WINTER
>> Ingenieur de Recherche
>> Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
>> de la Recherche
>> 2, avenue de l'Université
>> L-4365 Esch-sur-Alzette
>>
>> Tel: +352 424409 1
>> Fax: +352 422473
>>
>> PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
>> recipient's key is known to me
>>
>> http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66
>
>> pub 4096R/8A39DC66 2013-09-06 Stefan Winter (RESTENA key 2013+)
>> <stefan.winter AT restena.lu>
>> sub 4096R/4EFEA2BE 2013-09-06
>
>
>
>
> To unsubscribe, send this message:
> mailto:sympa AT lists.geant.org?subject=unsubscribe%20cat-users
> Or use the following link:
> https://lists.geant.org/sympa/sigrequest/cat-users
--
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
de la Recherche
2, avenue de l'Université
L-4365 Esch-sur-Alzette
Tel: +352 424409 1
Fax: +352 422473
PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
recipient's key is known to me
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66
Attachment:
0xC0DE6A358A39DC66.asc
Description: application/pgp-keys
Attachment:
signature.asc
Description: OpenPGP digital signature
- [[cat-users]] API broken after upgrade of cat.eduroam.org to 2.0, Martin Božič, 10/04/2018
- Re: [[cat-users]] API broken after upgrade of cat.eduroam.org to 2.0, Zenon Mousmoulas, 10/04/2018
- Re: [[cat-users]] API broken after upgrade of cat.eduroam.org to 2.0, Stefan Winter, 10/05/2018
- Re: [[cat-users]] API broken after upgrade of cat.eduroam.org to 2.0, Tomasz Wolniewicz, 10/04/2018
- Re: [[cat-users]] API broken after upgrade of cat.eduroam.org to 2.0, Martin Božič, 10/05/2018
- Re: [[cat-users]] API broken after upgrade of cat.eduroam.org to 2.0, Stefan Winter, 10/05/2018
- Re: [[cat-users]] API broken after upgrade of cat.eduroam.org to 2.0, Martin Božič, 10/05/2018
- Re: [[cat-users]] API broken after upgrade of cat.eduroam.org to 2.0, Stefan Winter, 10/05/2018
- Re: [[cat-users]] API broken after upgrade of cat.eduroam.org to 2.0, Martin Božič, 10/05/2018
- Re: [[cat-users]] API broken after upgrade of cat.eduroam.org to 2.0, Stefan Winter, 10/05/2018
- Re: [[cat-users]] API broken after upgrade of cat.eduroam.org to 2.0, Martin Božič, 10/05/2018
- Re: [[cat-users]] API broken after upgrade of cat.eduroam.org to 2.0, Stefan Winter, 10/05/2018
- Re: [[cat-users]] API broken after upgrade of cat.eduroam.org to 2.0, Martin Božič, 10/05/2018
- Re: [[cat-users]] API broken after upgrade of cat.eduroam.org to 2.0, Stefan Winter, 10/05/2018
- Re: [[cat-users]] API broken after upgrade of cat.eduroam.org to 2.0, Martin Božič, 10/05/2018
- Re: [[cat-users]] API broken after upgrade of cat.eduroam.org to 2.0, Zenon Mousmoulas, 10/04/2018
Archive powered by MHonArc 2.6.19.