test_rest_gateway_docker_compose.sh with hard coded JWT secret: Token validation error: token signature is invalid: signature is invalid #2127
Description
Describe the bug
Running test_rest_gateway_docker_compose.sh against a rest_gateway container with a JWT_SECRET set other than
default-secret-key, most tests fail. Make sure tests respect JWT_SECRET environment variable if set:
To Reproduce
Steps to reproduce the behavior:
Result with JWT_SECRET set in environment (value: my-jwt-secret):
Testing OpenCue REST Gateway with Docker Compose
=================================================
Checking Docker Compose services...
NAME IMAGE COMMAND SERVICE CREATED STATUS PORTS
Generating JWT token...
JWT token generated (length: 124)
Testing REST Gateway endpoints...
================================
1. Testing GetShows...
GetShows: FAILED
Response: Token validation error: token signature is invalid: signature is invalid
2. Testing GetJobs...
GetJobs: FAILED
Response: Token validation error: token signature is invalid: signature is invalid
3. Testing GetHosts...
GetHosts: FAILED
Response: Token validation error: token signature is invalid: signature is invalid
4. Testing FindShow...
FindShow: FAILED
Response: Token validation error: token signature is invalid: signature is invalid
5. Testing Frame Interface...
5a. GetFrame (will fail if no frame ID provided, but tests endpoint):
GetFrame: SUCCESS (endpoint accessible)
Token validation error: token signature is invalid: signature is invalid
...
6. Testing Layer Interface...
6a. GetLayer (will fail if no layer ID provided, but tests endpoint):
GetLayer: SUCCESS (endpoint accessible)
Token validation error: token signature is invalid: signature is invalid
...
7. Testing Group Interface...
7a. FindGroup:
FindGroup: SUCCESS (endpoint accessible)
Token validation error: token signature is invalid: signature is invalid
8. Testing Owner Interface...
8a. GetOwner:
GetOwner: SUCCESS (endpoint accessible)
Token validation error: token signature is invalid: signature is invalid
9. Testing Proc Interface...
9a. GetProc:
GetProc: SUCCESS (endpoint accessible)
Token validation error: token signature is invalid: signature is invalid
...
10. Testing Deed Interface...
10a. GetOwner (deed):
DeedInterface.GetOwner: SUCCESS (endpoint accessible)
Token validation error: token signature is invalid: signature is invalid
...
11. Testing Additional Job Interface Methods...
11a. FindJob:
FindJob: SUCCESS (endpoint accessible)
Token validation error: token signature is invalid: signature is invalid
12. Testing Additional Show Interface Methods...
12a. CreateShow (will likely fail due to permissions, but tests endpoint):
CreateShow: SUCCESS (endpoint accessible)
Token validation error: token signature is invalid: signature is invalid
...
13. Testing REST Gateway Status...
REST Gateway Response Status: Token validation error: token signature is invalid: signature is invalid
HTTP Status: 401
Testing Complete!
=================
Tested Interfaces and Available Endpoints:
- Show Interface: GetShows , FindShow , CreateShow
- Job Interface: GetJobs , FindJob , GetFrames, Kill, Pause, Resume
- Frame Interface: GetFrame , Retry, Kill, Eat
- Layer Interface: GetLayer , FindLayer, GetFrames, Kill
- Group Interface: FindGroup , GetGroup, SetMinCores, SetMaxCores
- Host Interface: GetHosts , FindHost, GetHost, Lock, Unlock
- Owner Interface: GetOwner , SetMaxCores, TakeOwnership
- Proc Interface: GetProc , Kill, Unbook
- Deed Interface: GetOwner , GetHost
Note: indicates endpoints tested in this script
Other endpoints are available but not tested here
REST Gateway URL: http://localhost:8448
JWT Token (valid for 1 hour): eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoidGVzdCIsImV4cCI6MTc2NjI0MDAzMH0.A94hwpDsffM0KRMaUcigHUamaeAOLrzk6HG_15C8y4s
Example usage:
curl -H "Authorization: Bearer $JWT_TOKEN" \
-H "Content-Type: application/json" \
-X POST "http://localhost:8448/<interface>.<InterfaceName>/<MethodName>" \
-d '{"param": "value"}'
Expected behavior
Test script uses JWT_SECRET from environment if set. If not, use default secret.