Re: Error to make a Request to update password in UAA


Filip Hanik
 

If your `access_token` value is

1. a client_credentials grant - the `oldPassword` field is not evaluated
and can be omitted
OR
2. it's a user token, with the scope of `uaa.admin` and the admin is trying
to change password for another user - the `oldPassword` field is not
evaluated and can be omitted

We will update the documentation to reflect these two use cases.
https://github.com/cloudfoundry/uaa/blob/feature/fix_saml_metadata_validation/scim/src/main/java/org/cloudfoundry/identity/uaa/password/PasswordChangeEndpoint.java#L124-L158


On Wed, Oct 28, 2015 at 9:43 AM, Juan Antonio BreƱa Moral <
bren(a)juanantonio.info> wrote:

Hi,

Using UAA API, it is possible to create users without password. Later if
you need to update the password what is the right request to make the
process? Current documentation is not very clear:


https://github.com/cloudfoundry/uaa/blob/master/docs/UAA-APIs.rst#create-a-user-post-users

The document has al ink for a section to udpate password but it was
removed:
http://www.simplecloud.info/specs/draft-scim-api-01.html#change-password

Using the documentation, the request throws an Error:

uaa_options = {
"schemas":["urn:scim:schemas:core:1.0"],
"password": "abc123456",
"oldPassword": "oldpassword"
}

return CloudFoundryUsersUAA.updatePassword(token_type, access_token,
uaa_guid, uaa_options);

UsersUAA.prototype.updatePassword = function (token_type, access_token,
uaa_guid, uaa_options) {
"use strict";

var url = this.UAA_API_URL + "/Users/" + uaa_guid + "/password";
var options = {
method: 'PUT',
url: url,
headers: {
Accept: 'application/json',
Authorization: token_type + ' ' + access_token
},
json: uaa_options
};

return this.REST.request(options, "200", false);
};

Error:

Error: the string "<html><head><title>Apache Tomcat/7.0.55 - Error
report</
title><style><!--H1
{font-family:Tahoma,Arial,sans-serif;color:white;background-
color:#525D76;font-size:22px;} H2
{font-family:Tahoma,Arial,sans-serif;color:whi
te;background-color:#525D76;font-size:16px;} H3
{font-family:Tahoma,Arial,sans-s
erif;color:white;background-color:#525D76;font-size:14px;} BODY
{font-family:Tah
oma,Arial,sans-serif;color:black;background-color:white;} B
{font-family:Tahoma,
Arial,sans-serif;color:white;background-color:#525D76;} P
{font-family:Tahoma,Ar
ial,sans-serif;background:white;color:black;font-size:12px;}A {color :
black;}A.
name {color : black;}HR {color : #525D76;}--></style>
</head><body><h1>HTTP Stat
us 400 - </h1><HR size=\"1\" noshade=\"noshade\"><p><b>type</b> Status
report</p
<p><b>message</b> <u></u></p><p><b>description</b> <u>The request sent by
the c
lient was syntactically incorrect.</u></p><HR size=\"1\"
noshade=\"noshade\"><h3
Apache Tomcat/7.0.55</h3></body></html>" was thrown, throw an Error :)
Note: it is possible to create an user in UAA with a password in the first
operation, but the documenation is not clear in this point.

var uaa_options = {
"schemas":["urn:scim:schemas:core:1.0"],
"userName":username,
"emails":[
{
"value":"demo(a)example.com",
"type":"work"
}
],
"password": "123456",
};

Usage with CF CLI: cf login -a https://apiMY_IP.xip.io -u userXXX -p
123456 --skip-ssl-validation

Any help to update passwords?

Juan Antonio

Join cf-dev@lists.cloudfoundry.org to automatically receive all group messages.