Support Questions
Find answers, ask questions, and share your expertise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Advanced Search
Announcements
Alert: Welcome to the Unified Cloudera Community. Former HCC members be sure to read and learn how to activate your account here.

Authenticate using nifi api to azure ad

Highlighted

Authenticate using nifi api to azure ad

Labels:
mmazerolle
Explorer

Created ‎04-08-2019 08:16 PM

Hi all,

I am trying to authenticate to NiFi using the api and curl. I understand the concept (I've traced it using Chrome) :

I curl the "https://myhost:8443/nifi-api/access/oidc/request" using the command :

curl -v 'https://mynifiserver.mydomain.com:8443/nifi-api/access/oidc/request' \
     -X GET \
     -H 'Connection: keep-alive' \
     -H 'Referer: https://mynifiserver.mydomain.com:8443/nifi-api/'; \
     -H 'Accept-Encoding: gzip, deflate, br' \
     -H 'Accept-Language: fr-FR,fr;q=0.9,en-US;q=0.8,en;q=0.7' \
     --compress --insecure \
     -L -j -c cookies.jar.txt \
     > curl.request.txt

Since I've traced the request I can see that :

  • The nifi-api endpoint gets called which sets the cookie "oidc-request-identifier" correctly
  • https://login.microsoftonline.com/... gets called properly with a "redirect_uri" properly set to my servers "callback" endpoint.

Unfortunately, the resulting output of the command "curl.request.txt" contains an HTML page returned by the microsoft site but the callback never gets executed. I suspect that the HTML contains a Javascript that would eventually redirect to the callback but since it's not being done I can't execute the subsequent "exchange" or any other api call to extract my token to continue.

Where did I go wrong ?


Reply
158 Views
0 Kudos
Don't have an account?
Register
Coming from Hortonworks? Activate your account here