401 UNAUTHORIZED

[AlyabyevSergey]

I've been struggling all day, I can't figure out why it doesn't work:

` $authUrl = 'https://cs.advanced.host/v3/';
$region = 'EU';
$username = 'XXXXXX';
$password = 'XXXXXXXX';
$project = 'XXXXX';

    $openstack = new OpenStack([
        'authUrl' => $authUrl,
        'region'  => $region,
        'user'             => [
            'name'     => $username,
            'password' => $password,
            'domain'   => ['name' => 'default', 'id' => 'default'],
        ],

        'scope'   => ['project' => ['id' => $project]],

    ]);

    $service = $openstack->objectStoreV1();`

return:

The remote server returned a "401 UNAUTHORIZED" error for the following transaction:

Request

POST /v3/auth/tokens HTTP/1.1
User-Agent: GuzzleHttp/7
Content-Type: application/json
Host: cs.advanced.host

Response

HTTP/1.1 401 UNAUTHORIZED
Server: nginx/1.24.0
Date: Mon, 01 Jul 2024 09:41:49 GMT
Content-Type: application/json
Content-Length: 109
Connection: keep-alive
WWW-Authenticate: Keystone uri="https://cs.advanced.host/v3"
Vary: X-Auth-Token
x-openstack-request-id: req-64cbc751-0cf0-4351-a48e-18d625303995
Access-Control-Allow-Methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
Access-Control-Allow-Headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token

{"error":{"code":401,"message":"The request you have made requires authentication.","title":"Unauthorized"}}

what to do?

[k0ka]

Most probably, you have wrong login, password or domain. Here is an example curl to check authentication:

curl -X POST -H "Content-Type: application/json" -d '{"auth":{"identity":{"methods":["password"],"password":{"user":{"name":"demo", "password":"secret", "domain":{"name":"default"}}}}}}' http://localhost/identity/v3/auth/tokens

[AlyabyevSergey]

I checked. Returned {"token": {"methods": ["password"], "user": {"domain": {"id": "default", "name": "Default"}, "id": ". ........
it's all ok

[k0ka]

You can set debug flags to get full query and response:

use GuzzleHttp\MessageFormatter;
use OpenStack\Sample\DefaultLogger;

        $openstack = new OpenStack([
            'authUrl' => 'http://localhost/identity/v3/',
            'region' => 'RegionOne',
            'user' => [
                'name'     => 'demo',
                'password' => 'secret2',
                'domain'   => [
                    'id' => 'default'
                ],
            ],
            'debugLog'         => true,
            'logger'           => new DefaultLogger(),
            'messageFormatter' => new MessageFormatter(MessageFormatter::DEBUG),
        ]);

        $openstack->objectStoreV1();

[AlyabyevSergey]

$logger = new Logger('openstack');
$logger->pushHandler(new StreamHandler('your.log', Logger::DEBUG));

    $authUrl = 'https://cs.advanced.host/v3/';
    $region = 'EU';
    $username = 'demo';
    $password = 'pass';
    $project = 'project_id';

    $openstack = new OpenStack([
        'authUrl' => $authUrl,
        'region'  => $region,
        'user'             => [
            'name'     => $username,
            'password' => $password,
            'domain'   => ['name' => 'default', 'id' => 'default'],
        ],

        'scope'   => ['project' => ['id' => $project]],

        'debugLog'         => true,
        'logger'           => $logger,
        'messageFormatter' => new MessageFormatter(MessageFormatter::DEBUG),

    ]);

    $service = $openstack->objectStoreV1();

Log:

[2024-07-01T16:31:28.106123+03:00] openstack.INFO: >>>>>>>> POST /v3/auth/tokens HTTP/1.1 Content-Length: 201 User-Agent: GuzzleHttp/7 Content-Type: application/json Host: cs.advanced.host {"auth":{"identity":{"password":{"user":{"name":"demo","password":"pass","domain":{"name":"default","id":"default"}}},"methods":["password"]},"scope":{"project":{"id":"project_id"}}}} <<<<<<<< HTTP/1.1 401 UNAUTHORIZED Server: nginx/1.24.0 Date: Mon, 01 Jul 2024 13:31:28 GMT Content-Type: application/json Content-Length: 109 Connection: keep-alive WWW-Authenticate: Keystone uri="https://cs.advanced.host/v3" Vary: X-Auth-Token x-openstack-request-id: req-ccaa7ea4-8ed1-4701-94cc-b7a006610f5e Access-Control-Allow-Methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS Access-Control-Allow-Headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Subject-Token {"error":{"code":401,"message":"The request you have made requires authentication.","title":"Unauthorized"}} -------- NULL [] []

[k0ka]

1. you should specify either name or id of the domain, not both.
2. you can omit scope
3. you might try to run the very same query via curl. The library is only sends the logged query.