I am trying to use the Ruby gem (https://rubygems.org/gems/ory-kratos-client) to connect to a local instance of Kratos. I am trying to send a simple GET request to http://127.0.0.1:4455/.ory/kratos/public/self-service/browser/flows/requests/login to get the login schema. However, I always get the following error:
Exception when calling AdminApi->create_identity: Error message: the server returns an error
HTTP status code: 403
Response headers: {"Content-Type"=>"application/json", "Set-Cookie"=>"csrf_token=Ulbbq9iPA05um0bQnME38D9+XFIF8dk4+ikjoBD+qYc=; Path=/.ory/kratos/public/; Domain=127.0.0.1; Max-Age=31536000; HttpOnly", "Vary"=>"Cookie", "Date"=>"Fri, 27 Mar 2020 19:28:39 GMT", "Content-Length"=>"410"}
Response body: {"error":{"code":403,"status":"Forbidden","reason":"A request failed due to a missing or invalid csrf_token value.","debug":"Unable to locate the resource","message":"The requested action was forbidden"}}
{"error":{"code":403,"status":"Forbidden","reason":"A request failed due to a missing or invalid csrf_token value.","debug":"Unable to locate the resource","message":"The requested action was forbidden"}}
Ruby Code:
require 'ory-kratos-client'
OryHydraClient.configure do |config|
config.host = '127.0.0.1:4455'
config.base_path = '/.ory/kratos/public'
end
api_instance = OryHydraClient::AdminApi.new
begin
#Create an identity
result = result = api_instance.get_self_service_browser_login_request('4935580A-C2D6-4E5E-9E6D-9234B15C9AD7')
p result
rescue OryHydraClient::ApiError => e
puts "Exception when calling AdminApi->create_identity: #{e}"
end
Here is my docker-compose config:
services:
kratos-migrate:
image: oryd/kratos:latest
environment:
- DSN=postgres://kratos:[email protected]:5432/kratos?sslmode=disable
volumes:
-
type: bind
source: ./kratos
target: /etc/config/kratos
command:
-c /etc/config/kratos/.kratos.yml migrate sql -e --yes
restart: on-failure
networks:
- intranet
kratos-selfservice-ui-node:
image: oryd/kratos-selfservice-ui-node:latest
ports:
- "4435:4435"
environment:
- PORT=4435
- KRATOS_PUBLIC_URL=http://kratos:4433/
- KRATOS_ADMIN_URL=http://kratos:4434/
- KRATOS_BROWSER_URL=http://127.0.0.1:4455/.ory/kratos/public
- JWKS_URL=http://oathkeeper:4456/.well-known/jwks.json
networks:
- intranet
restart: on-failure
oathkeeper:
image: oryd/oathkeeper:v0.35.5-beta.1
depends_on:
- kratos
ports:
- "4455:4455"
- "4456:4456"
command:
serve proxy -c "/etc/config/oathkeeper/.oathkeeper.yml"
environment:
- LOG_LEVEL=debug
restart: on-failure
networks:
- intranet
volumes:
-
type: bind
source: ./oathkeeper
target: /etc/config/oathkeeper
kratos:
image: oryd/kratos:latest
depends_on:
- kratos-migrate
ports:
- "4433:4433" # public
- "4434:4434" # admin
environment:
- DSN=postgres://kratos:[email protected]:5432/kratos?sslmode=disable
command:
serve -c /etc/config/kratos/.kratos.yml --dev
restart: unless-stopped
volumes:
-
type: bind
source: ./kratos
target: /etc/config/kratos
networks:
- intranet
mailslurper:
image: oryd/mailslurper:latest-smtps
ports:
- "4436:4436"
- "4437:4437"
networks:
- intranet
networks:
intranet:
All other configuration files such as .oathkeeper.yml and .kratos.yml are set to the quickstart defaults. I have also attempted to use Postman and I get the same error.
