/logs end point has security disabled - great [curl] command examples

When trying to run the following commands, I was having issues, so I had to turn off logs, and add a token that is essentially handing out tokens, backdoors to the app

Note, I also have some code commented out that automatically disables this code based on env variable in production, but I commented it out to troubleshoot some stuff today

How did I find out logging was broken?

  • No logs were being written to logging-backend/logs repository
  • {"error":"Invalid issuer"} when trying to post a log entry using cmd prompt

identity-backend 

Post a log entry to logging-backend using the command prompt, Invalid Issuer error

C:\Users\saad0\Documents\source\logging-backend>curl -s -X POST https://aurorahours.com/identity-backend/token -d "code=46d5f045-6e12-4805-a8cd-b67018043c1f&client_id=logging-service&client_secret=dev-client-secret&redirect_uri=http://localhost:5000/callback"

{"error":"Invalid client_id"}


C:\Users\saad0\Documents\source\logging-backend>curl https://aurorahours.com/identity-backend/test-token
{"id_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2F1cm9yYWhvdXJzLmNvbS9pZGVudGl0eS1iYWNrZW5kIiwic3ViIjoidGVzdHVzZXIiLCJhdWQiOiJsb2dnaW5nLXNlcnZpY2UiLCJpYXQiOjE3NTQzNjU4ODQsImV4cCI6MTc1NDM2NzY4NCwic2NvcGUiOiJvcGVuaWQifQ.RoztF1DAaaviw2Q4XuI-5-d12vdjS-U02eoHQkwJg_c"}

C:\Users\saad0\Documents\source\logging-backend>curl -X POST https://aurorahours.com/logging-backend/log -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2F1cm9yYWhvdXJzLmNvbS9pZGVudGl0eS1iYWNrZW5kIiwic3ViIjoidGVzdHVzZXIiLCJhdWQiOiJsb2dnaW5nLXNlcnZpY2UiLCJpYXQiOjE3NTQzNjU4ODQsImV4cCI6MTc1NDM2NzY4NCwic2NvcGUiOiJvcGVuaWQifQ.RoztF1DAaaviw2Q4XuI-5-d12vdjS-U02eoHQkwJg_c" -H "Content-Type: application/json" -d "{\"service\":\"manual-test\",\"level\":\"INFO\",\"message\":\"Log from CMD works\",\"context\":{\"source\":\"cmd-one-liner\"}}"

{"error":"Invalid issuer"}


Other errors

C:\Users\saad0\Documents\source\logging-backend>curl -s -X POST https://aurorahours.com/identity-backend/token -d "code=f098cbcf-3602-40b8-8e99-053d59978d17&client_id=browser-ui&client_secret=dev-client-secret&redirect_uri=http://localhost:5000/callback"

{"error":"Invalid or expired code"}


C:\Users\saad0\Documents\source\logging-backend>curl -s -X POST https://aurorahours.com/identity-backend/token -d "code=97254578-1cb3-4e20-b378-522a1483523f&client_id=browser-ui&client_secret=dev-client-secret&redirect_uri=http://localhost:5000/callback"

{"expires_in":900,"id_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2F1cm9yYWhvdXJzLmNvbS9pZGVudGl0eS1iYWNrZW5kIiwic3ViIjoidSIsImF1ZCI6ImJyb3dzZXItdWkiLCJpYXQiOjE3NTQzNjQyMTksImV4cCI6MTc1NDM2NTExOSwic2NvcGUiOiJvcGVuaWQifQ.ONT1lU_v8alwuCjd-Dp8zja_xyk0ins8FsTt3fKsD_I","token_type":"Bearer"}


C:\Users\saad0\Documents\source\logging-backend>curl -X POST https://aurorahours.com/logging-backend/log -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2F1cm9yYWhvdXJzLmNvbS9pZGVudGl0eS1iYWNrZW5kIiwic3ViIjoidSIsImF1ZCI6ImJyb3dzZXItdWkiLCJpYXQiOjE3NTQzNjQyMTksImV4cCI6MTc1NDM2NTExOSwic2NvcGUiOiJvcGVuaWQifQ.ONT1lU_v8alwuCjd-Dp8zja_xyk0ins8FsTt3fKsD_I" -H "Content-Type: application/json" -d "{\"service\":\"manual-test\",\"level\":\"INFO\",\"message\":\"Log from CMD works\",\"context\":{\"source\":\"cmd-one-liner\"}}"

{"error":"Invalid token: Signature verification failed"}


After disabling auth, I was able to POST to this /log end point that was failing with "error":"Invalid  issuer"

C:\Users\saad0\Documents\source\logging-backend>curl -X POST https://aurorahours.com/logging-backend/log -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2F1cm9yYWhvdXJzLmNvbS9pZGVudGl0eS1iYWNrZW5kIiwic3ViIjoidGVzdHVzZXIiLCJhdWQiOiJsb2dnaW5nLXNlcnZpY2UiLCJpYXQiOjE3NTQzNjU4ODQsImV4cCI6MTc1NDM2NzY4NCwic2NvcGUiOiJvcGVuaWQifQ.RoztF1DAaaviw2Q4XuI-5-d12vdjS-U02eoHQkwJg_c" -H "Content-Type: application/json" -d "{\"service\":\"manual-test\",\"level\":\"INFO\",\"message\":\"Log from CMD works\",\"context\":{\"source\":\"cmd-one-liner\"}}"

{"status":"logged"}


Next, I enabled /get-token on production

Commented out code that disabled this:

#if not DEV_MODE:

    # Remove or don't register dev/test routes

    #app.view_functions.pop('test_token', None)

    #app.view_functions.pop('debug_env', None)

C:\Users\saad0\Documents\source\logging-backend>curl https://aurorahours.com/identity-backend/test-token

{"id_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2F1cm9yYWhvdXJzLmNvbS9pZGVudGl0eS1iYWNrZW5kIiwic3ViIjoidGVzdHVzZXIiLCJhdWQiOiJsb2dnaW5nLXNlcnZpY2UiLCJpYXQiOjE3NTQzNzA5NzgsImV4cCI6MTc1NDM3Mjc3OCwic2NvcGUiOiJvcGVuaWQifQ.r7msRU2qGTpCmxrS5WMHwEdLyySFOsSc65dd-Bg1WGw"}


Interestingly, it did work properly by identifying an expired token, even when having qualms with Invalid issuer

C:\Users\saad0\Documents\source\logging-backend>curl -X POST https://aurorahours.com/logging-backend/log -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2F1cm9yYWhvdXJzLmNvbS9pZGVudGl0eS1iYWNrZW5kIiwic3ViIjoidGVzdHVzZXIiLCJhdWQiOiJsb2dnaW5nLXNlcnZpY2UiLCJpYXQiOjE3NTQzNjU4ODQsImV4cCI6MTc1NDM2NzY4NCwic2NvcGUiOiJvcGVuaWQifQ.RoztF1DAaaviw2Q4XuI-5-d12vdjS-U02eoHQkwJg_c" -H "Content-Type: application/json" -d "{\"service\":\"manual-test\",\"level\":\"INFO\",\"message\":\"Log from CMD works\",\"context\":{\"source\":\"cmd-one-liner\"}}"

{"error":"Token expired"}


---


Debugging with gpt prompt:

You are an expert coding assistant. i want you to help me debug my logging-backend service, see code attached to this message. this logging-backend service is deployed to https://aurorahours.com/logging-backend, and it works. 


The issue that I have is with security. Specifically, on the /log endpoint. I had to turn off user authentication, see the two commented out lines the /log POST route. You will see that it is no longer authenticating the user.


The reason I did that is when I was generating a token using the command prompt, I was having issues. I was wondering if you would be up to the task of helping me to debug it. The identity-backend service, whose code you have in the project files is deployed at https://aurorahours.com/identity-backend


Here are some of the commands and narrative:

Post a log entry to logging-backend using the command prompt, Invalid Issuer error


C:\Users\saad0\Documents\source\logging-backend>curl -s -X POST https://aurorahours.com/identity-backend/token -d "code=46d5f045-6e12-4805-a8cd-b67018043c1f&client_id=logging-service&client_secret=dev-client-secret&redirect_uri=http://localhost:5000/callback"


{"error":"Invalid client_id"}



C:\Users\saad0\Documents\source\logging-backend>curl https://aurorahours.com/identity-backend/test-token

{"id_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2F1cm9yYWhvdXJzLmNvbS9pZGVudGl0eS1iYWNrZW5kIiwic3ViIjoidGVzdHVzZXIiLCJhdWQiOiJsb2dnaW5nLXNlcnZpY2UiLCJpYXQiOjE3NTQzNjU4ODQsImV4cCI6MTc1NDM2NzY4NCwic2NvcGUiOiJvcGVuaWQifQ.RoztF1DAaaviw2Q4XuI-5-d12vdjS-U02eoHQkwJg_c"}


C:\Users\saad0\Documents\source\logging-backend>curl -X POST https://aurorahours.com/logging-backend/log -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2F1cm9yYWhvdXJzLmNvbS9pZGVudGl0eS1iYWNrZW5kIiwic3ViIjoidGVzdHVzZXIiLCJhdWQiOiJsb2dnaW5nLXNlcnZpY2UiLCJpYXQiOjE3NTQzNjU4ODQsImV4cCI6MTc1NDM2NzY4NCwic2NvcGUiOiJvcGVuaWQifQ.RoztF1DAaaviw2Q4XuI-5-d12vdjS-U02eoHQkwJg_c" -H "Content-Type: application/json" -d "{\"service\":\"manual-test\",\"level\":\"INFO\",\"message\":\"Log from CMD works\",\"context\":{\"source\":\"cmd-one-liner\"}}"


{"error":"Invalid issuer"}




Other errors


C:\Users\saad0\Documents\source\logging-backend>curl -s -X POST https://aurorahours.com/identity-backend/token -d "code=f098cbcf-3602-40b8-8e99-053d59978d17&client_id=browser-ui&client_secret=dev-client-secret&redirect_uri=http://localhost:5000/callback"


{"error":"Invalid or expired code"}




C:\Users\saad0\Documents\source\logging-backend>curl -s -X POST https://aurorahours.com/identity-backend/token -d "code=97254578-1cb3-4e20-b378-522a1483523f&client_id=browser-ui&client_secret=dev-client-secret&redirect_uri=http://localhost:5000/callback"


{"expires_in":900,"id_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2F1cm9yYWhvdXJzLmNvbS9pZGVudGl0eS1iYWNrZW5kIiwic3ViIjoidSIsImF1ZCI6ImJyb3dzZXItdWkiLCJpYXQiOjE3NTQzNjQyMTksImV4cCI6MTc1NDM2NTExOSwic2NvcGUiOiJvcGVuaWQifQ.ONT1lU_v8alwuCjd-Dp8zja_xyk0ins8FsTt3fKsD_I","token_type":"Bearer"}




C:\Users\saad0\Documents\source\logging-backend>curl -X POST https://aurorahours.com/logging-backend/log -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2F1cm9yYWhvdXJzLmNvbS9pZGVudGl0eS1iYWNrZW5kIiwic3ViIjoidSIsImF1ZCI6ImJyb3dzZXItdWkiLCJpYXQiOjE3NTQzNjQyMTksImV4cCI6MTc1NDM2NTExOSwic2NvcGUiOiJvcGVuaWQifQ.ONT1lU_v8alwuCjd-Dp8zja_xyk0ins8FsTt3fKsD_I" -H "Content-Type: application/json" -d "{\"service\":\"manual-test\",\"level\":\"INFO\",\"message\":\"Log from CMD works\",\"context\":{\"source\":\"cmd-one-liner\"}}"


{"error":"Invalid token: Signature verification failed"}




After disabling auth, I was able to POST to this /log end point that was failing with "error":"Invalid  issuer"


C:\Users\saad0\Documents\source\logging-backend>curl -X POST https://aurorahours.com/logging-backend/log -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2F1cm9yYWhvdXJzLmNvbS9pZGVudGl0eS1iYWNrZW5kIiwic3ViIjoidGVzdHVzZXIiLCJhdWQiOiJsb2dnaW5nLXNlcnZpY2UiLCJpYXQiOjE3NTQzNjU4ODQsImV4cCI6MTc1NDM2NzY4NCwic2NvcGUiOiJvcGVuaWQifQ.RoztF1DAaaviw2Q4XuI-5-d12vdjS-U02eoHQkwJg_c" -H "Content-Type: application/json" -d "{\"service\":\"manual-test\",\"level\":\"INFO\",\"message\":\"Log from CMD works\",\"context\":{\"source\":\"cmd-one-liner\"}}"


{"status":"logged"}




Next, I enabled /get-token on production


Commented out code that disabled this:


#if not DEV_MODE:


    # Remove or don't register dev/test routes


    #app.view_functions.pop('test_token', None)


    #app.view_functions.pop('debug_env', None)


C:\Users\saad0\Documents\source\logging-backend>curl https://aurorahours.com/identity-backend/test-token


{"id_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2F1cm9yYWhvdXJzLmNvbS9pZGVudGl0eS1iYWNrZW5kIiwic3ViIjoidGVzdHVzZXIiLCJhdWQiOiJsb2dnaW5nLXNlcnZpY2UiLCJpYXQiOjE3NTQzNzA5NzgsImV4cCI6MTc1NDM3Mjc3OCwic2NvcGUiOiJvcGVuaWQifQ.r7msRU2qGTpCmxrS5WMHwEdLyySFOsSc65dd-Bg1WGw"}




Interestingly, it did work properly by identifying an expired token, even when having qualms with Invalid issuer


C:\Users\saad0\Documents\source\logging-backend>curl -X POST https://aurorahours.com/logging-backend/log -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2F1cm9yYWhvdXJzLmNvbS9pZGVudGl0eS1iYWNrZW5kIiwic3ViIjoidGVzdHVzZXIiLCJhdWQiOiJsb2dnaW5nLXNlcnZpY2UiLCJpYXQiOjE3NTQzNjU4ODQsImV4cCI6MTc1NDM2NzY4NCwic2NvcGUiOiJvcGVuaWQifQ.RoztF1DAaaviw2Q4XuI-5-d12vdjS-U02eoHQkwJg_c" -H "Content-Type: application/json" -d "{\"service\":\"manual-test\",\"level\":\"INFO\",\"message\":\"Log from CMD works\",\"context\":{\"source\":\"cmd-one-liner\"}}"


{"error":"Token expired"}



----


GPT responds with:

Thanks for the detailed walkthrough — you’ve already narrowed the issue down very precisely. Based on everything you shared, here's a breakdown of what’s going wrong with JWT validation in logging-backend, especially why you’re seeing:

{"error":"Invalid issuer"}

even when the token looks structurally fine.

✅ Root Cause: JWT_ISSUER mismatch between token and logging-backend

In your logging-backend/app.py:

JWT_ISSUER = os.getenv("JWT_ISSUER", "identity-backend")

In production, you're expecting:

JWT_ISSUER=https://aurorahours.com/identity-backend

But because you're defaulting to "identity-backend" in the code if the env var is missing (which is not URL-formatted), any token issued by your identity-backend will have an issuer of https://aurorahours.com/identity-backend, which fails the check:

if decoded.get("iss") != JWT_ISSUER:
    return False, "Invalid issuer"

🔥 Fix It: Force correct value in production

In your logging-backend/config.py (which is unused in app.py currently), you had the correct pattern with get_required_env().

🔧 Option A (Best): Use stricter config in app.py

Update the logging-backend/app.py top lines to:

from config import JWT_SECRET_KEY, JWT_ISSUER  # <- from your config.py

Then remove:

JWT_SECRET_KEY = os.getenv("JWT_SECRET_KEY", "some-random-key")
JWT_ISSUER = os.getenv("JWT_ISSUER", "identity-backend")

This forces the .env (or cPanel environment) to provide real values — and if it's missing or placeholder, the app will fail fast.

🔐 Additional Fixes You Should Make

1. Restore and re-enable this section in write_log:

is_valid, reason = validate_auth()
if not is_valid:
    return jsonify({"error": reason}), 401

Now that validation will work properly, no need to disable it.

2. Verify aud as well (already done)

You're setting "aud": "logging-service" in both token generation (test-token) and in the JWT decode call in validate_auth():

decoded = jwt.decode(
    token,
    JWT_SECRET_KEY,
    algorithms=["HS256"],
    audience="logging-service"
)

Make sure your token's "aud" matches this — which it does when you use the /test-token endpoint with aud: logging-service.

✅ Sanity Checklist for Deployment

Here’s what your logging-backend .env must have:

JWT_SECRET_KEY=your-strong-secret-here
JWT_ISSUER=https://aurorahours.com/identity-backend

Then restart your Python app from cPanel using:

touch tmp/restart.txt

✅ Next Steps

  1. ✅ Update app.py to import the real JWT_ISSUER and JWT_SECRET_KEY from config.py

  2. ✅ Confirm correct values are set via cPanel for those two env vars

  3. ✅ Re-enable validate_auth() in /log

  4. 🔁 Retry your curl -X POST /log call with a freshly minted JWT

Would you like me to patch the app.py file for you and give you a drop-in version that’s ready to go?



C:\Users\saad0\Documents\source>curl https://aurorahours.com/logging-backend/debug-env

{"JWT_ISSUER":"identity-backend","JWT_SECRET_KEY":"dev-client-secret"}


C:\Users\saad0\Documents\source>curl https://aurorahours.com/identity-backend/test-token

{"id_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2F1cm9yYWhvdXJzLmNvbS9pZGVudGl0eS1iYWNrZW5kIiwic3ViIjoidGVzdHVzZXIiLCJhdWQiOiJsb2dnaW5nLXNlcnZpY2UiLCJpYXQiOjE3NTQzNzU0ODIsImV4cCI6MTc1NDM3NzI4Miwic2NvcGUiOiJvcGVuaWQifQ.9MqllrsKStk6dZdxTOi9uqaSsXUXRmdnNVHYCME9Hj0"}


validate token on jwt.io

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2F1cm9yYWhvdXJzLmNvbS9pZGVudGl0eS1iYWNrZW5kIiwic3ViIjoidGVzdHVzZXIiLCJhdWQiOiJsb2dnaW5nLXNlcnZpY2UiLCJpYXQiOjE3NTQzNzU0ODIsImV4cCI6MTc1NDM3NzI4Miwic2NvcGUiOiJvcGVuaWQifQ.9MqllrsKStk6dZdxTOi9uqaSsXUXRmdnNVHYCME9Hj0

using secret dev-client-secret



2025-08-04 11:34 PM Issue with logging
curl -X POST https://aurorahours.com/logging-backend/log -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2F1cm9yYWhvdXJzLmNvbS9pZGVudGl0eS1iYWNrZW5kIiwic3ViIjoidGVzdHVzZXIiLCJhdWQiOiJsb2dnaW5nLXNlcnZpY2UiLCJpYXQiOjE3NTQzNzU0ODIsImV4cCI6MTc1NDM3NzI4Miwic2NvcGUiOiJvcGVuaWQifQ.9MqllrsKStk6dZdxTOi9uqaSsXUXRmdnNVHYCME9Hj0" -H "Content-Type: application/json" -d "{\"service\":\"manual-test\",\"level\":\"INFO\",\"message\":\"Hello from curl\",\"context\":{\"env\":\"test\"}}"

<!DOCTYPE html>
<html style="height:100%">
<head>
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
<title> 500 Internal Server Error
</title><style>@media (prefers-color-scheme:dark){body{background-color:#000!important}}</style></head>
<body style="color: #444; margin:0;font: normal 14px/20px Arial, Helvetica, sans-serif; height:100%; background-color: #fff;">
<div style="height:auto; min-height:100%; ">     <div style="text-align: center; width:800px; margin-left: -400px; position:absolute; top: 30%; left:50%;">
        <h1 style="margin:0; font-size:150px; line-height:150px; font-weight:bold;">500</h1>
<h2 style="margin-top:20px;font-size: 30px;">Internal Server Error
</h2>
<p>An internal server error has occured.</p>
</div></div></body></html>

2025-08-04 11:37 PM Did I set proper environment variables on logging-backend cPanel?

500 error when loading https://aurorahours.com/logging-backend/logs


Darn, I know that the app is expecting https://aurorahours.com/identity-backend, so let me update that.
  • Changed JWT_ISSUER to https://aurorahours.com/identity-backend
  • Save, and Restart web application in cPanel console
Needed to update code, see git commit on logging-backend: [master 4d368bb] Resolve 500 error

Also added DEV_MODE=true environment variable on cPanel for logging-backend

C:\Users\saad0\Documents\source>curl https://aurorahours.com/identity-backend/test-token
{"id_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2F1cm9yYWhvdXJzLmNvbS9pZGVudGl0eS1iYWNrZW5kIiwic3ViIjoidGVzdHVzZXIiLCJhdWQiOiJsb2dnaW5nLXNlcnZpY2UiLCJpYXQiOjE3NTQzNzY1MDQsImV4cCI6MTc1NDM3ODMwNCwic2NvcGUiOiJvcGVuaWQifQ.0NNDquEolpIoog81UGAz8GJtpAK1U6ZWvTWl0IKUt9k"}


Reset database, and started from scratch

Next step: ✅ Re-enable validate_auth() in /log


2025-08-05 12:05 AM Verified that validate_auth was working for /log endpoint in logging-backend in code, and by using curl


C:\Users\saad0\Documents\source\identity-backend>curl -X POST https://aurorahours.com/logging-backend/log -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2F1cm9yYWhvdXJzLmNvbS9pZGVudGl0eS1iYWNrZW5kIiwic3ViIjoidGVzdHVzZXIiLCJhdWQiOiJsb2dnaW5nLXNlcnZpY2UiLCJpYXQiOjE3NTQzNjU4ODQsImV4cCI6MTc1NDM2NzY4NCwic2NvcGUiOiJvcGVuaWQifQ.RoztF1DAaaviw2Q4XuI-5-d12vdjS-U02eoHQkwJg_c" -H "Content-Type: application/json" -d "{\"service\":\"manual-test\",\"level\":\"INFO\",\"message\":\"Log from CMD works\",\"context\":{\"source\":\"cmd-one-liner\"}}"
{"error":"Token expired"}

C:\Users\saad0\Documents\source\identity-backend>curl https://aurorahours.com/identity-backend/test-token
{"id_token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2F1cm9yYWhvdXJzLmNvbS9pZGVudGl0eS1iYWNrZW5kIiwic3ViIjoidGVzdHVzZXIiLCJhdWQiOiJsb2dnaW5nLXNlcnZpY2UiLCJpYXQiOjE3NTQzNzc0OTAsImV4cCI6MTc1NDM3OTI5MCwic2NvcGUiOiJvcGVuaWQifQ.RErlal-bURjt5IrKdhwYHmUcrNwQ5JAgr-YRNvgZk3w"}

C:\Users\saad0\Documents\source\identity-backend>curl -X POST https://aurorahours.com/logging-backend/log -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2F1cm9yYWhvdXJzLmNvbS9pZGVudGl0eS1iYWNrZW5kIiwic3ViIjoidGVzdHVzZXIiLCJhdWQiOiJsb2dnaW5nLXNlcnZpY2UiLCJpYXQiOjE3NTQzNzc0OTAsImV4cCI6MTc1NDM3OTI5MCwic2NvcGUiOiJvcGVuaWQifQ.RErlal-bURjt5IrKdhwYHmUcrNwQ5JAgr-YRNvgZk3w" -H "Content-Type: application/json" -d "{\"service\":\"manual-test\",\"level\":\"INFO\",\"message\":\"Log from CMD works\",\"context\":{\"source\":\"cmd-one-liner\"}}"
{"status":"logged"}

C:\Users\saad0\Documents\source\identity-backend>curl -X POST https://aurorahours.com/logging-backend/log -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2F1cm9yYWhvdXJzLmNvbS9pZGVudGl0eS1iYWNrZW5kIiwic3ViIjoidGVzdHVzZXIiLCJhdWQiOiJsb2dnaW5nLXNlcnZpY2UiLCJpYXQiOjE3NTQzNzc0OTAsImV4cCI6MTc1NDM3OTI5MCwic2NvcGUiOiJvcGVuaWQifQ.RErlal-bURjt5IrKdhwYHmUcrNwQ5JAgr-YRNvgZkf3w" -H "Content-Type: application/json" -d "{\"service\":\"manual-test\",\"level\":\"INFO\",\"message\":\"Log from CMD works\",\"context\":{\"source\":\"cmd-one-liner\"}}"
{"error":"Invalid token: Signature verification failed"}


C:\Users\saad0\Documents\source\identity-backend>curl -X POST https://aurorahours.com/logging-backend/log -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2F1cm9yYWhvdXJzLmNvbS9pZGVudGl0eS1iYWNrZW5kIiwic3ViIjoidGVzdHVzZXIiLCJhdWQiOiJsb2dnaW5nLXNlcnZpY2UiLCJpYXQiOjE3NTQzNzc0OTAsImV4cCI6MTc1NDM3OTI5MCwic2NvcGUiOiJvcGVuaWQifQ.RErlal-bURjt5IrKdhwYHmUcrNwQ5JAgr-YRNvgZk3w" -H "Content-Type: application/json" -d "{\"service\":\"manual-test\",\"level\":\"INFO\",\"message\":\"Log from CMD works\",\"context\":{\"source\":\"cmd-one-liner\"}}"
{"status":"logged"}

C:\Users\saad0\Documents\source\identity-backend>curl -X POST https://aurorahours.com/logging-backend/log -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwczovL2F1cm9yYWhvdXJzLmNvbS9pZGVudGl0eS1iYWNrZW5kIiwic3ViIjoidGVzdHVzZXIiLCJhdWQiOiJsb2dnaW5nLXNlcnZpY2UiLCJpYXQiOjE3NTQzNzc0OTAsImV4cCI6MTc1NDM3OTI5MCwic2NvcGUiOiJvcGVuaWQifQ.RErlal-bURjt5IrKdhwYHmUcrNwQ5JAgr-YRNvgZkf3w" -H "Content-Type: application/json" -d "{\"service\":\"manual-test\",\"level\":\"INFO\",\"message\":\"Log from CMD works\",\"context\":{\"source\":\"cmd-one-liner\"}}"
{"error":"Invalid token: Signature verification failed"}

C:\Users\saad0\Documents\source\identity-backend>curl -X POST https://aurorahours.com/logging-backend/log -H "Content-Type: application/json" -d "{\"service\":\"test\",\"level\":\"INFO\",\"message\":\"unauthorized test\"}"
{"error":"Unauthorized"}

✅ TL;DR One-Liner Summary

The first request failed because the JWT signature didn’t match logging-backend's secret; the second failed because no token was provided at all.

Comments

Post a Comment

Popular posts from this blog

Feature: Audit log for one login, and identity service

Image
Customer (Product) Page High-Level System Design Diagram (PlantUML) Sequence Diagram: Audit Event Ingestion Sequence Diagram: Orchestration Event For a High-Level System (Component) Diagram The queue is implemented as message_queue (generic), and the audit log service consumes from it, writing to a dedicated audit_log table. The logging service also consumes from the same message_queue and writes to log_store. Orchestration/other services use the same queue. Summary Table: What Writes Where Event Type Goes Into Consumed By Final Storage audit message_queue Audit Log Service audit_log table log message_queue Logging Service log_store table doc_uploaded message_queue Orchestration Worker (business DB, or triggers next event) ocr_ready message_queue Notification Worker, etc. (notification log, etc.)  Core Tables message_queue – universal event bus (temp buffer) audit_log – immutable audit/compliance events log_store – application logs (op...
Read more

Getting started - Build your data science lab environment

This guide explains how to set up a complete data science environment for the udemy program. A proper setup ensures compatibility and avoids recurring environment issues.  1. Overview Goal : Create a full-featured environment with sufficient resources for all course exercises. Recommendation : Use Anaconda for the most reliable setup. Alternative : Use a Python virtual environment with pip if Anaconda isn’t working. 2. Setup Options Primary (Recommended) Create a dedicated Anaconda environment (isolated, compatible). Alternative Use a standard Python virtualenv + pip (faster but less reliable). 3. Windows Setup Steps Clone Course Repository git clone https://github.com/ed-donner/llm_engineering/ Follow the repository’s README.md instructions for additional setup details. Create Anaconda Environment Inside the llm_engineering folder: conda env create -f environment.yml ⏳ This may take several minutes. Activate the environment: conda activate llms Deactivat...
Read more

QA - Run #1 - Results

Image
# QA Report for Tag QA_July2025_A - **Tag/Commit:** QA_July2025_A (`f32abc1`) - **Date:** 2025-08-01 - **QA Outcomes:** All tests passed except for file upload (see below)... - **Environment:** Windows 10, Python 3.12, requirements.txt as of tag - **Notes:** See log for detailed results. ## Issue Found - **Step:** - **Bug:** - **Log excerpt:** - **Screenshot:** For this QA run, we begin with pristine state by: Stop all services Delete logs.db, and jobs.db Delete all files in doc_store folder Start all services Test, you should see no data on index page, and query should result in no data found error Next, go ahead and upload new1.txt, and after that new2.txt Issue the query: "can you summarize all of the todo items you can find, seperating each one on a single line, with due date first, then title, and description with any details you can augment" Expected Answer: - August 1, 2025: Respond to Amira and discuss weekend plans - August 3, 2025: Go to Somesh class and finish ta...
Read more