[Support] Client Creation - Wrong token

I have a working boringproxy server running and im able to connect to it. I am having issues creating clients.
Here is my server setup: (Token has already been deleted for the purpose of this so im not worried about sharing)
I have a user called testing, and have generated a token in its name:

and here is the command I’m running client side (windows):

.\boringproxy.exe client -server example.com -token N84oTXzhbLJGVqWFbcUqyJOZxA6q6weh -client-name test -user testing

I have boringproxy running on the root of my domain (example.com).
The issue is im getting this error:

Failed to create client. Are the user ('testing') and token correct? HTTP Status code: 301. Message:

I am running the server on oracle and have opened every port to the internet, for testing. I currently have no tunnels set up either. I am not sure what is happening and as to why the tokens arent registering properly. Ive deleted and regenerated tokens many times and the same thing keeps happening.
Any help?
Thanks

EDIT:
1)
I have wildcard setup properly on my DNS as when I manually create a tunnel it shows the normal error where it isnt connected to a client:

Get "http://localhost:39281/": dial tcp 127.0.0.1:39281: connect: connection refused

Iva also started getting a different error:

Failed to create client. Are the user ('testing') and token correct? HTTP Status code: 404. Message: 404 page not found

This occurs even though I can access the boringproxy web gui just fine

It seems as if /api/clients/ doesnt exist as that is what shows on the server when a 404 is returned to the client

Hey @Biotic, a couple things first off.

What version of boringproxy are you running?

Are you using a client token or an admin token? I’d recommend using a client token if possible.

If using a client token, can you try running the client without -client-name and -user? They are no longer necessary in the latest API in most cases.

Hi @anders,
Im using the latest version from github on arm64 (v0.9.1 Beta) for the server, and the same version on windows for the client. The example was with a client token, not the admin one.
I have set up a new token: pFK693C4S6RfcHLwb3ZmefCWRIjryFIZ
I run this command on Windows:

.\boringproxy-windows-x86_64.exe client -server [URL] -token pFK693C4S6RfcHLwb3ZmefCWRIjryFIZ

and get this response:

Failed to create client. Are the user ('') and token correct? HTTP Status code: 404. Message: 404 page not found

Its really bizarre as I can access the web GUI absolutely fine, it just seems to 404 on /api/client
Whenever I attempt to start the client this is what I get server side:

2022-03-08T19:01:21Z [IP] POST [URL] /api/clients/

I am running the server on Ubuntu Server 20 on Oracle Cloud with every port open, if thats of any use.

Yeah I’m at a loss. Do you have curl (or another HTTP client) installed on the client machine? What happens if you run this?

curl https://<server>/api/clients/?access_token=pFK693C4S6RfcHLwb3ZmefCWRIjryFIZ -X POST

Can you post a dump of boringproxy_db.json from the server? Make sure there’s nothing sensitive in it first.

No other HTTP services running, nginx and apache arent even installed.
Curl Responds:

404 page not found

boringproxy_db.json dump:

{
  "tokens": {
    "[ADMINTOKEN]": {
      "owner": "admin"
    },
    "pFK693C4S6RfcHLwb3ZmefCWRIjryFIZ": {
      "owner": "testing"
    }
  },
  "tunnels": {},
  "users": {
    "admin": {
      "is_admin": true,
      "clients": {}
    },
    "bigtest": {
      "is_admin": false,
      "clients": {}
    },
    "testing": {
      "is_admin": false,
      "clients": {}
    }
  },
  "ssh_keys": {}

Thanks for your help

Ok according to the DB, pFK693C4S6RfcHLwb3ZmefCWRIjryFIZ is not a client token. When you create the token, you need to select a client from the “Limit to client” dropdown. If you’re doing that and the DB still looks the way you posted, then there’s a bug in boringproxy. This is new functionality and not heavily tested.

Here is the process of what I do to create a token:

image979×414 25 KB

And then I use that to create a client.
I assume im supposed to create a client, and then make a tunnel with that client selected? Just dont want to be using it wrong.

I understand what happened! On the install page of the docs the curl command downloads version 0.6.0! Im going to get the file manually from github to see if that solves it.

I was just about to ask . The UI is different now.

The docs are in bad need of an update. Same with the demo video. Unfortunately I’m in the middle of making a lot of big changes and don’t want to change the docs until that’s done.

I can at least update the curl link to point to the latest instead of a specific version.

And now it 90% works! If I manually create a client and add in the user and client name it works great, only issue I have now is the token not recognising the client is owned by the user:

image926×283 4.96 KB

image934×291 5.41 KB

image976×144 2.71 KB

image939×246 6.57 KB

Am I doing this bit wrong?
Sorry for so many questions!!

Hm on the Clients page it says “testclient” but on the Tokens page the dropdown says “testingclient”. Is testingclient owned by admin perhaps? Either way double check that you’re using the same name.

Oops yeah my bad on the continuity errors, I wiped my json file half way through to try again but it didnt fix anything and I must have called them something wrong. The same error still occurs though even when the “testingclient” is owned by the user “testing” as you can see here:

{
  "admin_domain": "DOMAIN",
  "tokens": {
    "ADMINKEY": {
      "owner": "admin"
    }
  },
  "tunnels": {},
  "users": {
    "admin": {
      "is_admin": true,
      "clients": {}
    },
    "testing": {
      "is_admin": false,
      "clients": {
        "testingclient": {}
      }
    }
  }

Huh. Only guess I have is maybe it has something to do with testing not being an admin. Can you try changing that and see what happens?

{
  "admin_domain": "X",
  "tokens": {
    "X": {
      "owner": "admin"
    }
  },
  "tunnels": {},
  "users": {
    "admin": {
      "is_admin": true,
      "clients": {}
    },
    "testing": {
      "is_admin": true,
      "clients": {
        "testingclient": {}
      }
    }
  }
}

Same thing again? Is there something different with the ARM64 build that could be causing this, or maybe with my network setup?

EDIT:
I tried this on the default admin account and it worked fine, something is wrong with the user created accounts it seems.

Yeah it’s very strange. I’ll try to reproduce this tomorrow. If it’s not too much trouble, can you make a quick list of the exact steps you take, starting with the download? No need for screenshots, just a quick list I can follow along.

Of course! Thank you so much for looking into this for me

Ubuntu 20.04.4 LTS aarch64:

1. wget https://github.com/boringproxy/boringproxy/releases/download/v0.9.1/boringproxy-linux-arm64
2. chmod +x boringproxy-linux-arm64
3. sudo setcap cap_net_bind_service=+ep boringproxy-linux-arm64
4. ./boringproxy-linux-arm64 server -admin-domain DOMAIN

Browser:

1. Create new non admin user - testing
2. Create client owned by testing - testingclient
3. Add token owned by testing
4. Limit to client from dropdown - testingclient
5. 
   

Ahh this was a subtle one, but I’m pretty sure I fixed it. Basically the problem appears if you make the request as an admin on behalf of another user. It was using the admin to check for the list of available clients. Therefore you’re limited to whatever client names the admin also is using.

Anyway, please try a master build and let me know if it works:

https://gemdrive.io/apps/delver/?drive=https://files.apitman.com&path=/public/boringproxy/master.