Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-10388

Allow message from auth module to be returned when resource owner auth failed with grant_type=password

    Details

    • Sprint:
      AM Sustaining Sprint 33
    • Story Points:
      3
    • Support Ticket IDs:

      Description

      1. create custom auth module which throws custom auth failure message
      2. register and deploy to OpenAM
      3. configure auth module instance on admin console
      4. request access token with grant_type=password and intentionally pass wrong password for resource owner.

      curl --request POST --user "myClientID:password" --data 'grant_type=password&username=demo&password=wrongpassword&scope=cn' -k -v "http://<host>:<port>/openam/oauth2/access_token"
      

      It always returns the same message and ignores what's been thrown from custom auth

      {"error_description":"Resource owner authentication failed","error":"invalid_grant"}
      

      The example above is using custom auth, but it's the same with any auth module where error messages are things like user account locked etc.
      It will be nice if OpenAM could check error message thrown from auth and return that message.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                jonthomas Jonathan Thomas
                Reporter:
                sachiko Sachiko Wallace
              • Votes:
                1 Vote for this issue
                Watchers:
                8 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: