Affects Version/s: 13.5.2, 14.1.1, 14.5.0
java version "1.8.0_131"
Apache Tomcat Version 7.0.78
Reggresion from endsession problem described in -
- affecting the password grant flow only. OPENAM-10782
1. add Top-level Realm - Configure OAuth Provider - Configure OpenID Connect
2. add Top-level Realm - Applications - OAuth 2.0 - New Agent
- add rediretion URIs
- add scopes - openid, profile
- signing algorithm to HS265
3. Top-level Realm - Services - OAuth2 Provider - Core - Enable "Issue Refresh Tokens"
Steps to reproduce:
2. refresh id_token - replace ??? with access_token from last result
3. logout, again replace ??? with token_id from last result
I see "Unable to get SsoTokenManager" error on standard output and "The request could not be understood by the server due to malformed syntax" in the log.
Expected behavior - the end session should return a success. (in the case of the password grant flow, no session is actually created)