Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-11590

Amster exports empty values as null which prevents them to be imported back

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Expired
    • Affects Version/s: 14.5.0
    • Fix Version/s: None
    • Component/s: Amster
    • Rank:
      1|hzu2br:

      Description

      When exporting OAuth2/OIDC client with amster, some empty values are exported as null. This prevents them from being imported back into OpenAM.

       

      AM version is OpenAM 14.5.0-SNAPSHOT Build 633d5eaf07 (2017-August-18 15:56)

      bash-4.3$ cat clientOIDC.json 
       {
       "metadata" : {
       "realm" : "/",
       "amsterVersion" : "@project.version@",
       "entityType" : "OAuth2Clients",
       "entityId" : "clientOIDC",
       "pathParams" : { }
       },
       "data" : {
       "_id" : "clientOIDC",
       "signEncOAuth2ClientConfig" : {
       "idTokenEncryptionMethod" : "A128CBC-HS256",
       "jwkSet" : null,
       "idTokenEncryptionAlgorithm" : "RSA1_5",
       "userinfoResponseFormat" : "JSON",
       "jwksCacheTimeout" : 3600000,
       "userinfoSignedResponseAlg" : "RS256",
       "tokenEndpointAuthSigningAlgorithm" : "RS256",
       "requestParameterEncryptedAlg" : "RSA1_5",
       "requestParameterEncryptedEncryptionAlgorithm" : "A128CBC-HS256",
       "jwkStoreCacheMissCacheTime" : 60000,
       "idTokenEncryptionEnabled" : false,
       "idTokenSignedResponseAlg" : "HS256",
       "idTokenPublicEncryptionKey" : null,
       "userinfoEncryptedResponseEncryptionAlgorithm" : "A128CBC-HS256",
       "publicKeyLocation" : "x509",
       "jwksUri" : "http://openam:80/openam/oauth2/myrealm/connect/jwk_uri",
       "userinfoEncryptedResponseAlg" : "RSA1_5",
       "requestParameterSignedAlg" : "HS256",
       "clientJwtPublicKey" : null
       },
       "coreOAuth2ClientConfig" : {
       "clientType" : "Confidential",
       "userpassword" : null,
       "scopes" : [ "phone|Your phone number(s)", "address|Your postal address", "email|Your personal email", "openid|", "profile|Your personal information" ],
       "authorizationCodeLifetime" : 0,
       "accessTokenLifetime" : 3600,
       "agentgroup" : null,
       "refreshTokenLifetime" : 15552000,
       "defaultScopes" : [ "" ],
       "redirectionUris" : [ "http://fake.com" ],
       "clientName" : [ "" ],
       "status" : "Active"
       },
       "advancedOAuth2ClientConfig" : {
       "updateAccessToken" : null,
       "sectorIdentifierUri" : null,
       "isConsentImplied" : false,
       "contacts" : [ "" ],
       "requestUris" : [ ],
       "responseTypes" : [ "code", "token", "id_token", "code token", "token id_token", "code id_token", "code token id_token" ],
       "descriptions" : [ "" ],
       "mixUpMitigation" : false,
       "subjectType" : "Public",
       "name" : [ "" ],
       "tokenEndpointAuthMethod" : "client_secret_basic"
       },
       "coreOpenIDClientConfig" : {
       "claims" : [ "openid", "profile", "email" ],
       "jwtTokenLifetime" : 0,
       "clientSessionUri" : null,
       "defaultMaxAgeEnabled" : false,
       "postLogoutRedirectUri" : [ "" ],
       "defaultMaxAge" : 600
       },
       "_type" : {
       "_id" : "OAuth2Client",
       "name" : "OAuth2 Clients",
       "collection" : true
       }
       }
       }

       

      Workaround for importing this back is to change null values into empty strings or empty lists.

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            pavel.balcarek Pavel Balcárek
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: