Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-13072

Case Sensitive of Username Result in Listing UMA Resource Incorrectly

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 14.5.1
    • Fix Version/s: 14.0.1, 6.5.0, 5.5.2
    • Component/s: UMA
    • Labels:
    • Target Version/s:
    • Sprint:
      AM Sustaining Sprint 54, AM Sustaining Sprint 55
    • Story Points:
      2
    • Needs backport:
      No
    • Support Ticket IDs:
    • Needs QA verification:
      Yes
    • Functional tests:
      Yes
    • Are the reproduction steps defined?:
      Yes and I used the same an in the description

      Description

      Bug description

      Case sensitive of username causes to list UMA resources incorrectly.

      How to reproduce the issue

      1. Follow AM 5.5 UMA 2.0 Guide, Procedure 2.5. To Create an UMA Resource Owner 
        Create a user called alice as listed in documentation.
      2. Follow AM 5.5 UMA 2.0 Guide, Procedure 2.7. To Acquire a Protection API Token
        Login as "alice" to get the PAT.
        curl -X POST \
        http://am.example.com:8080/openam/oauth2/realms/root/access_token \
        -H 'Authorization: Basic VU1BLVJlc291cmNlLVNlcnZlcjpwYXNzd29yZA==' \
        -H 'Content-Type: application/x-www-form-urlencoded' \
        -d 'grant_type=password&scope=uma_protection&username=alice&password=password'
        {
        "access_token": "70792841-3450-4d75-a5ef-3b03aea40dd7",
        "scope": "uma_protection",
        "token_type": "Bearer",
        "expires_in": 3599
        }
        
      3. Follow AM 5.5 UMA 2.0 Guide, Procedure 2.8. Register an UMA Resource Set
        curl -X POST \
        http://am.example.com:8080/openam/uma/resource_set \
        -H 'Authorization: Bearer 70792841-3450-4d75-a5ef-3b03aea40dd7' \
        -H 'Content-Type: application/json' \
        -d '{
        "resource_scopes": [
        "read", "write"
        ],
        "name": "my resource 106",
        "type": "type",
        "uri": "http://rs.example.com/alice/myresource106"
        }'
        {
        "_id": "a3c0147a-618e-42b0-88ef-d148f8c0a0fb0",
        "user_access_policy_uri": "http://am.example.com:8080/openam/XUI/?realm=/#uma/share/a3c0147a-618e-42b0-88ef-d148f8c0a0fb0"
        }
      4. Follow AM 5.5 UMA 2.0 Guide, Procedure 2.7. To Acquire a Protection API Token
        This time, the user would be logged in as "Alice" to get the PAT.
        curl -X POST \
        http://am.example.com:8080/openam/oauth2/realms/root/access_token \
        -H 'Authorization: Basic VU1BLVJlc291cmNlLVNlcnZlcjpwYXNzd29yZA==' \
        -H 'Content-Type: application/x-www-form-urlencoded' \
        -d 'grant_type=password&scope=uma_protection&username=Alice&password=password'
        {
        "access_token": "12149112-07e1-4704-bfe7-97897f444551",
        "scope": "uma_protection",
        "token_type": "Bearer",
        "expires_in": 3599
        }
        
      5. Follow AM 5.5 UMA 2.0 Guide, Procedure 2.8. Register an UMA Resource Set
        Using "Alice" to registered the resource set
        curl -X POST \
        http://am.example.com:8080/openam/uma/resource_set \
        -H 'Authorization: Bearer 12149112-07e1-4704-bfe7-97897f444551' \
        -H 'Content-Type: application/json' \
        -d '{
        "resource_scopes": [
        "read", "write"
        ],
        "name": "Example Resource Set",
        "type": "type",
        "uri": "http://www.example.com/Alice/exampleResourceSet"
        }'
        {
        "_id": "a6267973-a4bf-4227-946e-5d5de9b825860",
        "user_access_policy_uri": "http://am.example.com:8080/openam/XUI/?realm=/#uma/share/a6267973-a4bf-4227-946e-5d5de9b825860"
        }
        
      6. Display the list of resource set in the user
        curl -X GET \
        http://am.example.com:8080/openam/uma/resource_set \
        -H 'Authorization: Bearer 12149112-07e1-4704-bfe7-97897f444551' \
        -H 'Content-Type: application/json' 
        
        [
        "a3c0147a-618e-42b0-88ef-d148f8c0a0fb0",
        "a6267973-a4bf-4227-946e-5d5de9b825860"
        ]
        
      7. Login to alice in XUI admin console and see the list of resources
      Expected behaviour
      All Registered Resources Set should be listed
      Current behaviour
      Only Certain Registered Resource Set (with case sensitive name) being listed.
      
      For example, if the user obtained the PAT under alice and registered the resource set under alice, only resource set under alice would be listed (img1 & img2).
      
      If user obtained the PAT under Alice and registered the resource set under Alice, only resource set under Alice would be listed (img3 & img4).
      

        Attachments

        1. img1.png
          img1.png
          52 kB
        2. img2.png
          img2.png
          54 kB
        3. img3.png
          img3.png
          52 kB
        4. img4.png
          img4.png
          55 kB

          Activity

            People

            • Assignee:
              sachiko Sachiko Wallace
              Reporter:
              wanning.tan WanNing Tan
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: