Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-13490

Software Publisher Agent - Secret is not saved when creating an Agent

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 6.5.0, 6.5.1
    • Fix Version/s: 6.0.1, 6.5.3, 7.0.0, 5.5.2
    • Component/s: oauth2
    • Labels:
    • Target Version/s:
    • Sprint:
      AM Sustaining Sprint 64
    • Story Points:
      3
    • Needs backport:
      No
    • Support Ticket IDs:
    • Needs QA verification:
      No
    • Functional tests:
      No
    • Are the reproduction steps defined?:
      Yes and I used the same an in the description

      Description

      Bug description

      When creating a Software Publisher Agent, the 'secret' in the initial screen is stored with a different value.

      I faced this issue when testing the OAuth2 Dynamic Client Registration with Require Software Statement. The secret is also the public key for signing. After a few attempts where I was getting "Invalid JWT signature", although I could verify it using online tools, I realized that the secret wasn't correct.

      How to reproduce the issue

      1. Go to [Realm name] > Applications > Agents > Software Publisher > Add
      2. On the initial screen, type a secret of your choice as Software Publisher Secret 
      3. Create and Save changes
      4. Export Config:
        <AttributeValuePair>     
        <Attribute name="userpassword"/>    <Value>AQIC1K&#47;g+3LMOMAqfEAITY7JChKBxrH7+TpjQb7efOgVlmYVCr22djfuzfabszegr6xLiiGCj9vy&#47;Xt6Ku+CvJYTGYsMEyegFjOhawwszzU&#47;kYHPM8rxChiBHIgIRYmIZ+3CyI8eJA9Jdb5HaUPWJqdq&#47;nTTyA0f8I7SH8eqxvDCSpHA8oZnxAcR0w==</Value> </AttributeValuePair>
        
      5. Now update your Software Publisher Secret with the same secret as at step2 and save changes
      6. Export Config
        <AttributeValuePair>    
        <Attribute name="userpassword"/>     
        <Value>AQIC1K&#47;g+3LMOMB1xYclE8+cZw==</Value>
        </AttributeValuePair>
        

       The dynamic registration now works and JWT can be verified.

      Expected behaviour
      The secret must be stored as per initial input
      
      Current behaviour
      A different value is currently stored. You need to re-input your secret.
      

       

        Attachments

          Activity

            People

            • Assignee:
              lawrence.yarham Lawrence Yarham
              Reporter:
              anastasios.kampas Tasos Kampas
            • Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: