Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-13991

'issuer' value in .well-known/openid-configuration response is incorrect for a sub-realm

    XMLWordPrintable

    Details

    • AM Sustaining Sprint 58
    • 3
    • No
    • No
    • Yes
    • Yes and I used the same an in the description

      Description

      Bug description

      The 'issuer' value in the .well-known/openid-configuration output does not match the URL that requested it when a sub-realm is part of the request.

      Note that this behaviour in 6.0.0.2 onward is different to the initial 6.0 release and also different to earlier releases due to OPENAM-12784

       

      How to reproduce the issue

      1). Install AM 6.0.0.5 and simply create a sub-realm, eg. named IDP and configure for OIDC using the wizard.

      2). Request (specifying realm not using DNS alias) using the following format:

      http://openam.example.com:8080/AM6/oauth2/IDP/.well-known/openid-configuration

      3). Inspect the results and note:

      "issuer":"http://openam.example.com:8080/AM6/oauth2/realms/root/realms/IDP"

       

      Expected behaviour (as seen in AM 6.0.0.1 and earlier releases)
      Request:
      
      http://openam.example.com:8080/AM6/oauth2/IDP/.well-known/openid-configuration
      
      From the response:
      
      "issuer":"http://openam.example.com:8080/AM6/oauth2/IDP
      Current behaviour
      Request:
      
      http://openam.example.com:8080/AM6/oauth2/IDP/.well-known/openid-configuration
      
      From the response:
      
      "issuer":"http://openam.example.com:8080/AM6/oauth2/realms/root/realms/IDP"
      

       

       

        Attachments

          Issue Links

            Activity

              People

              lawrence.yarham Lawrence Yarham
              andy.itter Andy Itter
              Ľubomír Mlích Ľubomír Mlích
              Votes:
              1 Vote for this issue
              Watchers:
              8 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved: