Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-15053

when client send wrong auth_req_id in CIBA polling request, there is HTTP 500 server error

    Details

    • Sprint:
      AM 2019.15 - Gears

      Description

      Bug description

      when I send wrong auth_req_id in CIBA polling request, there is HTTP 500 server error - this is client error, there should be HTTP 400 instead.

      How to reproduce the issue

      1. follow steps in OPENAM-15049 without D
      2. create authentication tree "test" with nodes "Start" -> "Username collector" -> "Success"
      3. configure OAuth2Provider, Advanced OpenId Connect, OpenID Connect acr_values to Auth Chain Mapping - add key=push value=test
      4. do request as in OPENAM-15049 step C and save auth_req_id for next step
      5. do polling request with wrong auth_req_id:
      http -f -a ${OAUTH2_CLIENTID}:${OAUTH2_PASS} POST ${URL}/oauth2/access_token grant_type=urn:openid:params:grant-type:ciba auth_req_id=wrong${AUTH_REQUEST_ID}
      
      Expected behaviour

      There should be different unknown_auth_req_id error according to chapter 6.4 in: https://openid.net/specs/openid-connect-modrna-client-initiated-backchannel-authentication-1_0.html  separate from expired_token error

      Current behaviour
      HTTP/1.1 500 
      Accept-Ranges: bytes
      Cache-Control: no-store
      Connection: close
      Content-Type: application/json
      Date: Fri, 07 Jun 2019 11:25:56 GMT
      Pragma: no-cache
      Transfer-Encoding: chunked
      Vary: Accept-Charset, Accept-Encoding, Accept-Language, Accept
      X-Frame-Options: SAMEORIGIN{
          "error": "server_error",
          "error_description": "Token for the given id expired"
      }
      

        Attachments

          Activity

            People

            • Assignee:
              dipu.seminlal Dipu Seminlal
              Reporter:
              lubomir.mlich Ľubomír Mlích
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: