Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-15474

Rest API OAuth2 authentication provides incorrect response

    XMLWordPrintable

Details

    • Rank:
      1|hzz4gn:

    Description

      Bug description

      Customer have a OAuth2 client which makes authentication calls to FR AM OAuth2 Provider. Currently we are seeing that API call does not give proper message for "Locked Account",.

       

      Below is the REST API call response using regular authentication call, which provides proper response differentiating between invalid credentials and locked account.

       

      *http://localhost:9080/openam/json/realms/root/realms/test/authenticate*

      INCORRECT CREDENTIALS

      {

      "code": 401,

      "reason": "Unauthorized",

      "message": "Login failure",

      "detail":

      { "failureUrl": "User credentials are incorrect" }

      }

       

      ACCOUNT LOCKED

      {

      "code": 401,

      "reason": "Unauthorized",

      "message": "Login failure",

      "detail":

      { "failureUrl": "User is locked" }

      }

       

      Authentication using OAuth2 with authentication tree for incorrect credentials and locked account are same (need to distinguish) as shown below:

       

      *http://localhost:9080/openam/oauth2/test/access_token*

      INCORRECT CREDENTIALS

      { "error_description": "Resource owner authentication failed", "error": "invalid_grant" }

       

      ACCOUNT LOCKED

      { "error_description": "Resource owner authentication failed", "error": "invalid_grant" }

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              jobby.thomas Jobby Thomas
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: