Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-15474

Rest API OAuth2 authentication provides incorrect response

    Details

    • Support Ticket IDs:

      Description

      Bug description

      Customer have a OAuth2 client which makes authentication calls to FR AM OAuth2 Provider. Currently we are seeing that API call does not give proper message for "Locked Account",.

       

      Below is the REST API call response using regular authentication call, which provides proper response differentiating between invalid credentials and locked account.

       

      *http://localhost:9080/openam/json/realms/root/realms/test/authenticate*

      INCORRECT CREDENTIALS

      {

      "code": 401,

      "reason": "Unauthorized",

      "message": "Login failure",

      "detail":

      { "failureUrl": "User credentials are incorrect" }

      }

       

      ACCOUNT LOCKED

      {

      "code": 401,

      "reason": "Unauthorized",

      "message": "Login failure",

      "detail":

      { "failureUrl": "User is locked" }

      }

       

      Authentication using OAuth2 with authentication tree for incorrect credentials and locked account are same (need to distinguish) as shown below:

       

      *http://localhost:9080/openam/oauth2/test/access_token*

      INCORRECT CREDENTIALS

      { "error_description": "Resource owner authentication failed", "error": "invalid_grant" }

       

      ACCOUNT LOCKED

      { "error_description": "Resource owner authentication failed", "error": "invalid_grant" }

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                jobby.thomas Jobby Thomas
              • Votes:
                0 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: