Details
-
Type:
Bug
-
Status: Resolved
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 13.5.0, 13.5.1, 13.5.2, 14.0.0, 14.1.0, 14.1.1, 14.5.0, 14.5.1, 5.5.1, 14.1.1.1, 14.1.1.2, 14.1.1.3, 6.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.0.0.4, 14.1.1.4, 6.0.0.5, 14.1.1.5, 14.1.2.2, 6.0.0.6, 6.0.0.7, 14.1.2.3, 6.5.1, 14.1.2.4, 6.5.2, 6.5.2.1, 14.1.1.8, 5.5.2, 14.1.2.5, 14.1.2.11
-
Component/s: debug logging, oauth2
-
Labels:
-
Environment:Oracle JDK 1.8.0_201-b09
Apache Tomcat 9.0.8
AM 6.5.2.1
-
Rank:1|i01yxr:
-
Sprint:AM Sustaining Sprint 78, AM Sustaining Sprint 79, AM Sustaining Sprint 80
-
Story Points:5
-
Needs backport:No
-
Support Ticket IDs:
-
Needs QA verification:No
-
Functional tests:No
-
Are the reproduction steps defined?:Yes and I used the same an in the description
Description
Bug description
No debug messages are written that allow to troubleshoot the OAuth2 client error 'invalid_client Server does not support this client's subject type.'
How to reproduce the issue
- Configure AM as OIDC provider
- Configure 2 OIDC/OAuth2 clients
- Set 'Subject Type' of the clients to 'pairwise'
- Perform authorization code grant with one client
- Inspect the debug logs when after the error is shown
Expected behaviour
Debug logs should tell the reason why the error is seen in the browser.
Current behaviour
No info about the root cause is present in the debug logs.
Attachments
Issue Links
- is related to
-
-
- Closed
-