Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-5759

Update OAuth2 to display the token and user information in the OAuth2Provider.access log

    Details

    • Sprint:
      Sprint 82 - Sustaining, Sprint 83 - Sustaining, Sprint 84 - Sustaining
    • Support Ticket IDs:

      Description

      In OpenAM 10.1.0 when the /oauth2/access_token endpoint was accessed, the users information would be stored in the OAuth2Provider.access log as follows:

      "2015-03-31 09:35:10" "CREATED_TOKEN|{ ""type"": ""resource"", ""uuid"": ""765236ee-18dc-4a94-8220-16069b516359"", ""parent"":

      { ""type"": ""root"", ""uuid"": ""a7fa9f24-aa16-4817-aaa7-4bc392594822"", ""parent"": null }

      , ""method"": ""create"", ""id"": ""46e4d1d6-f7b5-4a4f-82ea-a83d79567907"", ""value"":

      { ""id"": ""46e4d1d6-f7b5-4a4f-82ea-a83d79567907"", ""username"": [demo], ""scope"": [], ""expiry_time"": [1427823370751], ""realm"": [/], ""redirect_uri"": [null], ""parent"": [null], ""client_id"": [myClientID], ""type"": [refresh_token] }

      }" "Not Available" "Not Available" "Not Available" "Not Available" "Not Available""cn=dsameuser,ou=DSAME Users,dc=openam,dc=forgerock,dc=org" OAuth2Provider-1OAuth2Provider.access "Not Available" "Not Available"
      "2015-03-31 09:35:10" "CREATED_TOKEN|{ ""type"": ""resource"", ""uuid"": ""5f3dca6a-3227-4476-8f2d-3a9467a55298"", ""parent"":

      { ""type"": ""root"", ""uuid"": ""9e82989a-52e6-4454-beea-19ef1e245c8e"", ""parent"": null }

      , ""method"": ""create"", ""id"": ""356f9435-20c5-4230-bb90-f0edd1b0b44d"", ""value"":

      { ""id"": ""356f9435-20c5-4230-bb90-f0edd1b0b44d"", ""username"": [demo], ""scope"": [], ""expiry_time"": [1427823610764], ""realm"": [/], ""redirect_uri"": [null], ""parent"": [46e4d1d6-f7b5-4a4f-82ea-a83d79567907], ""client_id"": [myClientID], ""type"": [access_token] }

      }" "Not Available" "Not Available" "Not Available" "Not Available" "Not Available" "cn=dsameuser,ou=DSAME Users,dc=openam,dc=forgerock,dc=org" OAuth2Provider-1 OAuth2Provider.access "Not Available" "Not Available"

      As of OpenAM 11, this information is no longer displayed in the logs when accessing this end point. The logs record the following:

      "2015-03-31 09:23:01" myClientID "Not Available" "Not Available" "Not Available" "Not Available" "Not Available" OAuth2Provider-15 "cn=dsameuser,ou=DSAME Users,dc=openam,dc=forgerock,dc=org" "Not Available" OAuth2Provider.access "Not Available"

      This seems to be a result of AME-2375 when OpenDJTokenRepo.java was removed. This resulted in the audit logging also being removed.

        Attachments

          Activity

            People

            • Assignee:
              kamal.sivanandam@forgerock.com Kamal Sivanandam
              Reporter:
              abel.hoxeng Abel Hoxeng
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - 5h Original Estimate - 5h
                5h
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 10h
                10h