[OPENAM-6382] Dynamic openID Connect client registration broken. - ForgeRock JIRA

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 13.0.0
Fix Version/s: 12.0.3, 13.0.0
Component/s: oauth2, OpenID Connect
Labels:
- test-candidate

Target Version/s:

12.0.3

Verified Version/s:

12.0.3

Description

When creating a dynamic oidc client an unauthorised error is returned.

Reproduction steps:

Configure an OAuth2Provider with:
Dynamic registration enabled.
Claim_parameter_support enabled.

Attempt to dynamically register an oauth2client using REST:

curl -X POST -H "Content-Type: application/json" -d '{ "subject_type":"public", "scopes":["address", "email"], "jwks_uri":"https://op.certification.openid.net:60052/export/jwk_60052.json", "client_name":"OIC Test Client","contacts":["roland.hedberg@umu.se"], "application_type":"web", "grant_types":["authorization_code"], "post_logout_redirect_uris":["https://op.certification.openid.net:60052/logout"], "redirect_uris":["https://op.certification.openid.net:60052/authz_cb"], "response_types":["code"], "require_auth_time":true, "default_max_age":3600, "id_token_signed_response_alg":"HS256","jwt_token_lifetime": 120,"access_token_lifetime": 120,"authorization_code_lifetime": 120,"refresh_token_lifetime": 120 } ' http://openam.example.com:8080/openam/oauth2/connect/register

Response is:

{
    "error": "server_error",
    "error_description": "Client authentication failed"
}

should create client

Attachments

Issue Links

relates to

OPENAM-6236 Add token life time options per OAuth2 client

Resolved

Activity

People

Assignee:

kohei

Reporter:

Alex Walker [X] (Inactive)

QA Assignee:

Nemanja Lukic

Votes:

0 Vote for this issue

Watchers:

4 Start watching this issue

Dates

Created:

14/Jul/15 5:34 PM

Updated:

23/May/16 10:05 AM

Resolved:

23/May/16 10:05 AM