-
Type:
Bug
-
Status: Resolved
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 13.0.0
-
Component/s: oauth2, OpenID Connect
-
Labels:
When creating a dynamic oidc client an unauthorised error is returned.
Reproduction steps:
Configure an OAuth2Provider with:
Dynamic registration enabled.
Claim_parameter_support enabled.
Attempt to dynamically register an oauth2client using REST:
curl -X POST -H "Content-Type: application/json" -d '{ "subject_type":"public", "scopes":["address", "email"], "jwks_uri":"https://op.certification.openid.net:60052/export/jwk_60052.json", "client_name":"OIC Test Client","contacts":["roland.hedberg@umu.se"], "application_type":"web", "grant_types":["authorization_code"], "post_logout_redirect_uris":["https://op.certification.openid.net:60052/logout"], "redirect_uris":["https://op.certification.openid.net:60052/authz_cb"], "response_types":["code"], "require_auth_time":true, "default_max_age":3600, "id_token_signed_response_alg":"HS256","jwt_token_lifetime": 120,"access_token_lifetime": 120,"authorization_code_lifetime": 120,"refresh_token_lifetime": 120 } ' http://openam.example.com:8080/openam/oauth2/connect/register
Response is:
{ "error": "server_error", "error_description": "Client authentication failed" }
should create client
- relates to
-
OPENAM-6236 Add token life time options per OAuth2 client
-
- Resolved
-