Affects Version/s: 12.0.0, 12.0.2
Fix Version/s: None
Sprint:Sprint 109 - Shakespeare, Sprint 107 - Team Shakespeare, Sprint 108 - Team Shakespeare, Sprint 111 - Shakespeare, Sprint 112 - Shakespeare
From support case 12674:
I am trying to configure OpenIDConnect. I use this test client: https://github.com/ForgeRock/openid
When trying the basic OpenIDConnect flow (authorization grant). I authenticate successfully and am asked to give consent (see screencap). However, when I click on 'Allow' I get redirected to my client application with the following error: "Resource Owner did not authorize the request"
This error is specifically related to the consent and seems to be coming from this class: AuthorizationServiceImpl.java
Do you have any idea what might be causing the issue? Is this a known bug?
And from a GitHub notificarion:
I have had issues with the fetching of the access token and the userinfo object in the cb-basic.html. I was prompted with a basic authentication form due to a 401 reply from OpenAM. Apperently I had to add the realm as a GET parameter. Next I had issues in fetching the userinfo object. Adding the realm to this ajax call resolved the issue as well.
I have tried this code before when testing with OpenAM12 and then it worked like a charm. However, on OpenAM12.0.2 I need the realm to be added for everything to work.
So the codechanges were quite simple:
url: server + openam + access + "?"
url: server + openam + info + "?"
It would take a lot more effort to do a pull request and push my changes. So for this simple issue I think that is overkill.