Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-9711

SNMP Cumulative count of deleted oauth2 tokens is not updated

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Not a defect
    • Affects Version/s: 12.0.2, 13.5.0
    • Fix Version/s: None
    • Component/s: monitoring, oauth2
    • Labels:
    • Sprint:
      AM Sustaining Sprint 28
    • Support Ticket IDs:

      Description

      According to documentation, enterprises.36733.1.2.3.4.1.1.3.4 is for "Cumulative count of deleted OAuth 2.0 tokens".
      This value is not increased when an Oauth2 token is deleted.

      Steps to reproduce:
      1. Enable SNMP monitoring in OpenAM
      2. Configure OpenAM with OAuth2 provider and client.
      3. Get an Oauth2 access token, for example:

      curl -X POST --user client:cangetin -H 'Cache-Control: no-cache' -d 'grant_type=password&username=demo&password=changeit&scope=cn' -k http://1350a.example.com:8080/openam/oauth2/access_token
      {"scope":"cn","expires_in":3599,"token_type":"Bearer","access_token":"8f194a1d-85c1-4252-b96d-4b23fcee7ad2"
      

      4. Confirm SNMP shows token exists:
      Total number of OAuth 2.0 tokens:

      Total number of OAuth 2.0 tokens
      snmpget -t 3000 -v2c -c public localhost:8085 enterprises.36733.1.2.3.5.1.1.3
      SNMPv2-SMI::enterprises.36733.1.2.3.5.1.1.3 = Counter64: 1
      

      5. Delete the token

      curl --request DELETE --header 'iplanetDirectoryPro: <admin token>' http://1350a.example.com:8080/openam/frrest/oauth2/token/8f194a1d-85c1-4252-b96d-4b23fcee7ad2
      {"_id":"8f194a1d-85c1-4252-b96d-4b23fcee7ad2","_rev":"-905677718","tokenName":["access_token"],"expireTime":["1474304757671"],"scope":["cn"],"grant_type":["password"],"clientID":["client"],"parent":[],"id":["8f194a1d-85c1-4252-b96d-4b23fcee7ad2"],"tokenType":["Bearer"],"auditTrackingId":["d36b5faa-6fe7-46cf-b0c3-3e8812078f2b-76"],"realm":["/"],"nonce":[],"redirectURI":[],"userName":["demo"]}
      

      6. Request 'Cumulative count of deleted OAuth 2.0 tokens'

      snmpget -t 3000 -v2c -c public localhost:8085 enterprises.36733.1.2.3.4.1.1.3.4
      SNMPv2-SMI::enterprises.36733.1.2.3.4.1.1.3.4 = Counter64: 0
      

      Allowing the CTS Reaper to delete the token does also not increase the counter.

        Attachments

          Activity

            People

            • Assignee:
              peter.major Peter Major [X] (Inactive)
              Reporter:
              andrew.dunn Andrew Dunn [X] (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 2h
                2h