Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-9755

Creating an OAuth2 Provider in sub-realm shows error if the claims script in global settings is not default

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 13.5.0
    • Fix Version/s: 14.0.0
    • Component/s: oauth2, scripting
    • Labels:
      None
    • Support Ticket IDs:

      Description

      Problem description

      Creating an OAuth 2 Provider (via the 'Configure OAuth Provider' Common Task) in a sub-realm displays an error if the 'OIDC Claims Script' in the global settings as has been changed from the default.

      To reproduce

      1). Create a new custom OIDC Claims Script in the top level realm.

      2). Under Configuration > Global > OAuth2 Provider set the 'OIDC Claims Script' field to the new custom script.

      3). Create a sub-realm and then click the Configure OAuth Provider > Configure OAuth 2.0 common task. Keep the defaults and click Create. The following error is seen in the browser:

      An error occurred while trying to create the OAuth2 Provider. 
      

      From the Configuration debug log:

      ERROR: An error occurred while trying to create the OAuth2 Provider.
      Message:Data validation failed for the attribute, forgerock-oauth2-provider-oidc-claims-extension-script
              at com.sun.identity.sm.AttributeValidator.validate(AttributeValidator.java:410)
              at com.sun.identity.sm.ServiceSchemaImpl.validateAttrValues(ServiceSchemaImpl.java:591)
              at com.sun.identity.sm.ServiceSchemaImpl.validateAttributes(ServiceSchemaImpl.java:345)
      ...
      

      Expected behaviour

      A more informative error dialog should be presented so the end-user can identify the source of the issue or a more complete fix would allow this scenario to complete.

        Attachments

          Activity

            People

            • Assignee:
              peter.major Peter Major [X] (Inactive)
              Reporter:
              andy.itter Andy Itter
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: