Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-13683

Using an expired token returns an HTTP 500 error

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: OpenIDM 6.0.0, 6.0.0.5, 6.5.0.1
    • Fix Version/s: 7.0.0, 6.5.0.2, 6.0.0.6
    • Labels:
    • Environment:
      AM 6.0.0.7 and IDM 6.0.0

      Description

      With IDM and AM configured for Full Stack integration trying to change a user's email with an expired token results in an HTTP 500 error instead of a 4xx error.

       

      Steps to reproduce:

      Login to get DataStore token:

      1. curl -X POST "<URL>/login" -H "accept: application/json" -H "Authorization: Bearer <DATASTORETOKEN>" -H "Content-Type: application/json" -d "{ \"appName\": \"<APPNAME>\", \"clientID\": \"<CLIENTID>\", \"clientSecret\": \"<SECRET>\", \"corpCode\": \"CP\", \"grantType\": \"password\", \"password\": \"<PWD>\", \"scope\": \"openid profile\", \"userID\": \"testemail123478\"}"

      2. after token is generated wait for it to expire

      Change email address on profile:

      3. curl -X PUT "<URL>/users/email" -H "accept: application/json" -H "newEmail: test@test.com" -H "selfServiceToken: <TOKEN>" -H "Authorization: Bearer <access_token>"

       

       

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                krismy.alfaro Krismy Alfaro
                Reporter:
                tom.jones Tom Jones
              • Votes:
                0 Vote for this issue
                Watchers:
                9 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: