Uploaded image for project: 'Identity Gateway'
  1. Identity Gateway
  2. OPENIG-1007

ClientRegistration : clientId must not contain spaces

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Won't Fix
    • Affects Version/s: 4.5.0, 5.0.0
    • Fix Version/s: 4.5.0, 5.0.0
    • Component/s: OAuth 2.0
    • Labels:
      None

      Description

      In the following part of configuration, clientId contains a space character ' '.

      {
          "config": {
              "clientId": "client for_oauth2refreshtoken_tests",
              "clientSecret": "password",
              "issuer": "openam",
              "scopes": [
                  "myscope"
              ]
          },
          "name": "OpenAM_RefreshToken",
          "type": "ClientRegistration"
      }
      

      As a consequence, the when accessing the route having an OAuth2ClientFilter referencing this ClientRegistration, I get the following error in the OpenIG logs :

      TUE MAY 17 17:25:06 CEST 2016 ERROR {OAuth2ClientFilter}/heap/0/config/bindings/0/handler/config/filters/0 --- error="invalid_grant", error_description="The provided access grant is invalid, expired, or revoked."
      

      It seems the clientId is not correctly urlEncoded when sending requests to the IDP (in this case : OpenAM)

      To reproduce usIng PyForge :
      1-Edit the file /PyForge/PyBot/OpenIG/testcases/functional/Filters_python/OAuth2ClientFilter/RefreshToken/Oauth2RefreshToken.py
      update the client_name : from `client_for_oauth2refreshtoken_tests` to `test with spaces` (client name is used both in OpenAM configuration and OpenIG route)
      2-Launch the test via the command :

      python run-pybot.py -s *oauth2refreshtoken -f openig
      

        Attachments

          Activity

            People

            • Assignee:
              violette Violette Roche Montane
              Reporter:
              jcdevil Jean-Charles Deville
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: