Uploaded image for project: 'Identity Gateway'
  1. Identity Gateway
  2. OPENIG-1941

OAuth2 discovery fails with 500 Internal Server Error

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: 5.5.0
    • Fix Version/s: 5.5.0
    • Component/s: None
    • Labels:
      None
    • Environment:
      OS : OSX 10.12.6
      container : Tomcat 8.0.45
      jdk : 1.8.0_131
      AM 5.5.0-SNAPSHOT (SHA1 : not available / dated 2017/09/18)
    • Sprint:
      OpenIG Sprint 112

      Description

      While accessing a route with OAuth2 dynamyc registration (http://openig.example.com:18080/discovery), the access fails with 500 Internal Server Error.
      The same test is working fine with AM 14.1.0 or 14.1.1.

      config.json + routes + IG logs are attached

      logs of the route with error :

      15:40:21:877 | INFO  | http-nio-18080-exec-10 | o.f.o.d.c.C.M.Portal |
      
      --- (request) id:9ca24116-a0f9-4d7f-96d5-64a699de6205-32 --->
      
      GET http://openig.example.com:18080/discovery HTTP/1.1
      accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
      accept-encoding: gzip, deflate
      connection: keep-alive
      host: openig.example.com:18080
      upgrade-insecure-requests: 1
      user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.79 Safari/537.36
      Context's content as JSON:
      attributes:
      
      
      15:40:21:901 | INFO  | http-nio-18080-exec-10 | o.f.o.d.c.C.M.Portal |
      
      <--- (filtered-response) id:9ca24116-a0f9-4d7f-96d5-64a699de6205-32 ---
      
      HTTP/1.1 200 OK
      Content-Length: 1335
      
      [content-type not set: entity cannot be displayed]
      Context's content :
      attributes:
      
      
      15:40:22:638 | INFO  | http-nio-18080-exec-1 | o.f.o.d.c.C.M.Portal |
      
      --- (request) id:9ca24116-a0f9-4d7f-96d5-64a699de6205-34 --->
      
      GET http://openig.example.com:18080/discovery/login?discovery=http://app.example.com:8081&goto=http://openig.example.com:18080/discovery HTTP/1.1
      accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
      accept-encoding: gzip, deflate
      connection: keep-alive
      host: openig.example.com:18080
      referer: http://openig.example.com:18080/discovery
      upgrade-insecure-requests: 1
      user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.79 Safari/537.36
      Context's content as JSON:
      attributes:
      
      
      15:40:22:832 | WARN  | I/O dispatcher 3 | o.f.o.f.LogAttachedExceptionFilter | Response [Status: 500 Internal Server Error] to `http://openig.example.com:18080/discovery/login?discovery=http://app.example.com:8081&goto=http://openig.example.com:18080/discovery` carries an exception [txId:9ca24116-a0f9-4d7f-96d5-64a699de6205-34]
      org.forgerock.json.JsonValueException: /scopes: Expecting a java.util.List
      	at org.forgerock.json.JsonValue.expect(JsonValue.java:763)
      	at org.forgerock.json.JsonValue.asList(JsonValue.java:493)
      	at org.forgerock.openig.filter.oauth2.client.ClientRegistration.<init>(ClientRegistration.java:307)
      	at org.forgerock.openig.filter.oauth2.client.ClientRegistrationFilter.lambda$retrieveClientRegistration$1(ClientRegistrationFilter.java:146)
      	at org.forgerock.util.promise.PromiseImpl.lambda$then$6(PromiseImpl.java:369)
      	at org.forgerock.util.promise.PromiseImpl.handleCompletion(PromiseImpl.java:531)
      	at org.forgerock.util.promise.PromiseImpl.setState(PromiseImpl.java:572)
      	at org.forgerock.util.promise.PromiseImpl.tryHandleResult(PromiseImpl.java:258)
      	at org.forgerock.util.promise.PromiseImpl.handleResult(PromiseImpl.java:208)
      	at org.forgerock.util.promise.PromiseImpl.lambda$then$6(PromiseImpl.java:369)
      	at org.forgerock.util.promise.PromiseImpl.handleCompletion(PromiseImpl.java:531)
      	at org.forgerock.util.promise.PromiseImpl.setState(PromiseImpl.java:572)
      	at org.forgerock.util.promise.PromiseImpl.tryHandleResult(PromiseImpl.java:258)
      	at org.forgerock.util.promise.PromiseImpl.handleResult(PromiseImpl.java:208)
      	at org.forgerock.util.promise.PromiseImpl.lambda$then$6(PromiseImpl.java:369)
      	at org.forgerock.util.promise.PromiseImpl.handleCompletion(PromiseImpl.java:531)
      	at org.forgerock.util.promise.PromiseImpl.setState(PromiseImpl.java:572)
      	at org.forgerock.util.promise.PromiseImpl.tryHandleResult(PromiseImpl.java:258)
      	at org.forgerock.util.promise.PromiseImpl.handleResult(PromiseImpl.java:208)
      	at org.forgerock.http.apache.async.AsyncHttpClient$PromiseHttpAsyncResponseConsumer.responseCompleted(AsyncHttpClient.java:143)
      	at org.forgerock.http.apache.async.AsyncHttpClient$MdcAwareHttpAsyncResponseConsumer.responseCompleted(AsyncHttpClient.java:222)
      	at org.apache.http.impl.nio.client.MainClientExec.responseCompleted(MainClientExec.java:383)
      	at org.apache.http.impl.nio.client.DefaultClientExchangeHandlerImpl.responseCompleted(DefaultClientExchangeHandlerImpl.java:168)
      	at org.apache.http.nio.protocol.HttpAsyncRequestExecutor.processResponse(HttpAsyncRequestExecutor.java:436)
      	at org.apache.http.nio.protocol.HttpAsyncRequestExecutor.inputReady(HttpAsyncRequestExecutor.java:326)
      	at org.apache.http.impl.nio.DefaultNHttpClientConnection.consumeInput(DefaultNHttpClientConnection.java:265)
      	at org.apache.http.impl.nio.client.InternalIODispatch.onInputReady(InternalIODispatch.java:81)
      	at org.apache.http.impl.nio.client.InternalIODispatch.onInputReady(InternalIODispatch.java:39)
      	at org.apache.http.impl.nio.reactor.AbstractIODispatch.inputReady(AbstractIODispatch.java:114)
      	at org.apache.http.impl.nio.reactor.BaseIOReactor.readable(BaseIOReactor.java:162)
      	at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvent(AbstractIOReactor.java:337)
      	at org.apache.http.impl.nio.reactor.AbstractIOReactor.processEvents(AbstractIOReactor.java:315)
      	at org.apache.http.impl.nio.reactor.AbstractIOReactor.execute(AbstractIOReactor.java:276)
      	at org.apache.http.impl.nio.reactor.BaseIOReactor.execute(BaseIOReactor.java:104)
      	at org.apache.http.impl.nio.reactor.AbstractMultiworkerIOReactor$Worker.run(AbstractMultiworkerIOReactor.java:588)
      	at java.lang.Thread.run(Thread.java:748)
      
      

      To reproduce the issue :

      * update pyforge
      * launch : `python configure.py`
      * launch : `python run-pybot.py -s OIDC -t UI_Dynamic_Client_Registration_Should_Succeed -f -n ig`
      This will keep the servers alive once the error will be detected
      * do not forget to stop the servers while launching `python cleanup.py -f`
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                violette Violette Roche Montane
                Reporter:
                jcdevil Jean-Charles Deville
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: