[#OPENAM-13325] REST Endpoint /json/subjectattributes not working as documented

[OPENAM-13325] REST Endpoint /json/subjectattributes not working as documented Created: 10/Jul/18 Updated: 08/May/19
Status:	Open
Project:	OpenAM
Component/s:	API descriptor
Affects Version/s:	6.0.0.2, 6.5.0
Fix Version/s:	None

Type:

Bug

Priority:

Minor

Reporter:

Vincent Koldenhof

Assignee:

Unassigned

Resolution:

Unresolved

Votes:

Labels:

AME, EDISON

Remaining Estimate:

Not Specified

Time Spent:

Not Specified

Original Estimate:

Not Specified

Rank:

1|hzw9i7:

Support Ticket IDs:

Description

Bug description

In the AM-6-Authorization Guide on page 91 is a example on how to use the REST interface to query the subjects attributes. The example shows an "Accept-API-Version" header which does not work. When the example is executed the response is a

_{
"code": 500,
"reason": "Internal Server Error",
"message": "Can not start an object, expecting field name (context: Object)"
}_

How to reproduce the issue

Details steps outlining how to recreate the issue (remove this text)

Execute the example as described on page 91. and substitute the cookie value with a valid one.
OR, use the API-Explorer. This gives the same error message.

$ curl \

--header "iPlanetDirectoryPro: AQIC5..."

\

--header "Accept-API-Version: resource=1.0" \

https://openam.example.com:8443/openam/json/realms/root/subjectattributes/?_queryFilter=true

{

"result" : [

"sunIdentityServerPPInformalName",

"sunIdentityServerPPFacadeGreetSound",

"uid",

"manager",

"sunIdentityServerPPCommonNameMN",

"sunIdentityServerPPLegalIdentityGender",

"preferredLocale",

"...",

"...",

"..."

],

"resultCount": 87,

"pagedResultsCookie": null,

"remainingPagedResults": 0

}

Expected behaviour

List of attributes

Current behaviour

{
"code": 500,
"reason": "Internal Server Error",
"message": "Can not start an object, expecting field name (context: Object)"
}

Work around

If you provide the correct Header ""Accept-API-Version: protocol=1.0,resource=1.0" " it works.

Code analysis

Please also update the documentation and the api-explorer.

Comments

Comment by Cristina Herraz [ 10/Jul/18 ]

The endpoint is documented as it is in the API explorer. I've tested in 6.0 and I can repro the error 500 with the API explorer – however I don't know what's expected or if the endpoint requires any configuration behind the scenes.

Taken "documentation" from here so it can be triaged by dev.

Comment by James Phillpotts [ 27/Sep/18 ]

We shouldn't document to use an old version of the protocol - this endpoint should be made to work with the current (i.e. unspecified) protocol.

Comment by Sam Phua [ 03/May/19 ]

The current working syntax is

curl \ 
     --header "iPlanetDirectoryPro: AQIC5..." \ 
     --header "Accept-API-Version: resource=1.0, protocol=1.0" \ 
    https://openam.example.com:8443/openam/json/realms/root/subjectattributes/?_queryFilter=true 

{ "result" : [ "sunIdentityServerPPInformalName", "sunIdentityServerPPFacadeGreetSound", "uid", "manager", "sunIdentityServerPPCommonNameMN", "sunIdentityServerPPLegalIdentityGender", "preferredLocale", "...", "...", "..." ], "resultCount": 87, "pagedResultsCookie": null, "remainingPagedResults": 0 }

If we should not document to use an old version of protocol, this bug need to be fixed as we are still providing a documentation that does not work. This will generate unnecessary support ticket

Generated at Thu Feb 25 16:23:45 UTC 2021 using Jira 7.13.12#713012-sha1:6e07c38070d5191bbf7353952ed38f111754533a.