[OPENAM-5786] Creating an UMA resource in the AS sends an error message Created: 08/Apr/15  Updated: 22/Apr/15  Resolved: 10/Apr/15

Status: Closed
Project: OpenAM
Component/s: UMA, XUI
Affects Version/s: 13.0.0
Fix Version/s: 13.0.0

Type: Bug Priority: Major
Reporter: Victor Ake Assignee: James Phillpotts
Resolution: Fixed Votes: 0
Labels: AME, TESLA
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

OpenAM 13.0 Build 13252
Embedded Conf store and User, and everything


Issue Links:
Relates
relates to OPENAM-5805 Sharing resources fails Resolved
Rank: 1|hzlq7b:
Sprint: Sprint 83 - Team Tesla
QA Assignee: Alex Walker [X] (Inactive)

 Description   

When creating a resource set in OpenAM using the REST interface, an error message is received from time to time (well, most of the time, it sometimes works when one "updates" the Policy Agent Config, i.e. a simple save can do it) instead of receiving the resource set id of the resource just created.

1. Get a PAT
$ curl --request POST --header "Content-Type: application/x-www-form-urlencoded" --data "client_id=RSClient&client_secret=cangetin&grant_type=password&scope=uma_protection&username=alice&password=changeit" http://as.uma.com:8080/openam/oauth2/access_token

{"scope":"uma_protection","expires_in":299,"token_type":"Bearer","refresh_token" ;:"05478ce6-55a0-4646-a06b-3d1709aa162c","access_token":"38b470e6-28a0-48ad-8941-d5f580b58aca"}

2. Add a resource set
$ curl --request POST --header "Authorization: Bearer 38b470e6-28a0-48ad-8941-d5f580b58aca" -d '

{ "name": "example2", "scopes": [ "http://rs.uma.com:9001/data/scopes/view"; ], "type": "http://rs.uma.com:9001/data/album"; }

' http://as.uma.com:8080/openam/oauth2/resource_set

3. Instead of receiving this:

{"_id":"5d968665-7e77-4eed-baab-81860dcb85fc18","user_access_policy_uri":"http://as.uma.com:8080/openam/XUI/#uma/share/5d968665-7e77-4eed-baab-81860dcb85fc18";}

Almost always, one gets:

{"error":"server_error","error_description":null}

A restart of the OpenAM, and sometimes re-saving the OAuth2/OIDC Client can fix it, but it is most of the time consistent with the error.



 Comments   
Comment by James Phillpotts [ 10/Apr/15 ]

Changes in the policy engine caused this. This issue is fixed, but there is another issue uncovered where the policy engine's ResourceType now restricts the action values that can be used, which in UMA are not known up front. Raised OPENAM-5805 for this.

Comment by Alex Walker [X] (Inactive) [ 22/Apr/15 ]

Verified fix in OpenAM 13.0.0-SNAPSHOT Build 13537 (2015-April-22 02:55)

Generated at Tue Mar 09 10:26:44 UTC 2021 using Jira 7.13.12#713012-sha1:6e07c38070d5191bbf7353952ed38f111754533a.