[AAA-75] domain contains garbage characters when authenticating Created: 08/Dec/15  Updated: 03/Oct/23

Status: Confirmed
Project: aaa
Component/s: General
Affects Version/s: None
Fix Version/s: None

Type: Improvement
Reporter: Sharon Aicler Assignee: Unassigned
Resolution: Unresolved Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Operating System: All
Platform: All

Issue Links:
Cloners
is cloned by AAA-157 Unable to create OAuth2 token for new... Open

 Description   

When doing the following curl (which used to work), authentication fails.

curl -k -X POST -H "Content-Type: application/x-www-form-urlencoded" http://127.0.0.1:8181/oauth2/token -d "grant_type=password&username=admin&password=admin&scope=sdn"​

the response is:

{"error":"Domain :sdn\u200b does not exist"}

 Comments   
Comment by Ryan Goulding [ 09/Dec/15 ]

Try the following instead:

curl -k -X POST -H "Content-Type: application/json" http://127.0.0.1:8181/oauth2/token -d "grant_type=password&username=admin&password=admin&scope=sdn"​

The above works for me.

Comment by Ryan Goulding [ 14/Dec/15 ]

Works when "application/json" header is used.

Comment by Vratko Polak [ 21/Dec/15 ]

> "grant_type=password&username=admin&password=admin&scope=sdn"​

That is not a string containing JSON encoded object. But it is an URL-encoded www form.
I wonder why user has to specify invalid content-type to get correct behavior.

Comment by Ryan Goulding [ 21/Dec/15 ]

I am not the original author of this code; they have long since left this project. I received documentation concerning use of the token endpoint, and that always mentioned using the application/json content type; However, that does not mean it is right... let me take a closer look by reopening and taking this one.

TokenEndpoint is the backing HttpServlet implementation for the /oauth2/token endpoint. It looks like whoever wrote the Java code assumed the payload would be in a certain format (incorrectly). We can use this bug to track it... my guess is this has been an issue for a very long time and people just accepted it in its broken form.

Comment by Ryan Goulding [ 02/Feb/16 ]

Workaround for when this happens; delete idmlight.db.* and restart karaf. Working on the proper fix though.

Comment by Ryan Goulding [ 08/Feb/16 ]

De-escalating since a workaround exists.

Generated at Wed Feb 07 19:08:34 UTC 2024 using Jira 8.20.10#820010-sha1:ace47f9899e9ee25d7157d59aa17ab06aee30d3d.