You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2016/12/02 16:07:58 UTC
[jira] [Commented] (CXF-7161) OIDC Dynamic Registration : NPE for
implicit grant_types
[ https://issues.apache.org/jira/browse/CXF-7161?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15715508#comment-15715508 ]
ASF GitHub Bot commented on CXF-7161:
-------------------------------------
GitHub user gonzalad opened a pull request:
https://github.com/apache/cxf/pull/209
CXF-7161: OIDC dynreg : NPE for implicit grant
When clientSecret is null, we don't return anymore
clientSecret JSON node in the response (it's marked
as OPTIONAL in OIDC Connect Registration 1.0 specs).
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/gonzalad/cxf CXF-7161
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/cxf/pull/209.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #209
----
commit df4c5f865eaf79aca45170fa757c5a8e7188e79e
Author: gonzalad <ad...@yahoo.fr>
Date: 2016-12-02T16:03:28Z
CXF-7161: OIDC dynreg : NPE for implicit grant
When clientSecret is null, we don't return anymore
clientSecret JSON node in the response (it's marked
as OPTIONAL in OIDC Connect Registration 1.0 specs).
----
> OIDC Dynamic Registration : NPE for implicit grant_types
> --------------------------------------------------------
>
> Key: CXF-7161
> URL: https://issues.apache.org/jira/browse/CXF-7161
> Project: CXF
> Issue Type: Bug
> Affects Versions: 3.1.8
> Reporter: gonzalad
> Priority: Trivial
>
> Im using OIDC Dynamic Reg to register an implicit flow client.
> I get an NPE when I send this JSON :
> {
> "client_name":"IAM UI",
> "token_endpoint_auth_method":"client_secret_basic",
> "redirect_uris": [ "http://localhost:7070/callback" ],
> "grant_types":[
> "implicit"
> ]
> }
> The NPE is generated because clientSecret attribute of ClientRegistrationResponse is null.
> Otherwise dynamic registration works fine with default grant_types.
> {code}
> syncope_1 | 2016-12-02 14:52:08,311 [http-apr-9080-exec-6] WARN org.apache.cxf.phase.PhaseInterceptorChain - Interceptor for {http://idp.oidc.security.rs.cxf.apache.org/}OidcDynamicRegistrationService has thrown exception, unwinding now
> syncope_1 | org.apache.cxf.interceptor.Fault
> syncope_1 | at org.apache.cxf.jaxrs.interceptor.JAXRSOutInterceptor.handleWriteException(JAXRSOutInterceptor.java:391)
> syncope_1 | at org.apache.cxf.jaxrs.interceptor.JAXRSOutInterceptor.serializeMessage(JAXRSOutInterceptor.java:266)
> syncope_1 | at org.apache.cxf.jaxrs.interceptor.JAXRSOutInterceptor.processResponse(JAXRSOutInterceptor.java:120)
> syncope_1 | at org.apache.cxf.jaxrs.interceptor.JAXRSOutInterceptor.handleMessage(JAXRSOutInterceptor.java:83)
> syncope_1 | at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308)
> syncope_1 | at org.apache.cxf.interceptor.OutgoingChainInterceptor.handleMessage(OutgoingChainInterceptor.java:83)
> syncope_1 | at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308)
> syncope_1 | at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
> syncope_1 | at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:252)
> syncope_1 | at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234)
> syncope_1 | at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208)
> syncope_1 | at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160)
> syncope_1 | at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:180)
> syncope_1 | at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:299)
> syncope_1 | at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:218)
> syncope_1 | at javax.servlet.http.HttpServlet.service(HttpServlet.java:648)
> syncope_1 | at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:274)
> syncope_1 | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:292)
> syncope_1 | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
> syncope_1 | at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
> syncope_1 | at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:240)
> syncope_1 | at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:207)
> syncope_1 | at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:212)
> syncope_1 | at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:106)
> syncope_1 | at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502)
> syncope_1 | at org.apache.cxf.fediz.tomcat8.FederationAuthenticator.invoke(FederationAuthenticator.java:183)
> syncope_1 | at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:141)
> syncope_1 | at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:79)
> syncope_1 | at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:616)
> syncope_1 | at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:88)
> syncope_1 | at org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:676)
> syncope_1 | at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:509)
> syncope_1 | at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1104)
> syncope_1 | at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:684)
> syncope_1 | at org.apache.tomcat.util.net.AprEndpoint$SocketWithOptionsProcessor.run(AprEndpoint.java:2445)
> syncope_1 | at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
> syncope_1 | at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
> syncope_1 | at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
> syncope_1 | at java.lang.Thread.run(Thread.java:745)
> syncope_1 | Caused by: java.lang.NullPointerException
> syncope_1 | at org.apache.cxf.common.util.StringUtils.toBytes(StringUtils.java:208)
> syncope_1 | at org.apache.cxf.common.util.StringUtils.toBytesUTF8(StringUtils.java:201)
> syncope_1 | at org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter$StreamOutput.append(JsonMapObjectReaderWriter.java:308)
> syncope_1 | at org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter.toJsonInternal(JsonMapObjectReaderWriter.java:100)
> syncope_1 | at org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter.toJsonInternal(JsonMapObjectReaderWriter.java:78)
> syncope_1 | at org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter.toJson(JsonMapObjectReaderWriter.java:69)
> syncope_1 | at org.apache.cxf.jaxrs.json.basic.JsonMapObjectReaderWriter.toJson(JsonMapObjectReaderWriter.java:65)
> syncope_1 | at org.apache.cxf.jaxrs.provider.json.JsonMapObjectProvider.writeTo(JsonMapObjectProvider.java:59)
> syncope_1 | at org.apache.cxf.jaxrs.provider.json.JsonMapObjectProvider.writeTo(JsonMapObjectProvider.java:40)
> syncope_1 | at org.apache.cxf.jaxrs.utils.JAXRSUtils.writeMessageBody(JAXRSUtils.java:1404)
> syncope_1 | at org.apache.cxf.jaxrs.interceptor.JAXRSOutInterceptor.serializeMessage(JAXRSOutInterceptor.java:244)
> syncope_1 | ... 37 more
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)