Hello,
We are running WSO2 IS 550 using self signed tokens,. However it seems that we
are not able to add any additional OpenID Claims to the JWT tokens. Whenever
mapping a claim in a Service Provider as per the below a null pointer
exceptions is thrown.
1. Enabled Self Signed Tokens in identity.xml
2. Configured new service provider
* Added email address in the claim configuration
[cid:[email protected]]
* Enabled OAuth.OpenID connect configuration
* Create a new scope for email
1. Whenever trying to get a token with a request
curl --request POST \
--url https://localhost:9443/oauth2/token \
--header 'content-type: application/x-www-form-urlencoded' \
--data
'grant_type=password&client_id=CLIENT-ID&client_secret=CLIENT-SECRET&username=foo&password=foopass&scope=openid%20esante'
the following error and stacktrace is returned
[2018-04-17 07:16:36,155] ERROR {org.wso2.carbon.identity.oauth2.OAuth2Service}
- Error occurred while issuing the access token for Client ID :
QWEQWEWQEsasdasda, User ID foo, Scope : [esante, openid] and Grant Type :
password
java.lang.NullPointerException
at
org.wso2.carbon.identity.oauth.tokenprocessor.HashingPersistenceProcessor.hash(HashingPersistenceProcessor.java:112)
at
org.wso2.carbon.identity.oauth.tokenprocessor.HashingPersistenceProcessor.getProcessedAccessTokenIdentifier(HashingPersistenceProcessor.java:77)
at
org.wso2.carbon.identity.oauth2.dao.AccessTokenDAOImpl.getTokenIdByAccessToken(AccessTokenDAOImpl.java:1512)
at
org.wso2.carbon.identity.oauth2.dao.AccessTokenDAOImpl.getTokenIdByAccessToken(AccessTokenDAOImpl.java:1477)
at
org.wso2.carbon.identity.openidconnect.dao.RequestObjectDAOImpl.getRequestedClaims(RequestObjectDAOImpl.java:258)
at
org.wso2.carbon.identity.openidconnect.RequestObjectService.getRequestedClaims(RequestObjectService.java:78)
at
org.wso2.carbon.identity.openidconnect.RequestObjectService.getRequestedClaimsForIDToken(RequestObjectService.java:94)
at
org.wso2.carbon.identity.openidconnect.DefaultOIDCClaimsCallbackHandler.filterClaimsFromRequestObject(DefaultOIDCClaimsCallbackHandler.java:210)
at
org.wso2.carbon.identity.openidconnect.DefaultOIDCClaimsCallbackHandler.filterOIDCClaims(DefaultOIDCClaimsCallbackHandler.java:192)
at
org.wso2.carbon.identity.openidconnect.DefaultOIDCClaimsCallbackHandler.filterOIDCClaims(DefaultOIDCClaimsCallbackHandler.java:164)
at
org.wso2.carbon.identity.openidconnect.DefaultOIDCClaimsCallbackHandler.getUserClaimsInOIDCDialect(DefaultOIDCClaimsCallbackHandler.java:150)
at
org.wso2.carbon.identity.openidconnect.DefaultOIDCClaimsCallbackHandler.handleCustomClaims(DefaultOIDCClaimsCallbackHandler.java:84)
at
org.wso2.carbon.identity.oauth2.token.JWTTokenIssuer.handleCustomClaims(JWTTokenIssuer.java:500)
at
org.wso2.carbon.identity.oauth2.token.JWTTokenIssuer.createJWTClaimSet(JWTTokenIssuer.java:403)
at
org.wso2.carbon.identity.oauth2.token.JWTTokenIssuer.buildJWTToken(JWTTokenIssuer.java:160)
at
org.wso2.carbon.identity.oauth2.token.JWTTokenIssuer.accessToken(JWTTokenIssuer.java:111)
at
org.wso2.carbon.identity.oauth2.token.handlers.grant.AbstractAuthorizationGrantHandler.getNewAccessToken(AbstractAuthorizationGrantHandler.java:391)
at
org.wso2.carbon.identity.oauth2.token.handlers.grant.AbstractAuthorizationGrantHandler.createNewTokenBean(AbstractAuthorizationGrantHandler.java:314)
at
org.wso2.carbon.identity.oauth2.token.handlers.grant.AbstractAuthorizationGrantHandler.generateNewAccessTokenResponse(AbstractAuthorizationGrantHandler.java:268)
at
org.wso2.carbon.identity.oauth2.token.handlers.grant.AbstractAuthorizationGrantHandler.issue(AbstractAuthorizationGrantHandler.java:129)
at
org.wso2.carbon.identity.oauth2.token.AccessTokenIssuer.issue(AccessTokenIssuer.java:274)
at
org.wso2.carbon.identity.oauth2.OAuth2Service.issueAccessToken(OAuth2Service.java:225)
at
org.wso2.carbon.identity.oauth.endpoint.token.OAuth2TokenEndpoint.issueAccessToken(OAuth2TokenEndpoint.java:293)
at
org.wso2.carbon.identity.oauth.endpoint.token.OAuth2TokenEndpoint.issueAccessToken(OAuth2TokenEndpoint.java:89)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at
org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:188)
at
org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:104)
at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:204)
at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:101)
at
org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:58)
at
org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:94)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
at
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:249)
at
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:248)
at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:222)
at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:153)
at
org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:171)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:289)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:209)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:650)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:265)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.wso2.carbon.webapp.mgt.filter.AuthorizationHeaderFilter.doFilter(AuthorizationHeaderFilter.java:85)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventionFilter.doFilter(ContentTypeBasedCachePreventionFilter.java:53)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:124)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
com.thetransactioncompany.cors.CORSFilter.doFilter(CORSFilter.java:168)
at
com.thetransactioncompany.cors.CORSFilter.doFilter(CORSFilter.java:233)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:110)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
at
org.wso2.carbon.identity.context.rewrite.valve.TenantContextRewriteValve.invoke(TenantContextRewriteValve.java:80)
at
org.wso2.carbon.identity.authz.valve.AuthorizationValve.invoke(AuthorizationValve.java:91)
at
org.wso2.carbon.identity.auth.valve.AuthenticationValve.invoke(AuthenticationValve.java:60)
at
org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99)
at
org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47)
at
org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:57)
at
org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47)
at
org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62)
at
org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:159)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:962)
at
org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:445)
at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1115)
at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1775)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1734)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at
org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
Any help or insights would be greatly appreciated.
Thank you,
Ciprian Sabolovits
CONFIDENTIALITY NOTICE: This email message and any attachments are for the sole
use of the intended recipient(s) and may contain confidential information of
Cognosante Holdings, LLC and/or its subsidiaries, including Cognosante, LLC,
Cognosante Consulting, LLC, and Cognosante MVH, LLC and is protected by law. If
you have received this in error, please reply to the sender and delete it from
your system. If you are the intended recipient, you may use the information
contained in this message and any files attached only as authorized.
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev
