Hi Ciprian, The issue is reproducible in default 5.5.0 pack when requesting a self-contained access token with requested claims. Created a git issue to track the issue [1].
[1] https://github.com/wso2/product-is/issues/3086 Thanks, Nila. On Tue, Apr 17, 2018 at 6:51 PM, Ciprian Sabolovits < [email protected]> wrote: > Hello, > > > > We are running WSO2 IS 550 using self signed tokens,. However it seems > that we are not able to add any additional OpenID Claims to the JWT tokens. > Whenever mapping a claim in a Service Provider as per the below a null > pointer exceptions is thrown. > > > > 1. Enabled Self Signed Tokens in identity.xml > 2. Configured new service provider > 1. Added email address in the claim configuration > > > 1. Enabled OAuth.OpenID connect configuration > 2. Create a new scope for email > 1. Whenever trying to get a token with a request > > > > curl --request POST \ > > --url https://localhost:9443/oauth2/token \ > > --header 'content-type: application/x-www-form-urlencoded' \ > > --data 'grant_type=password&client_id=CLIENT-ID&client_secret= > CLIENT-SECRET&username=foo&password=foopass&scope=openid%20esante' > > > > the following error and stacktrace is returned > > > > [2018-04-17 07:16:36,155] ERROR > {org.wso2.carbon.identity.oauth2.OAuth2Service} > - Error occurred while issuing the access token for Client ID : > QWEQWEWQEsasdasda, User ID foo, Scope : [esante, openid] and Grant Type : > password > > java.lang.NullPointerException > > at org.wso2.carbon.identity.oauth.tokenprocessor. > HashingPersistenceProcessor.hash(HashingPersistenceProcessor.java:112) > > at org.wso2.carbon.identity.oauth.tokenprocessor. > HashingPersistenceProcessor.getProcessedAccessTokenIdentifier( > HashingPersistenceProcessor.java:77) > > at org.wso2.carbon.identity.oauth2.dao.AccessTokenDAOImpl. > getTokenIdByAccessToken(AccessTokenDAOImpl.java:1512) > > at org.wso2.carbon.identity.oauth2.dao.AccessTokenDAOImpl. > getTokenIdByAccessToken(AccessTokenDAOImpl.java:1477) > > at org.wso2.carbon.identity.openidconnect.dao. > RequestObjectDAOImpl.getRequestedClaims(RequestObjectDAOImpl.java:258) > > at org.wso2.carbon.identity.openidconnect.RequestObjectService. > getRequestedClaims(RequestObjectService.java:78) > > at org.wso2.carbon.identity.openidconnect.RequestObjectService. > getRequestedClaimsForIDToken(RequestObjectService.java:94) > > at org.wso2.carbon.identity.openidconnect. > DefaultOIDCClaimsCallbackHandler.filterClaimsFromRequestObject( > DefaultOIDCClaimsCallbackHandler.java:210) > > at org.wso2.carbon.identity.openidconnect. > DefaultOIDCClaimsCallbackHandler.filterOIDCClaims( > DefaultOIDCClaimsCallbackHandler.java:192) > > at org.wso2.carbon.identity.openidconnect. > DefaultOIDCClaimsCallbackHandler.filterOIDCClaims( > DefaultOIDCClaimsCallbackHandler.java:164) > > at org.wso2.carbon.identity.openidconnect. > DefaultOIDCClaimsCallbackHandler.getUserClaimsInOIDCDialect( > DefaultOIDCClaimsCallbackHandler.java:150) > > at org.wso2.carbon.identity.openidconnect. > DefaultOIDCClaimsCallbackHandler.handleCustomClaims( > DefaultOIDCClaimsCallbackHandler.java:84) > > at org.wso2.carbon.identity.oauth2.token.JWTTokenIssuer. > handleCustomClaims(JWTTokenIssuer.java:500) > > at org.wso2.carbon.identity.oauth2.token.JWTTokenIssuer. > createJWTClaimSet(JWTTokenIssuer.java:403) > > at org.wso2.carbon.identity.oauth2.token.JWTTokenIssuer. > buildJWTToken(JWTTokenIssuer.java:160) > > at org.wso2.carbon.identity.oauth2.token.JWTTokenIssuer. > accessToken(JWTTokenIssuer.java:111) > > at org.wso2.carbon.identity.oauth2.token.handlers.grant. > AbstractAuthorizationGrantHandler.getNewAccessToken( > AbstractAuthorizationGrantHandler.java:391) > > at org.wso2.carbon.identity.oauth2.token.handlers.grant. > AbstractAuthorizationGrantHandler.createNewTokenBean( > AbstractAuthorizationGrantHandler.java:314) > > at org.wso2.carbon.identity.oauth2.token.handlers.grant. > AbstractAuthorizationGrantHandler.generateNewAccessTokenResponse( > AbstractAuthorizationGrantHandler.java:268) > > at org.wso2.carbon.identity.oauth2.token.handlers.grant. > AbstractAuthorizationGrantHandler.issue(AbstractAuthorizationGrantHand > ler.java:129) > > at org.wso2.carbon.identity.oauth2.token.AccessTokenIssuer.issue( > AccessTokenIssuer.java:274) > > at org.wso2.carbon.identity.oauth2.OAuth2Service.issueAccessToken( > OAuth2Service.java:225) > > at org.wso2.carbon.identity.oauth.endpoint.token. > OAuth2TokenEndpoint.issueAccessToken(OAuth2TokenEndpoint.java:293) > > at org.wso2.carbon.identity.oauth.endpoint.token. > OAuth2TokenEndpoint.issueAccessToken(OAuth2TokenEndpoint.java:89) > > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > > at sun.reflect.NativeMethodAccessorImpl.invoke( > NativeMethodAccessorImpl.java:62) > > at sun.reflect.DelegatingMethodAccessorImpl.invoke( > DelegatingMethodAccessorImpl.java:43) > > at java.lang.reflect.Method.invoke(Method.java:498) > > at org.apache.cxf.service.invoker.AbstractInvoker. > performInvocation(AbstractInvoker.java:188) > > at org.apache.cxf.service.invoker.AbstractInvoker. > invoke(AbstractInvoker.java:104) > > at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:204) > > at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:101) > > at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1. > run(ServiceInvokerInterceptor.java:58) > > at org.apache.cxf.interceptor.ServiceInvokerInterceptor. > handleMessage(ServiceInvokerInterceptor.java:94) > > at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept( > PhaseInterceptorChain.java:272) > > at org.apache.cxf.transport.ChainInitiationObserver.onMessage( > ChainInitiationObserver.java:121) > > at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke( > AbstractHTTPDestination.java:249) > > at org.apache.cxf.transport.servlet.ServletController. > invokeDestination(ServletController.java:248) > > at org.apache.cxf.transport.servlet.ServletController. > invoke(ServletController.java:222) > > at org.apache.cxf.transport.servlet.ServletController. > invoke(ServletController.java:153) > > at org.apache.cxf.transport.servlet.CXFNonSpringServlet. > invoke(CXFNonSpringServlet.java:171) > > at org.apache.cxf.transport.servlet.AbstractHTTPServlet. > handleRequest(AbstractHTTPServlet.java:289) > > at org.apache.cxf.transport.servlet.AbstractHTTPServlet. > doPost(AbstractHTTPServlet.java:209) > > at javax.servlet.http.HttpServlet.service(HttpServlet.java:650) > > at org.apache.cxf.transport.servlet.AbstractHTTPServlet. > service(AbstractHTTPServlet.java:265) > > at org.apache.catalina.core.ApplicationFilterChain. > internalDoFilter(ApplicationFilterChain.java:303) > > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:208) > > at org.apache.tomcat.websocket.server.WsFilter.doFilter( > WsFilter.java:52) > > at org.apache.catalina.core.ApplicationFilterChain. > internalDoFilter(ApplicationFilterChain.java:241) > > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:208) > > at org.wso2.carbon.webapp.mgt.filter.AuthorizationHeaderFilter. > doFilter(AuthorizationHeaderFilter.java:85) > > at org.apache.catalina.core.ApplicationFilterChain. > internalDoFilter(ApplicationFilterChain.java:241) > > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:208) > > at org.wso2.carbon.ui.filters.cache.ContentTypeBasedCachePreventio > nFilter.doFilter(ContentTypeBasedCachePreventionFilter.java:53) > > at org.apache.catalina.core.ApplicationFilterChain. > internalDoFilter(ApplicationFilterChain.java:241) > > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:208) > > at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter( > HttpHeaderSecurityFilter.java:124) > > at org.apache.catalina.core.ApplicationFilterChain. > internalDoFilter(ApplicationFilterChain.java:241) > > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:208) > > at com.thetransactioncompany.cors.CORSFilter.doFilter( > CORSFilter.java:168) > > at com.thetransactioncompany.cors.CORSFilter.doFilter( > CORSFilter.java:233) > > at org.apache.catalina.core.ApplicationFilterChain. > internalDoFilter(ApplicationFilterChain.java:241) > > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:208) > > at org.apache.catalina.core.StandardWrapperValve.invoke( > StandardWrapperValve.java:219) > > at org.apache.catalina.core.StandardContextValve.invoke( > StandardContextValve.java:110) > > at org.apache.catalina.core.StandardHostValve.invoke( > StandardHostValve.java:169) > > at org.apache.catalina.valves.ErrorReportValve.invoke( > ErrorReportValve.java:103) > > at org.wso2.carbon.identity.context.rewrite.valve. > TenantContextRewriteValve.invoke(TenantContextRewriteValve.java:80) > > at org.wso2.carbon.identity.authz.valve.AuthorizationValve.invoke( > AuthorizationValve.java:91) > > at org.wso2.carbon.identity.auth.valve.AuthenticationValve. > invoke(AuthenticationValve.java:60) > > at org.wso2.carbon.tomcat.ext.valves.CompositeValve. > continueInvocation(CompositeValve.java:99) > > at org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1. > invoke(CarbonTomcatValve.java:47) > > at org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke( > TenantLazyLoaderValve.java:57) > > at org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer. > invokeValves(TomcatValveContainer.java:47) > > at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke( > CompositeValve.java:62) > > at org.wso2.carbon.tomcat.ext.valves. > CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValv > e.java:159) > > at org.apache.catalina.valves.AccessLogValve.invoke( > AccessLogValve.java:962) > > at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve. > invoke(CarbonContextCreatorValve.java:57) > > at org.apache.catalina.core.StandardEngineValve.invoke( > StandardEngineValve.java:116) > > at org.apache.catalina.connector.CoyoteAdapter.service( > CoyoteAdapter.java:445) > > at org.apache.coyote.http11.AbstractHttp11Processor.process( > AbstractHttp11Processor.java:1115) > > at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler. > process(AbstractProtocol.java:637) > > at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor. > doRun(NioEndpoint.java:1775) > > at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor. > run(NioEndpoint.java:1734) > > at java.util.concurrent.ThreadPoolExecutor.runWorker( > ThreadPoolExecutor.java:1149) > > at java.util.concurrent.ThreadPoolExecutor$Worker.run( > ThreadPoolExecutor.java:624) > > at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run( > TaskThread.java:61) > > at java.lang.Thread.run(Thread.java:748) > > > > > > Any help or insights would be greatly appreciated. > > > > Thank you, > > Ciprian Sabolovits > CONFIDENTIALITY NOTICE: This email message and any attachments are for the > sole use of the intended recipient(s) and may contain confidential > information of Cognosante Holdings, LLC and/or its subsidiaries, including > Cognosante, LLC, Cognosante Consulting, LLC, and Cognosante MVH, LLC and is > protected by law. If you have received this in error, please reply to the > sender and delete it from your system. If you are the intended recipient, > you may use the information contained in this message and any files > attached only as authorized. > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Nilasini Thirunavukkarasu Software Engineer - WSO2 Email : [email protected] Mobile : +94775241823 Web : http://wso2.com/ <http://wso2.com/signature>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
