jans
jans copied to clipboard
Published
20 hours ago •
JanssenProject
JanssenProject
fix(jans-auth-server): unexpected output of well-known/openid-configuration on first request
Describe the bug
Requesting /.well-known/openid-configuration for the first time (after installation/container deployment) returns unexpected output for grant_types_supported and response_mode_supported as seen below:
{
"grant_types_supported": [
"RESOURCE_OWNER_PASSWORD_CREDENTIALS",
"CLIENT_CREDENTIALS",
"OXAUTH_UMA_TICKET",
"DEVICE_CODE",
"IMPLICIT",
"AUTHORIZATION_CODE",
"REFRESH_TOKEN"
],
"response_modes_supported": [
"FORM_POST",
"FRAGMENT",
"FORM_POST_JWT",
"QUERY_JWT",
"FRAGMENT_JWT",
"JWT",
"QUERY"
]
}
Subsequent requests to the same URL give expected output:
{
"grant_types_supported": [
"password",
"client_credentials",
"urn:ietf:params:oauth:grant-type:uma-ticket",
"urn:ietf:params:oauth:grant-type:device_code",
"implicit",
"authorization_code",
"refresh_token"
],
"response_modes_supported": [
"form_post",
"fragment",
"form_post.jwt",
"query.jwt",
"fragment.jwt",
"jwt",
"query"
]
}
To Reproduce
Steps to reproduce the behavior:
- Install Janssen Server using
jans-linux-setup - Wait installation finished
- Make a request to
https://$HOSTNAME/.well-known/openid-configuration - See unexpected output of
grant_types_supportedandresponse_mode_supported - Make another request to
https://$HOSTNAME/.well-known/openid-configuration - The output of
grant_types_supportedandresponse_mode_supportedare expected
Expected behavior
Requests to /.well-known/openid-configuration should give consistent output:
{
"grant_types_supported": [
"password",
"client_credentials",
"urn:ietf:params:oauth:grant-type:uma-ticket",
"urn:ietf:params:oauth:grant-type:device_code",
"implicit",
"authorization_code",
"refresh_token"
],
"response_modes_supported": [
"form_post",
"fragment",
"form_post.jwt",
"query.jwt",
"fragment.jwt",
"jwt",
"query"
]
}
Desktop (please complete the following information):
- OS: Ubuntu 20.04/Alpine 3.16
- Browser Firefox / cURL
Additional context
- Both openbanking and default distribution is affected.
- Both VM and CN installation is affected
- Support ticket 10706
