iam
iam copied to clipboard
indigo-iam
Error when trying to access the `userinfo` endpoint with an active client access token
Hello,
I was doing some (weird) tests with the IAM API (using the docker container provided in the documentation) when I found this "bug".
I know it makes no sense to use a client access token to access the userinfo endpoint, but I find different responses regarding whether the client access token is active or expired.
Here is the result with an expired client access token:
$ curl -H "Authorization: Bearer $OLD_CLIENT_ACCESS_TOKEN" http://localhost:8080/userinfo
{
"error":"invalid_token",
"error_description":"Invalid access token: <old_client_access_token>"
}
Now, here is the result with an active client access token:
$ curl -H "Authorization: Bearer $CLIENT_ACCESS_TOKEN" http://localhost:8080/userinfo
<!DOCTYPE html>
<html lang="en_US">
<head>
<base href="http://localhost:8080/">
<title>INDIGO IAM for indigo-dc-An unexpected error occurred</title>
<meta charset="utf-8">
<meta
name="viewport"
content="width=device-width, initial-scale=1.0">
<link
rel="stylesheet"
href="/webjars/bootstrap/css/bootstrap.min.css"></link>
<link
rel="stylesheet"
href="/webjars/angular-ui-select/select.min.css"></link>
<link
rel="stylesheet"
href="/webjars/font-awesome/css/font-awesome.css"></link>
<link
rel="stylesheet"
href="/resources/iam/css/AdminLTE.css"></link>
<link
rel="stylesheet"
href="/resources/iam/css/skins/skin-blue.css"></link>
<link
rel="stylesheet"
href="/resources/iam/css/ionicons/ionicons.min.css"></link>
<link
rel="stylesheet"
href="/resources/iam/css/toaster.min.css" />
<link
rel="stylesheet"
href="/resources/iam/css/iam.css"></link>
<style type="text/css">
#logo-container {
margin: auto;
margin-top: 10px;
width: 200px;
height: 150px;
background-size: 200px;
background-image: url('resources/images/indigo-logo.png');
background-repeat: no-repeat;
background-position: center;
}
</style>
</head>
<script type="text/javascript">
//get the info of the currently authenticated user, if available (null otherwise)
function getUserInfo() {
return ;
}
// get the authorities of the currently authenticated user, if available (null otherwise)
function getUserAuthorities() {
return ["ROLE_CLIENT"];
}
function getIamVersion() {
return '1.8.0';
}
function getIamGitCommitId() {
return 'c01e02a';
}
function getRegistrationEnabled() {
return true;
}
function getAccountLinkingEnabled() {
return true;
}
function getExternalAuthenticationEnabled() {
return true;
}
function getOrganisationName() {
return 'indigo-dc';
}
</script>
<body>
<div class="container">
<div class="absolute-center">
<div id="logo-container" style="background-image: url(resources/images/indigo-logo.png)">
<a href="/"></a>
</div>
<div class="container-fluid page-content">
<h2 class="text-center text-danger">403. Forbidden</h2>
<div id="register-confirm-back-btn" class="row text-center">
<a class="btn btn-primary" href='/login'>Back to Login Page</a>
</div>
</div>
</div>
</div>
</body>
</html>
Probably nothing harmful here, just that it seems to generate an error in IAM: An unexpected error occurred.
Thanks
Nevermind, I had to fix my test due to the upgrade, and I actually still see this "issue"