Hi All, Tested OIDC hybrid flow with "code idtoken" response type. This is breaking with "Invalid response type" error message. Could do a bit of debugging and it seems that at [1], it failing to identify the existing key for "code idtoken" type.
In the HashTable returned at OAuthServerConfiguration.getInstance().getSupportedResponseTypeValidators() execution, "code idtoken" key has the hashCode of '-1819461976' while input key 'code idtoken' produce the hashcode of '-732188021'. In plain Java code, if we generate the hashCode for 'code idtoken' it also generates this. This result in not identifying the sending response type properly. Appreciate if this can be further investigated. [1] - https://github.com/wso2-extensions/identity-inbound-auth-oauth/blob/5.6.x/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/model/CarbonOAuthAuthzRequest.java#L49 On Wed, Mar 14, 2018 at 7:52 PM, Sagara Gunathunga <[email protected]> wrote: > > > On Wed, Mar 14, 2018 at 7:46 PM, Jayanga Kaushalya <[email protected]> > wrote: > >> Hi Sagara, >> >> Yes I have suggested other teams also to follow the IS convention in [1]. >> APIM team told me offline that they already changed. Hope others will do >> the same. >> > > Great. > > Thanks ! > >> >> [1] [GDPR] Anonymization Tool default configurations/references are >> differed over the Products >> >> Thanks! >> >> *Jayanga Kaushalya* >> Senior Software Engineer >> Mobile: +94777860160 <+94%2077%20786%200160> >> WSO2 Inc. | http://wso2.com >> lean.enterprise.middleware >> >> >> >> On Wed, Mar 14, 2018 at 7:37 PM, Sagara Gunathunga <[email protected]> >> wrote: >> >>> >>> >>> On Wed, Mar 14, 2018 at 7:27 PM, Sathya Bandara <[email protected]> wrote: >>> >>>> Hi all, >>>> >>>> We are calling-off this vote as we have found an issue, >>>> >>>> - for user-mgt ui component in EI product >>>> - in Windows environment >>>> >>>> Since we want to align same component versions among EI & IS, we will >>>> fix this and update versions in IS as well. Additionally we will fix the >>>> issue in README.txt along with this. >>>> >>> Ruwan/Jayanga, shall we also look into the suggestion made by Lanka in >>> the "GDPR compliance for WSO2 products" thread ? >>> >>> Thanks ! >>> >>>> We will do a RC2 and call for a vote soon. >>>> >>>> [1] https://github.com/wso2/product-ei/issues/2004 >>>> >>>> On Wed, Mar 14, 2018 at 6:29 PM, Nilasini Thirunavukkarasu < >>>> [email protected]> wrote: >>>> >>>>> Hi, >>>>> >>>>> I have tested the following flows in mysql. >>>>> >>>>> - User management, role management (Primary + Secondary user store) >>>>> - OIDC flow (password grant, authorization code)(Primary + >>>>> Secondary user store) >>>>> - consent management with SAML SSO for primary and secondary users. >>>>> - SAML assertion encryption and response signing. >>>>> >>>>> >>>>> I have tested the following flow with h2 >>>>> >>>>> - federated scenario with two IS >>>>> >>>>> +1 to go ahead and release >>>>> >>>>> >>>>> Thanks, >>>>> Nila. >>>>> >>>>> >>>>> On Wed, Mar 14, 2018 at 6:15 PM, Darshana Gunawardana < >>>>> [email protected]> wrote: >>>>> >>>>>> Hi Dilini, >>>>>> >>>>>> We will fix this, if we noted any blocker for RC1 release.. If not, >>>>>> let's continue on the vote considering this is a known issue.. >>>>>> >>>>>> Thanks, >>>>>> >>>>>> On Wed, Mar 14, 2018 at 6:05 PM, Dilini Gunatilake <[email protected]> >>>>>> wrote: >>>>>> >>>>>>> Hi, >>>>>>> >>>>>>> The README .txt contains references to old documentation and few >>>>>>> other issues which is reported in [1]. Better if we can fix those. WDUT? >>>>>>> >>>>>>> [1] https://github.com/wso2/product-is/issues/2945 >>>>>>> >>>>>>> Regards, >>>>>>> Dilini >>>>>>> >>>>>>> >>>>>>> >>>>>>> On Wed, Mar 14, 2018 at 5:23 PM, Farasath Ahamed <[email protected] >>>>>>> > wrote: >>>>>>> >>>>>>>> >>>>>>>> Tested Below scenario on the IS 5.5.0-RC1 pack with MSSQL database >>>>>>>> >>>>>>>> - Create an OAuth app using Dynamic Client Registration endpoint >>>>>>>> - Configured mandatory claims for the service provider >>>>>>>> - Tested OIDC Implicit flow with user consent management enabled >>>>>>>> - Verified that the user claims sent in the id_token are >>>>>>>> filtered based on user consent. >>>>>>>> >>>>>>>> +1 to go ahead and release >>>>>>>> >>>>>>>> >>>>>>>> On Wed, Mar 14, 2018 at 11:16 AM, Sathya Bandara <[email protected]> >>>>>>>> wrote: >>>>>>>> >>>>>>>>> Hi all, >>>>>>>>> >>>>>>>>> We are pleased to announce the first release candidate of WSO2 >>>>>>>>> Identity Server 5.5.0. >>>>>>>>> >>>>>>>>> This is the first release candidate (RC) of the WSO2 Identity >>>>>>>>> Server 5.5.0 release. >>>>>>>>> >>>>>>>>> >>>>>>>>> This release fixes the following issues >>>>>>>>> >>>>>>>>> - 5.5.0-RC1 fixes >>>>>>>>> >>>>>>>>> <https://github.com/wso2/product-is/issues?q=is%3Aclosed+milestone%3A5.5.0-RC1> >>>>>>>>> - 5.5.0-Beta fixes >>>>>>>>> >>>>>>>>> <https://github.com/wso2/product-is/issues?q=is%3Aclosed+milestone%3A5.5.0-beta> >>>>>>>>> - 5.5.0-Alpha3 fixes >>>>>>>>> >>>>>>>>> <https://github.com/wso2/product-is/issues?q=is%3Aclosed+milestone%3A5.5.0-alpha3> >>>>>>>>> - 5.5.0-Alpha2 fixes >>>>>>>>> >>>>>>>>> <https://github.com/wso2/product-is/issues?q=is%3Aclosed+milestone%3A5.5.0-alpha2> >>>>>>>>> - 5.5.0-Alpha fixes >>>>>>>>> >>>>>>>>> <https://github.com/wso2/product-is/issues?q=is%3Aclosed+milestone%3A5.5.0-alpha> >>>>>>>>> - 5.5.0-M4 fixes >>>>>>>>> >>>>>>>>> <https://github.com/wso2/product-is/issues?q=is%3Aclosed+milestone%3A5.5.0-M4> >>>>>>>>> - 5.5.0-M3 fixes >>>>>>>>> >>>>>>>>> <https://github.com/wso2/product-is/issues?q=is%3Aclosed+milestone%3A5.5.0-M3> >>>>>>>>> - 5.5.0-M2 fixes >>>>>>>>> >>>>>>>>> <https://github.com/wso2/product-is/issues?q=is%3Aclosed+milestone%3A5.5.0-M2> >>>>>>>>> - 5.5.0-M1 fixes >>>>>>>>> >>>>>>>>> <https://github.com/wso2/product-is/issues?q=is%3Aclosed+milestone%3A5.5.0-M1> >>>>>>>>> >>>>>>>>> >>>>>>>>> Source and distribution >>>>>>>>> >>>>>>>>> Runtime - https://github.com/wso2/produc >>>>>>>>> t-is/releases/tag/v5.5.0-rc1 >>>>>>>>> Analytics - https://github.com/wso2/analyt >>>>>>>>> ics-is/releases/tag/v5.5.0-rc1 >>>>>>>>> >>>>>>>>> >>>>>>>>> Please download, test the product and vote. >>>>>>>>> >>>>>>>>> [+] Stable - go ahead and release >>>>>>>>> [-] Broken - do not release (explain why) >>>>>>>>> >>>>>>>>> >>>>>>>>> Thanks, >>>>>>>>> - WSO2 Identity and Access Management Team - >>>>>>>>> >>>>>>>>> -- >>>>>>>>> Sathya Bandara >>>>>>>>> Software Engineer >>>>>>>>> WSO2 Inc. http://wso2.com >>>>>>>>> Mobile: (+94) 715 360 421 <+94%2071%20411%205032> >>>>>>>>> >>>>>>>>> <+94%2071%20411%205032> >>>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> Farasath Ahamed >>>>>>>> Senior Software Engineer, WSO2 Inc.; http://wso2.com >>>>>>>> Mobile: +94777603866 >>>>>>>> Blog: blog.farazath.com >>>>>>>> Twitter: @farazath619 <https://twitter.com/farazath619> >>>>>>>> <http://wso2.com/signature> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> Architecture mailing list >>>>>>>> [email protected] >>>>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> >>>>>>> *Dilini GunatilakeSoftware Engineer - QA Team* >>>>>>> Mobile : +94771162518 <+94%2077%20116%202518> >>>>>>> [email protected] >>>>>>> >>>>>>> >>>>>>> >>>>>>> _______________________________________________ >>>>>>> Architecture mailing list >>>>>>> [email protected] >>>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Regards, >>>>>> >>>>>> >>>>>> *Darshana Gunawardana*Technical Lead >>>>>> WSO2 Inc.; http://wso2.com >>>>>> >>>>>> *E-mail: [email protected] <[email protected]>* >>>>>> *Mobile: +94718566859 <+94%2071%20856%206859>*Lean . Enterprise . >>>>>> Middleware >>>>>> >>>>>> _______________________________________________ >>>>>> Architecture mailing list >>>>>> [email protected] >>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> Nilasini Thirunavukkarasu >>>>> Software Engineer - WSO2 >>>>> >>>>> Email : [email protected] >>>>> Mobile : +94775241823 <+94%2077%20524%201823> >>>>> Web : http://wso2.com/ >>>>> >>>>> >>>>> <http://wso2.com/signature> >>>>> >>>> >>>> >>>> >>>> -- >>>> Sathya Bandara >>>> Software Engineer >>>> WSO2 Inc. http://wso2.com >>>> Mobile: (+94) 715 360 421 <+94%2071%20411%205032> >>>> >>>> <+94%2071%20411%205032> >>>> >>>> _______________________________________________ >>>> Dev mailing list >>>> [email protected] >>>> http://wso2.org/cgi-bin/mailman/listinfo/dev >>>> >>>> >>> >>> >>> -- >>> Sagara Gunathunga >>> >>> Director; WSO2, Inc.; http://wso2.com >>> Linkedin; http://www.linkedin.com/in/ssagara >>> Blog ; http://ssagara.blogspot.com >>> Mobile : +9471 <+94%2071%20565%209887>2149951 >>> >>> >> > > > -- > Sagara Gunathunga > > Director; WSO2, Inc.; http://wso2.com > Linkedin; http://www.linkedin.com/in/ssagara > Blog ; http://ssagara.blogspot.com > Mobile : +9471 <+94%2071%20565%209887>2149951 > > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > Thanks, -- Pushpalanka. -- Pushpalanka Jayawardhana, B.Sc.Eng.(Hons). Senior Software Engineer, WSO2 Lanka (pvt) Ltd; wso2.com/ Mobile: +94779716248 Blog: pushpalankajaya.blogspot.com/ | LinkedIn: lk.linkedin.com/in/ pushpalanka/ | Twitter: @pushpalanka
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
