Hi Sanjeewa, We tried directly invoking IS 5.1.0 RC1 oauth endpoint [1] and it gives the access token [2] as expected.
Then tried with the same with APIM Dec 18th pack [3] and getting the error you mentioned. So this should be some config mismatch. We are checking on this further. Will let you know if we found the cause. [1] https://localhost:9443/oauth2/token [2] { "scope": "openid" "token_type": "Bearer" "expires_in": 3600 "refresh_token": "63bf2fecace4ea845d2163eca69c419c" "id_token": " eyJhbGciOiJSUzI1NiJ9.eyJhdXRoX3RpbWUiOjE0NTA2NzY3MDksImV4cCI6MTQ1MDY4MDMwOSwiYXpwIjoicnlmN1M0RFhLTlNwaWRyNlpsajkzQ2pGZnFjYSIsImF0X2hhc2giOiJDQ3MtcmZkQnR1RDA2WUpRb3lEcF9BIiwiYXVkIjpbInJ5ZjdTNERYS05TcGlkcjZabGo5M0NqRmZxY2EiXSwiaXNzIjoiaHR0cHM6XC9cL2xvY2FsaG9zdDo5NDQzXC9vYXV0aDJcL3Rva2VuIiwiaWF0IjoxNDUwNjc2NzA5fQ.J2NUAlNm-2-5EIIWpcdPVHyrvOYhUsOfBkpzhyqwa0OuzFv9nrkYYBtoM0qgzLk3jf9eCCtcsrOVpRgrd9OMaCPogz9bRe9OuANPS0_mf3jWKvFSdksQGE8eGSOWyBg4sAxfTCA-un39qTQBF6j3oSpHlXCr7dbWhaWy54vMu4c " "access_token": "8284fe02be7da25bd6349d3cb2241088" } [3] https://svn.wso2.org/repos/wso2/scratch/apim/builds/18-12-2015/ Thanks, On Mon, Dec 21, 2015 at 10:03 AM, Sanjeewa Malalgoda <[email protected]> wrote: > Hi Team, > While requesting access tokens with openid scope(see curl request[1]) i'm > getting following error[2]. > I tested this with carbon-identity 5.0.5 based AM build and i don't think > 5.0.6 do not have changes related to this use case. > I tested this with another white listed scopes to confirm this happen due > to white listed scopes or specific to openId. > We were able to get access tokens for normal white listed scopes but not > for openid scope. > Generate access tokens with openid scope is very common use case for all > API manager clients. > Did i missed anything here or we need to fix it (since this is NPE i think > we should fix this)? > > [1]curl -k -d > "grant_type=password&username=admin&password=admin&scope=openid" -H > "Authorization: Basic > VUFmMWFmZ3VCTzFaVE5QY0k2d2ZYbXNIQ1hVYTpUWURlT01nQjc3ME5DQ3RraTBZR3BNUVdQT2Nh" > https://10.100.1.65:8243/token > > [2][2015-12-21 09:46:53,812] ERROR - OAuth2Service Error occurred while > issuing the access token for Client ID : UAf1afguBO1ZTNPcI6wfXmsHCXUa, User > ID admin, Scope : [openid] and Grant Type : password > org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception: Error while > obtaining private key for super tenant > at > org.wso2.carbon.identity.openidconnect.DefaultIDTokenBuilder.signJWTWithRSA(DefaultIDTokenBuilder.java:351) > at > org.wso2.carbon.identity.openidconnect.DefaultIDTokenBuilder.signJWT(DefaultIDTokenBuilder.java:514) > at > org.wso2.carbon.identity.openidconnect.DefaultIDTokenBuilder.buildIDToken(DefaultIDTokenBuilder.java:237) > at > org.wso2.carbon.identity.oauth2.token.AccessTokenIssuer.issue(AccessTokenIssuer.java:224) > at > org.wso2.carbon.identity.oauth2.OAuth2Service.issueAccessToken(OAuth2Service.java:196) > at > org.wso2.carbon.identity.oauth.endpoint.token.OAuth2TokenEndpoint.getAccessToken(OAuth2TokenEndpoint.java:245) > at > org.wso2.carbon.identity.oauth.endpoint.token.OAuth2TokenEndpoint.issueAccessToken(OAuth2TokenEndpoint.java:111) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:606) > at > org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:188) > at > org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:104) > at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:204) > at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:101) > at > org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:58) > at > org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:94) > at > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272) > at > org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121) > at > org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:249) > at > org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:248) > at > org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:222) > at > org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:153) > at > org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:171) > at > org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:289) > at > org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:209) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:646) > at > org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:265) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) > at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) > at > org.wso2.carbon.ui.filters.CSRFPreventionFilter.doFilter(CSRFPreventionFilter.java:88) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) > at > org.wso2.carbon.ui.filters.CRLFPreventionFilter.doFilter(CRLFPreventionFilter.java:59) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220) > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122) > at > org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504) > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170) > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) > at > org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99) > at > org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47) > at > org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:57) > at > org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47) > at > org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62) > at > org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:159) > at > org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950) > at > org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57) > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:421) > at > org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1074) > at > org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611) > at > org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1739) > at > org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1698) > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) > at > org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) > at java.lang.Thread.run(Thread.java:745) > Caused by: java.lang.NullPointerException > at > org.wso2.carbon.core.util.KeyStoreManager.getDefaultPrivateKey(KeyStoreManager.java:395) > at > org.wso2.carbon.identity.openidconnect.DefaultIDTokenBuilder.signJWTWithRSA(DefaultIDTokenBuilder.java:349) > ... 61 more > > Thanks, > sanjeewa. > -- > > *Sanjeewa Malalgoda* > WSO2 Inc. > Mobile : +94713068779 > > <http://sanjeewamalalgoda.blogspot.com/>blog > :http://sanjeewamalalgoda.blogspot.com/ > <http://sanjeewamalalgoda.blogspot.com/> > > > -- Regards, *Darshana Gunawardana*Senior Software Engineer WSO2 Inc.; http://wso2.com *E-mail: [email protected] <[email protected]>* *Mobile: +94718566859*Lean . Enterprise . Middleware
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
