Hi APIM Team,
I followed documentation [1] and configured token partitioning in my setup
[2]. I created 'IDN_OAUTH2_ACCESS_TOKEN_A', 'IDN_OAUTH2_ACCESS_TOKEN_B' and
IDN_OAUTH2_ACCESS_TOKEN_PRIMARY tables manually in AM DB.
E.X
CREATE TABLE IF NOT EXISTS IDN_OAUTH2_ACCESS_TOKEN_PRIMARY (
TOKEN_ID VARCHAR (255),
ACCESS_TOKEN VARCHAR(300),
REFRESH_TOKEN VARCHAR(300),
CONSUMER_KEY_ID INTEGER,
AUTHZ_USER VARCHAR (100),
TENANT_ID INTEGER,
USER_DOMAIN VARCHAR(50),
USER_TYPE VARCHAR (25),
GRANT_TYPE VARCHAR (50),
TIME_CREATED TIMESTAMP,
REFRESH_TOKEN_TIME_CREATED TIMESTAMP,
VALIDITY_PERIOD BIGINT,
REFRESH_TOKEN_VALIDITY_PERIOD BIGINT,
TOKEN_SCOPE_HASH VARCHAR(32),
TOKEN_STATE VARCHAR(25) DEFAULT 'ACTIVE',
TOKEN_STATE_ID VARCHAR (128) DEFAULT 'NONE',
SUBJECT_IDENTIFIER VARCHAR(255),
PRIMARY KEY (TOKEN_ID),
FOREIGN KEY (CONSUMER_KEY_ID) REFERENCES
IDN_OAUTH_CONSUMER_APPS(ID) ON DELETE CASCADE,
CONSTRAINT CON_APP_KEY UNIQUE
(CONSUMER_KEY_ID,AUTHZ_USER,TENANT_ID,USER_DOMAIN,USER_TYPE,TOKEN_SCOPE_HASH,
TOKEN_STATE,TOKEN_STATE_ID)
)ENGINE INNODB;
*Issue*
When I login as admin user (admin user in primary user store) and generate
keys
according to the IS log; [3] the token [4] gets generated but when trying
to store it in the DB 'Integrity Constraint Violation Exception' occurs.
further more In the store UI token value shows as null. (Refer to the
attached screenshot)
Is there anything else that I can do to fix this?
*[1].*
https://docs.wso2.com/display/AM1100/Saving+Access+Tokens+in+Separate+Tables
*[2]. Setup details*
Packs: IS 5.1.0 - APIM 1.10.0 IS as key manager setup
Database: MySQL 5.7
Configs: SAML SSO configured
*[3]. IS Log*
TID: [-1234] [] [2016-06-08 09:53:09,717] DEBUG
{org.wso2.carbon.identity.oauth2.OAuth2Service} - Access Token request
received for Client ID bLft4f3sLgh4QJDuS7z4Jgf4_7Qa, User ID null, Scope :
[default, am_application_scope] and Grant Type : client_credentials
TID: [-1234] [] [2016-06-08 09:53:09,718] DEBUG
{org.wso2.carbon.identity.oauth2.token.handlers.clientauth.AbstractClientAuthHandler}
- Can authenticate with client ID and Secret. Client ID:
bLft4f3sLgh4QJDuS7z4Jgf4_7Qa
TID: [-1234] [] [2016-06-08 09:53:09,718] DEBUG
{org.wso2.carbon.identity.oauth2.token.handlers.clientauth.AbstractClientAuthHandler}
- Grant type : client_credentials Strict client validation set to : null
TID: [-1234] [] [2016-06-08 09:53:09,721] DEBUG
{org.wso2.carbon.identity.oauth2.util.OAuth2Util} - Client credentials
were fetched from the database.
TID: [-1234] [] [2016-06-08 09:53:09,721] DEBUG
{org.wso2.carbon.identity.oauth2.util.OAuth2Util} - Successfully
authenticated the client with client id : bLft4f3sLgh4QJDuS7z4Jgf4_7Qa
TID: [-1234] [] [2016-06-08 09:53:09,721] DEBUG
{org.wso2.carbon.identity.oauth2.util.OAuth2Util} - Client credentials
were added to the cache for client id : bLft4f3sLgh4QJDuS7z4Jgf4_7Qa
TID: [-1234] [] [2016-06-08 09:53:09,735] DEBUG
{org.wso2.carbon.identity.oauth2.util.OAuth2Util} - Added
OAuthTokenReqMessageContext to threadlocal
TID: [-1234] [] [2016-06-08 09:53:09,738] DEBUG
{org.wso2.carbon.identity.oauth2.token.handlers.grant.AbstractAuthorizationGrantHandler}
- No access token found in database for client Id
bLft4f3sLgh4QJDuS7z4Jgf4_7Qa, user admin@carbon.super and scope
am_application_scope default. Therefore issuing new token
TID: [-1234] [] [2016-06-08 09:53:09,738] DEBUG
{org.wso2.carbon.identity.oauth2.token.handlers.grant.AbstractAuthorizationGrantHandler}
- Issuing a new access token for bLft4f3sLgh4QJDuS7z4Jgf4_7Qa
AuthorizedUser : admin@carbon.super
TID: [-1234] [] [2016-06-08 09:53:09,743] DEBUG
{org.wso2.carbon.identity.oauth2.token.handlers.grant.AbstractAuthorizationGrantHandler}
- Persisted Access Token for Client ID : bLft4f3sLgh4QJDuS7z4Jgf4_7Qa,
Authorized User : admin@carbon.super, Timestamp : 2016-06-08 09:53:09.738,
Validity period (s) : 3600, Scope : am_application_scope default and Token
State : ACTIVE
TID: [-1] [] [2016-06-08 09:53:09,744] DEBUG
{org.wso2.carbon.identity.oauth2.dao.TokenPersistenceTask} - Access Token
Data persisting Task is started to run
TID: [-1234] [] [2016-06-08 09:53:09,744] DEBUG
{org.wso2.carbon.identity.oauth2.token.handlers.grant.AbstractAuthorizationGrantHandler}
- Access token was added to OAuthCache for cache key :
bLft4f3sLgh4QJDuS7z4Jgf4_7Qa:admin@carbon.super:am_application_scope
default
TID: [-1234] [] [2016-06-08 09:53:09,744] DEBUG
{org.wso2.carbon.identity.oauth2.util.OAuth2Util} - Cleared
OAuthTokenReqMessageContext
TID: [-1234] [] [2016-06-08 09:53:09,744] DEBUG
{org.wso2.carbon.identity.oauth2.token.AccessTokenIssuer} - Access token
issued to client Id: bLft4f3sLgh4QJDuS7z4Jgf4_7Qa username:
admin@carbon.super and scopes: am_application_scope default
TID: [-1] [] [2016-06-08 09:53:09,782] ERROR
{org.wso2.carbon.identity.oauth2.dao.TokenPersistenceTask} - Error
occurred while persisting access token
:ZGQyMTRmOTA1ZjY2Yzg5MWRmMmJhZTNkYTIyOTkxMDE6YWRtaW5AY2FyYm9uLnN1cGVy
org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception: Access Token for
consumer key : bLft4f3sLgh4QJDuS7z4Jgf4_7Qa, user : admin@carbon.super and
scope : am_application_scope defaultalready exists
at
org.wso2.carbon.identity.oauth2.dao.TokenMgtDAO.storeAccessToken(TokenMgtDAO.java:242)
at
org.wso2.carbon.identity.oauth2.dao.TokenMgtDAO.persistAccessToken(TokenMgtDAO.java:292)
at
org.wso2.carbon.identity.oauth2.dao.TokenPersistenceTask.run(TokenPersistenceTask.java:52)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by:
com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException:
Cannot add or update a child row: a foreign key constraint fails
(`apim110`.`IDN_OAUTH2_ACCESS_TOKEN_SCOPE`, CONSTRAINT
`IDN_OAUTH2_ACCESS_TOKEN_SCOPE_ibfk_1` FOREIGN KEY (`TOKEN_ID`) REFERENCES
`IDN_OAUTH2_ACCESS_TOKEN` (`TOKEN_ID`) ON DELETE CASCADE)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:422)
at com.mysql.jdbc.Util.handleNewInstance(Util.java:404)
at com.mysql.jdbc.Util.getInstance(Util.java:387)
at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:932)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3878)
at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3814)
at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:2478)
at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:2625)
at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2551)
at
com.mysql.jdbc.PreparedStatement.executeInternal(PreparedStatement.java:1861)
at com.mysql.jdbc.PreparedStatement.execute(PreparedStatement.java:1192)
at
org.wso2.carbon.identity.oauth2.dao.TokenMgtDAO.storeAccessToken(TokenMgtDAO.java:234)
... 5 more
*[4]. Base64 decrypted token*
dd214f905f66c891df2bae3da2299101:admin@carbon.super
Thank you.
Kind Regards,
Sewmini
Sewmini Jayaweera
*Software Engineer - QA Team*
Mobile: +94 (0) 773 381 250
sewm...@wso2.com
_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev
