subject:"\[Dev\] \[IDENTITY\-6155\] Invoking the user info endpoint without properly setting the 'Bearer' header causes server errors"

Re: [Dev] [IDENTITY-6155] Invoking the user info endpoint without properly setting the 'Bearer' header causes server errors

2017-07-30 Thread Isura Karunaratne

Hi Hasini,

Merged the PR with [1]

Thanks
Isura.


[1]
https://github.com/wso2-extensions/identity-inbound-auth-oauth/commit/6adda2141e27cbe2df1a985e8f857816f37f2a66

On Fri, Jul 28, 2017 at 5:01 PM, Hasini Witharana  wrote:

> Hi,
>
> I am working on the jira IDENTITY-6155
> . When Invoking the user info
> endpoint without adding the access token to the 'Bearer' header causes the
> server to return an ArrayIndexOutOfBoundsException with the full stacktrace
> to the client.
>
> As per the OIDC/oauth2.0 specifications[1][2], this sort of a request can
> be treated as an invalid request.
> Please refer the PR[3] which fixes this issue.
>
> [1]- http://openid.net/specs/openid-connect-core-1_0.html#UserInfoError
> [2]- https://tools.ietf.org/html/rfc6750#section-6.2
> [3]- https://github.com/wso2-extensions/identity-inbound-auth-
> oauth/pull/420
>
> Thank you.
>
> --
>
> *Hasini Witharana*
> Software Engineering Intern | WSO2
>
>
> *Email : hasi...@wso2.com *
>
> *Mobile : +94713850143 <+94%2071%20385%200143>[image:
> http://wso2.com/signature] *
>



-- 

*Isura Dilhara Karunaratne*
Senior Software Engineer | WSO2
Email: is...@wso2.com
Mob : +94 772 254 810
Blog : http://isurad.blogspot.com/
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

[Dev] [IDENTITY-6155] Invoking the user info endpoint without properly setting the 'Bearer' header causes server errors

2017-07-28 Thread Hasini Witharana

Hi,

I am working on the jira IDENTITY-6155
. When Invoking the user info
endpoint without adding the access token to the 'Bearer' header causes the
server to return an ArrayIndexOutOfBoundsException with the full stacktrace
to the client.

As per the OIDC/oauth2.0 specifications[1][2], this sort of a request can
be treated as an invalid request.
Please refer the PR[3] which fixes this issue.

[1]- http://openid.net/specs/openid-connect-core-1_0.html#UserInfoError
[2]- https://tools.ietf.org/html/rfc6750#section-6.2
[3]- https://github.com/wso2-extensions/identity-inbound-auth-oauth/pull/420

Thank you.

-- 

*Hasini Witharana*
Software Engineering Intern | WSO2


*Email : hasi...@wso2.com *

*Mobile : +94713850143[image: http://wso2.com/signature]
*
___
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Re: [Dev] [IDENTITY-6155] Invoking the user info endpoint without properly setting the 'Bearer' header causes server errors

[Dev] [IDENTITY-6155] Invoking the user info endpoint without properly setting the 'Bearer' header causes server errors

2 matches

Site Navigation

Mail list logo

Footer information