Re: [Dev] [IS] Generate token with auth code grant - Using same code twice
Many thanks Omindu..!!! On Sun, Dec 24, 2017 at 2:23 PM, Omindu Rathnaweerawrote: > Hi Mahesh, > > This issue was fixed with a WUM update. > > Regards, > Omindu. > > On Sun, Dec 24, 2017 at 5:47 PM, Mahesh Chinthaka > wrote: > >> Hi Maduranga/ Danushka, >> >> I got the same NPE error while doing the same. After setting >> EnableOAuthCache to true in identity.xml, error disappeared. >> According to IDENTITY-5830 seems like it got fixed in 5.4.0-M1, here Im >> using 5.3.0 >> >> Do we have a backported fix for this ? Or is it ok if I keep that change >> as it is (EnableOAuthCache=true) >> Note this is for a production setup. >> >> Please advise. >> >> On Thu, Mar 23, 2017 at 5:06 AM, Danushka Fernando >> wrote: >> >>> Createed https://wso2.org/jira/browse/IDENTITY-5830 to track this >>> >>> Thanks & Regards >>> Danushka Fernando >>> Senior Software Engineer >>> WSO2 inc. http://wso2.com/ >>> Mobile : +94716332729 <+94%2071%20633%202729> >>> >>> On Thu, Mar 23, 2017 at 9:22 AM, Maduranga Siriwardena < >>> madura...@wso2.com> wrote: >>> Sorry the code line should be [1]. Previous line I pointed [2] has the same issue. [1] https://github.com/wso2-extensions/identity-inbound-auth -oauth/blob/v5.3.4/components/org.wso2.carbon.identity.oauth /src/main/java/org/wso2/carbon/identity/oauth2/token/handler s/grant/AuthorizationCodeGrantHandler.java#L121 [2] https://github.com/wso2-extensions/identity-inbound-auth -oauth/blob/v5.3.4/components/org.wso2.carbon.identity.oauth /src/main/java/org/wso2/carbon/identity/oauth2/token/handler s/grant/AuthorizationCodeGrantHandler.java#L184 Thanks, On Wed, Mar 22, 2017 at 10:49 PM, Maduranga Siriwardena < madura...@wso2.com> wrote: > Hi Danushka, > > The problem seems to be oauthCache is only initialized when > EnableOAuthCache is set to true in identity.xml. Default value is false. > So > oauthCache is null and when we try to clear the cache entry [1] it gives > NPE. > > [1] https://github.com/wso2-extensions/identity-inbound-auth > -oauth/blob/v5.3.4/components/org.wso2.carbon.identity.oauth > /src/main/java/org/wso2/carbon/identity/oauth2/token/handler > s/grant/AuthorizationCodeGrantHandler.java#L184 > > Thanks, > > On Wed, Mar 22, 2017 at 10:41 PM, Danushka Fernando < > danush...@wso2.com> wrote: > >> Hi All >> I generated an auth code and used that code to issue an access token. >> In second time as expected its not giving me an access token if I use >> same >> code. But there is a null pointer. >> >> TID: [-1234] [] [2017-03-23 08:46:21,034] INFO >> {org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration} - >> The default Identity OAuth token issuer will be used. No custom token >> generator is set. >> TID: [-1234] [] [2017-03-23 08:47:12,696] WARN >> {org.wso2.carbon.identity.oauth.endpoint.authz.OAuth2AuthzEndpoint} >> - No session state found for the received Session ID : >> afbb08c6-d832-4154-9e68-116cc02b7b94 >> TID: [-1234] [] [2017-03-23 08:50:59,399] ERROR >> {org.wso2.carbon.identity.oauth2.OAuth2Service} - Error occurred >> while issuing the access token for Client ID : >> jF2udC5fHAZwglHYuYVt9rXdgrIa, User ID null, Scope : [] and Grant Type : >> authorization_code >> java.lang.NullPointerException >> at org.wso2.carbon.identity.oauth2.token.handlers.grant.Authori >> zationCodeGrantHandler.validateGrant(AuthorizationCodeGrantH >> andler.java:121) >> at org.wso2.carbon.identity.oauth2.token.AccessTokenIssuer.issu >> e(AccessTokenIssuer.java:212) >> at org.wso2.carbon.identity.oauth2.OAuth2Service.issueAccessTok >> en(OAuth2Service.java:223) >> at org.wso2.carbon.identity.oauth.endpoint.token.OAuth2TokenEnd >> point.getAccessToken(OAuth2TokenEndpoint.java:287) >> at org.wso2.carbon.identity.oauth.endpoint.token.OAuth2TokenEnd >> point.issueAccessToken(OAuth2TokenEndpoint.java:151) >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce >> ssorImpl.java:62) >> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe >> thodAccessorImpl.java:43) >> at java.lang.reflect.Method.invoke(Method.java:498) >> at org.apache.cxf.service.invoker.AbstractInvoker.performInvoca >> tion(AbstractInvoker.java:188) >> at org.apache.cxf.service.invoker.AbstractInvoker.invoke(Abstra >> ctInvoker.java:104) >> at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:204) >> at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:101) >> at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(S >> erviceInvokerInterceptor.java:58) >> at
Re: [Dev] [IS] Generate token with auth code grant - Using same code twice
Hi Mahesh, This issue was fixed with a WUM update. Regards, Omindu. On Sun, Dec 24, 2017 at 5:47 PM, Mahesh Chinthakawrote: > Hi Maduranga/ Danushka, > > I got the same NPE error while doing the same. After setting > EnableOAuthCache to true in identity.xml, error disappeared. > According to IDENTITY-5830 seems like it got fixed in 5.4.0-M1, here Im > using 5.3.0 > > Do we have a backported fix for this ? Or is it ok if I keep that change > as it is (EnableOAuthCache=true) > Note this is for a production setup. > > Please advise. > > On Thu, Mar 23, 2017 at 5:06 AM, Danushka Fernando > wrote: > >> Createed https://wso2.org/jira/browse/IDENTITY-5830 to track this >> >> Thanks & Regards >> Danushka Fernando >> Senior Software Engineer >> WSO2 inc. http://wso2.com/ >> Mobile : +94716332729 <+94%2071%20633%202729> >> >> On Thu, Mar 23, 2017 at 9:22 AM, Maduranga Siriwardena < >> madura...@wso2.com> wrote: >> >>> Sorry the code line should be [1]. Previous line I pointed [2] has the >>> same issue. >>> >>> [1] https://github.com/wso2-extensions/identity-inbound-auth >>> -oauth/blob/v5.3.4/components/org.wso2.carbon.identity.oauth >>> /src/main/java/org/wso2/carbon/identity/oauth2/token/handler >>> s/grant/AuthorizationCodeGrantHandler.java#L121 >>> [2] https://github.com/wso2-extensions/identity-inbound-auth >>> -oauth/blob/v5.3.4/components/org.wso2.carbon.identity.oauth >>> /src/main/java/org/wso2/carbon/identity/oauth2/token/handler >>> s/grant/AuthorizationCodeGrantHandler.java#L184 >>> >>> Thanks, >>> >>> On Wed, Mar 22, 2017 at 10:49 PM, Maduranga Siriwardena < >>> madura...@wso2.com> wrote: >>> Hi Danushka, The problem seems to be oauthCache is only initialized when EnableOAuthCache is set to true in identity.xml. Default value is false. So oauthCache is null and when we try to clear the cache entry [1] it gives NPE. [1] https://github.com/wso2-extensions/identity-inbound-auth -oauth/blob/v5.3.4/components/org.wso2.carbon.identity.oauth /src/main/java/org/wso2/carbon/identity/oauth2/token/handler s/grant/AuthorizationCodeGrantHandler.java#L184 Thanks, On Wed, Mar 22, 2017 at 10:41 PM, Danushka Fernando wrote: > Hi All > I generated an auth code and used that code to issue an access token. > In second time as expected its not giving me an access token if I use same > code. But there is a null pointer. > > TID: [-1234] [] [2017-03-23 08:46:21,034] INFO > {org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration} - > The default Identity OAuth token issuer will be used. No custom token > generator is set. > TID: [-1234] [] [2017-03-23 08:47:12,696] WARN > {org.wso2.carbon.identity.oauth.endpoint.authz.OAuth2AuthzEndpoint} - > No session state found for the received Session ID : > afbb08c6-d832-4154-9e68-116cc02b7b94 > TID: [-1234] [] [2017-03-23 08:50:59,399] ERROR > {org.wso2.carbon.identity.oauth2.OAuth2Service} - Error occurred > while issuing the access token for Client ID : > jF2udC5fHAZwglHYuYVt9rXdgrIa, User ID null, Scope : [] and Grant Type : > authorization_code > java.lang.NullPointerException > at org.wso2.carbon.identity.oauth2.token.handlers.grant.Authori > zationCodeGrantHandler.validateGrant(AuthorizationCodeGrantH > andler.java:121) > at org.wso2.carbon.identity.oauth2.token.AccessTokenIssuer.issu > e(AccessTokenIssuer.java:212) > at org.wso2.carbon.identity.oauth2.OAuth2Service.issueAccessTok > en(OAuth2Service.java:223) > at org.wso2.carbon.identity.oauth.endpoint.token.OAuth2TokenEnd > point.getAccessToken(OAuth2TokenEndpoint.java:287) > at org.wso2.carbon.identity.oauth.endpoint.token.OAuth2TokenEnd > point.issueAccessToken(OAuth2TokenEndpoint.java:151) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce > ssorImpl.java:62) > at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe > thodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at org.apache.cxf.service.invoker.AbstractInvoker.performInvoca > tion(AbstractInvoker.java:188) > at org.apache.cxf.service.invoker.AbstractInvoker.invoke(Abstra > ctInvoker.java:104) > at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:204) > at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:101) > at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(S > erviceInvokerInterceptor.java:58) > at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleM > essage(ServiceInvokerInterceptor.java:94) > at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(Phase > InterceptorChain.java:272) > at org.apache.cxf.transport.ChainInitiationObserver.onMessage(C
Re: [Dev] [IS] Generate token with auth code grant - Using same code twice
Hi Maduranga/ Danushka, I got the same NPE error while doing the same. After setting EnableOAuthCache to true in identity.xml, error disappeared. According to IDENTITY-5830 seems like it got fixed in 5.4.0-M1, here Im using 5.3.0 Do we have a backported fix for this ? Or is it ok if I keep that change as it is (EnableOAuthCache=true) Note this is for a production setup. Please advise. On Thu, Mar 23, 2017 at 5:06 AM, Danushka Fernandowrote: > Createed https://wso2.org/jira/browse/IDENTITY-5830 to track this > > Thanks & Regards > Danushka Fernando > Senior Software Engineer > WSO2 inc. http://wso2.com/ > Mobile : +94716332729 <+94%2071%20633%202729> > > On Thu, Mar 23, 2017 at 9:22 AM, Maduranga Siriwardena > wrote: > >> Sorry the code line should be [1]. Previous line I pointed [2] has the >> same issue. >> >> [1] https://github.com/wso2-extensions/identity-inbound-auth >> -oauth/blob/v5.3.4/components/org.wso2.carbon.identity. >> oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/ >> handlers/grant/AuthorizationCodeGrantHandler.java#L121 >> [2] https://github.com/wso2-extensions/identity-inbound-auth >> -oauth/blob/v5.3.4/components/org.wso2.carbon.identity. >> oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/ >> handlers/grant/AuthorizationCodeGrantHandler.java#L184 >> >> Thanks, >> >> On Wed, Mar 22, 2017 at 10:49 PM, Maduranga Siriwardena < >> madura...@wso2.com> wrote: >> >>> Hi Danushka, >>> >>> The problem seems to be oauthCache is only initialized when >>> EnableOAuthCache is set to true in identity.xml. Default value is false. So >>> oauthCache is null and when we try to clear the cache entry [1] it gives >>> NPE. >>> >>> [1] https://github.com/wso2-extensions/identity-inbound-auth >>> -oauth/blob/v5.3.4/components/org.wso2.carbon.identity.oauth >>> /src/main/java/org/wso2/carbon/identity/oauth2/token/handler >>> s/grant/AuthorizationCodeGrantHandler.java#L184 >>> >>> Thanks, >>> >>> On Wed, Mar 22, 2017 at 10:41 PM, Danushka Fernando >>> wrote: >>> Hi All I generated an auth code and used that code to issue an access token. In second time as expected its not giving me an access token if I use same code. But there is a null pointer. TID: [-1234] [] [2017-03-23 08:46:21,034] INFO {org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration} - The default Identity OAuth token issuer will be used. No custom token generator is set. TID: [-1234] [] [2017-03-23 08:47:12,696] WARN {org.wso2.carbon.identity.oauth.endpoint.authz.OAuth2AuthzEndpoint} - No session state found for the received Session ID : afbb08c6-d832-4154-9e68-116cc02b7b94 TID: [-1234] [] [2017-03-23 08:50:59,399] ERROR {org.wso2.carbon.identity.oauth2.OAuth2Service} - Error occurred while issuing the access token for Client ID : jF2udC5fHAZwglHYuYVt9rXdgrIa, User ID null, Scope : [] and Grant Type : authorization_code java.lang.NullPointerException at org.wso2.carbon.identity.oauth2.token.handlers.grant.Authori zationCodeGrantHandler.validateGrant(AuthorizationCodeGrantH andler.java:121) at org.wso2.carbon.identity.oauth2.token.AccessTokenIssuer.issu e(AccessTokenIssuer.java:212) at org.wso2.carbon.identity.oauth2.OAuth2Service.issueAccessTok en(OAuth2Service.java:223) at org.wso2.carbon.identity.oauth.endpoint.token.OAuth2TokenEnd point.getAccessToken(OAuth2TokenEndpoint.java:287) at org.wso2.carbon.identity.oauth.endpoint.token.OAuth2TokenEnd point.issueAccessToken(OAuth2TokenEndpoint.java:151) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce ssorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe thodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.apache.cxf.service.invoker.AbstractInvoker.performInvoca tion(AbstractInvoker.java:188) at org.apache.cxf.service.invoker.AbstractInvoker.invoke(Abstra ctInvoker.java:104) at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:204) at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:101) at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(S erviceInvokerInterceptor.java:58) at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleM essage(ServiceInvokerInterceptor.java:94) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(Phase InterceptorChain.java:272) at org.apache.cxf.transport.ChainInitiationObserver.onMessage(C hainInitiationObserver.java:121) at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke (AbstractHTTPDestination.java:249) at org.apache.cxf.transport.servlet.ServletController.invokeDes tination(ServletController.java:248) at
Re: [Dev] [IS] Generate token with auth code grant - Using same code twice
Createed https://wso2.org/jira/browse/IDENTITY-5830 to track this Thanks & Regards Danushka Fernando Senior Software Engineer WSO2 inc. http://wso2.com/ Mobile : +94716332729 On Thu, Mar 23, 2017 at 9:22 AM, Maduranga Siriwardenawrote: > Sorry the code line should be [1]. Previous line I pointed [2] has the > same issue. > > [1] https://github.com/wso2-extensions/identity-inbound- > auth-oauth/blob/v5.3.4/components/org.wso2.carbon. > identity.oauth/src/main/java/org/wso2/carbon/identity/ > oauth2/token/handlers/grant/AuthorizationCodeGrantHandler.java#L121 > [2] https://github.com/wso2-extensions/identity-inbound- > auth-oauth/blob/v5.3.4/components/org.wso2.carbon. > identity.oauth/src/main/java/org/wso2/carbon/identity/ > oauth2/token/handlers/grant/AuthorizationCodeGrantHandler.java#L184 > > Thanks, > > On Wed, Mar 22, 2017 at 10:49 PM, Maduranga Siriwardena < > madura...@wso2.com> wrote: > >> Hi Danushka, >> >> The problem seems to be oauthCache is only initialized when >> EnableOAuthCache is set to true in identity.xml. Default value is false. So >> oauthCache is null and when we try to clear the cache entry [1] it gives >> NPE. >> >> [1] https://github.com/wso2-extensions/identity-inbound-auth >> -oauth/blob/v5.3.4/components/org.wso2.carbon.identity. >> oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/ >> handlers/grant/AuthorizationCodeGrantHandler.java#L184 >> >> Thanks, >> >> On Wed, Mar 22, 2017 at 10:41 PM, Danushka Fernando >> wrote: >> >>> Hi All >>> I generated an auth code and used that code to issue an access token. In >>> second time as expected its not giving me an access token if I use same >>> code. But there is a null pointer. >>> >>> TID: [-1234] [] [2017-03-23 08:46:21,034] INFO >>> {org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration} - The >>> default Identity OAuth token issuer will be used. No custom token generator >>> is set. >>> TID: [-1234] [] [2017-03-23 08:47:12,696] WARN >>> {org.wso2.carbon.identity.oauth.endpoint.authz.OAuth2AuthzEndpoint} - >>> No session state found for the received Session ID : >>> afbb08c6-d832-4154-9e68-116cc02b7b94 >>> TID: [-1234] [] [2017-03-23 08:50:59,399] ERROR >>> {org.wso2.carbon.identity.oauth2.OAuth2Service} - Error occurred while >>> issuing the access token for Client ID : jF2udC5fHAZwglHYuYVt9rXdgrIa, User >>> ID null, Scope : [] and Grant Type : authorization_code >>> java.lang.NullPointerException >>> at org.wso2.carbon.identity.oauth2.token.handlers.grant.Authori >>> zationCodeGrantHandler.validateGrant(AuthorizationCodeGrantH >>> andler.java:121) >>> at org.wso2.carbon.identity.oauth2.token.AccessTokenIssuer.issu >>> e(AccessTokenIssuer.java:212) >>> at org.wso2.carbon.identity.oauth2.OAuth2Service.issueAccessTok >>> en(OAuth2Service.java:223) >>> at org.wso2.carbon.identity.oauth.endpoint.token.OAuth2TokenEnd >>> point.getAccessToken(OAuth2TokenEndpoint.java:287) >>> at org.wso2.carbon.identity.oauth.endpoint.token.OAuth2TokenEnd >>> point.issueAccessToken(OAuth2TokenEndpoint.java:151) >>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >>> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce >>> ssorImpl.java:62) >>> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe >>> thodAccessorImpl.java:43) >>> at java.lang.reflect.Method.invoke(Method.java:498) >>> at org.apache.cxf.service.invoker.AbstractInvoker.performInvoca >>> tion(AbstractInvoker.java:188) >>> at org.apache.cxf.service.invoker.AbstractInvoker.invoke(Abstra >>> ctInvoker.java:104) >>> at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:204) >>> at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:101) >>> at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(S >>> erviceInvokerInterceptor.java:58) >>> at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleM >>> essage(ServiceInvokerInterceptor.java:94) >>> at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(Phase >>> InterceptorChain.java:272) >>> at org.apache.cxf.transport.ChainInitiationObserver.onMessage(C >>> hainInitiationObserver.java:121) >>> at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke >>> (AbstractHTTPDestination.java:249) >>> at org.apache.cxf.transport.servlet.ServletController.invokeDes >>> tination(ServletController.java:248) >>> at org.apache.cxf.transport.servlet.ServletController.invoke(Se >>> rvletController.java:222) >>> at org.apache.cxf.transport.servlet.ServletController.invoke(Se >>> rvletController.java:153) >>> at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke( >>> CXFNonSpringServlet.java:171) >>> at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleR >>> equest(AbstractHTTPServlet.java:289) >>> at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost( >>> AbstractHTTPServlet.java:209) >>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:650) >>> at
Re: [Dev] [IS] Generate token with auth code grant - Using same code twice
Sorry the code line should be [1]. Previous line I pointed [2] has the same issue. [1] https://github.com/wso2-extensions/identity-inbound-auth-oauth/blob/v5.3.4/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AuthorizationCodeGrantHandler.java#L121 [2] https://github.com/wso2-extensions/identity-inbound-auth-oauth/blob/v5.3.4/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AuthorizationCodeGrantHandler.java#L184 Thanks, On Wed, Mar 22, 2017 at 10:49 PM, Maduranga Siriwardenawrote: > Hi Danushka, > > The problem seems to be oauthCache is only initialized when > EnableOAuthCache is set to true in identity.xml. Default value is false. So > oauthCache is null and when we try to clear the cache entry [1] it gives > NPE. > > [1] https://github.com/wso2-extensions/identity-inbound- > auth-oauth/blob/v5.3.4/components/org.wso2.carbon. > identity.oauth/src/main/java/org/wso2/carbon/identity/ > oauth2/token/handlers/grant/AuthorizationCodeGrantHandler.java#L184 > > Thanks, > > On Wed, Mar 22, 2017 at 10:41 PM, Danushka Fernando > wrote: > >> Hi All >> I generated an auth code and used that code to issue an access token. In >> second time as expected its not giving me an access token if I use same >> code. But there is a null pointer. >> >> TID: [-1234] [] [2017-03-23 08:46:21,034] INFO >> {org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration} - The >> default Identity OAuth token issuer will be used. No custom token generator >> is set. >> TID: [-1234] [] [2017-03-23 08:47:12,696] WARN >> {org.wso2.carbon.identity.oauth.endpoint.authz.OAuth2AuthzEndpoint} - >> No session state found for the received Session ID : >> afbb08c6-d832-4154-9e68-116cc02b7b94 >> TID: [-1234] [] [2017-03-23 08:50:59,399] ERROR >> {org.wso2.carbon.identity.oauth2.OAuth2Service} - Error occurred while >> issuing the access token for Client ID : jF2udC5fHAZwglHYuYVt9rXdgrIa, User >> ID null, Scope : [] and Grant Type : authorization_code >> java.lang.NullPointerException >> at org.wso2.carbon.identity.oauth2.token.handlers.grant.Authori >> zationCodeGrantHandler.validateGrant(AuthorizationCodeGrantH >> andler.java:121) >> at org.wso2.carbon.identity.oauth2.token.AccessTokenIssuer. >> issue(AccessTokenIssuer.java:212) >> at org.wso2.carbon.identity.oauth2.OAuth2Service.issueAccessTok >> en(OAuth2Service.java:223) >> at org.wso2.carbon.identity.oauth.endpoint.token.OAuth2TokenEnd >> point.getAccessToken(OAuth2TokenEndpoint.java:287) >> at org.wso2.carbon.identity.oauth.endpoint.token.OAuth2TokenEnd >> point.issueAccessToken(OAuth2TokenEndpoint.java:151) >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcce >> ssorImpl.java:62) >> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMe >> thodAccessorImpl.java:43) >> at java.lang.reflect.Method.invoke(Method.java:498) >> at org.apache.cxf.service.invoker.AbstractInvoker.performInvoca >> tion(AbstractInvoker.java:188) >> at org.apache.cxf.service.invoker.AbstractInvoker.invoke( >> AbstractInvoker.java:104) >> at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:204) >> at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:101) >> at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run( >> ServiceInvokerInterceptor.java:58) >> at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleM >> essage(ServiceInvokerInterceptor.java:94) >> at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(Phase >> InterceptorChain.java:272) >> at org.apache.cxf.transport.ChainInitiationObserver.onMessage(C >> hainInitiationObserver.java:121) >> at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke >> (AbstractHTTPDestination.java:249) >> at org.apache.cxf.transport.servlet.ServletController.invokeDes >> tination(ServletController.java:248) >> at org.apache.cxf.transport.servlet.ServletController.invoke( >> ServletController.java:222) >> at org.apache.cxf.transport.servlet.ServletController.invoke( >> ServletController.java:153) >> at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke( >> CXFNonSpringServlet.java:171) >> at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleR >> equest(AbstractHTTPServlet.java:289) >> at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost( >> AbstractHTTPServlet.java:209) >> at javax.servlet.http.HttpServlet.service(HttpServlet.java:650) >> at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service >> (AbstractHTTPServlet.java:265) >> at org.apache.catalina.core.ApplicationFilterChain.internalDoFi >> lter(ApplicationFilterChain.java:303) >> at org.apache.catalina.core.ApplicationFilterChain.doFilter(App >> licationFilterChain.java:208) >> at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) >> at
Re: [Dev] [IS] Generate token with auth code grant - Using same code twice
Hi Danushka, The problem seems to be oauthCache is only initialized when EnableOAuthCache is set to true in identity.xml. Default value is false. So oauthCache is null and when we try to clear the cache entry [1] it gives NPE. [1] https://github.com/wso2-extensions/identity-inbound-auth-oauth/blob/v5.3.4/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/token/handlers/grant/AuthorizationCodeGrantHandler.java#L184 Thanks, On Wed, Mar 22, 2017 at 10:41 PM, Danushka Fernandowrote: > Hi All > I generated an auth code and used that code to issue an access token. In > second time as expected its not giving me an access token if I use same > code. But there is a null pointer. > > TID: [-1234] [] [2017-03-23 08:46:21,034] INFO {org.wso2.carbon.identity. > oauth.config.OAuthServerConfiguration} - The default Identity OAuth > token issuer will be used. No custom token generator is set. > TID: [-1234] [] [2017-03-23 08:47:12,696] WARN {org.wso2.carbon.identity. > oauth.endpoint.authz.OAuth2AuthzEndpoint} - No session state found for > the received Session ID : afbb08c6-d832-4154-9e68-116cc02b7b94 > TID: [-1234] [] [2017-03-23 08:50:59,399] ERROR > {org.wso2.carbon.identity.oauth2.OAuth2Service} > - Error occurred while issuing the access token for Client ID : > jF2udC5fHAZwglHYuYVt9rXdgrIa, User ID null, Scope : [] and Grant Type : > authorization_code > java.lang.NullPointerException > at org.wso2.carbon.identity.oauth2.token.handlers.grant. > AuthorizationCodeGrantHandler.validateGrant(AuthorizationCodeGrantHandler. > java:121) > at org.wso2.carbon.identity.oauth2.token.AccessTokenIssuer.issue( > AccessTokenIssuer.java:212) > at org.wso2.carbon.identity.oauth2.OAuth2Service.issueAccessToken( > OAuth2Service.java:223) > at org.wso2.carbon.identity.oauth.endpoint.token.OAuth2TokenEndpoint. > getAccessToken(OAuth2TokenEndpoint.java:287) > at org.wso2.carbon.identity.oauth.endpoint.token.OAuth2TokenEndpoint. > issueAccessToken(OAuth2TokenEndpoint.java:151) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at sun.reflect.NativeMethodAccessorImpl.invoke( > NativeMethodAccessorImpl.java:62) > at sun.reflect.DelegatingMethodAccessorImpl.invoke( > DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation( > AbstractInvoker.java:188) > at org.apache.cxf.service.invoker.AbstractInvoker. > invoke(AbstractInvoker.java:104) > at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:204) > at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:101) > at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1. > run(ServiceInvokerInterceptor.java:58) > at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage( > ServiceInvokerInterceptor.java:94) > at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept( > PhaseInterceptorChain.java:272) > at org.apache.cxf.transport.ChainInitiationObserver.onMessage( > ChainInitiationObserver.java:121) > at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke( > AbstractHTTPDestination.java:249) > at org.apache.cxf.transport.servlet.ServletController.invokeDestination( > ServletController.java:248) > at org.apache.cxf.transport.servlet.ServletController. > invoke(ServletController.java:222) > at org.apache.cxf.transport.servlet.ServletController. > invoke(ServletController.java:153) > at org.apache.cxf.transport.servlet.CXFNonSpringServlet. > invoke(CXFNonSpringServlet.java:171) > at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest( > AbstractHTTPServlet.java:289) > at org.apache.cxf.transport.servlet.AbstractHTTPServlet. > doPost(AbstractHTTPServlet.java:209) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:650) > at org.apache.cxf.transport.servlet.AbstractHTTPServlet. > service(AbstractHTTPServlet.java:265) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:303) > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:208) > at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:241) > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:208) > at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter( > HttpHeaderSecurityFilter.java:120) > at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter( > ApplicationFilterChain.java:241) > at org.apache.catalina.core.ApplicationFilterChain.doFilter( > ApplicationFilterChain.java:208) > at org.apache.catalina.core.StandardWrapperValve.invoke( > StandardWrapperValve.java:218) > at org.apache.catalina.core.StandardContextValve.invoke( > StandardContextValve.java:122) > at org.apache.catalina.authenticator.AuthenticatorBase.invoke( >
[Dev] [IS] Generate token with auth code grant - Using same code twice
Hi All I generated an auth code and used that code to issue an access token. In second time as expected its not giving me an access token if I use same code. But there is a null pointer. TID: [-1234] [] [2017-03-23 08:46:21,034] INFO {org.wso2.carbon.identity.oauth.config.OAuthServerConfiguration} - The default Identity OAuth token issuer will be used. No custom token generator is set. TID: [-1234] [] [2017-03-23 08:47:12,696] WARN {org.wso2.carbon.identity.oauth.endpoint.authz.OAuth2AuthzEndpoint} - No session state found for the received Session ID : afbb08c6-d832-4154-9e68-116cc02b7b94 TID: [-1234] [] [2017-03-23 08:50:59,399] ERROR {org.wso2.carbon.identity.oauth2.OAuth2Service} - Error occurred while issuing the access token for Client ID : jF2udC5fHAZwglHYuYVt9rXdgrIa, User ID null, Scope : [] and Grant Type : authorization_code java.lang.NullPointerException at org.wso2.carbon.identity.oauth2.token.handlers.grant.AuthorizationCodeGrantHandler.validateGrant(AuthorizationCodeGrantHandler.java:121) at org.wso2.carbon.identity.oauth2.token.AccessTokenIssuer.issue(AccessTokenIssuer.java:212) at org.wso2.carbon.identity.oauth2.OAuth2Service.issueAccessToken(OAuth2Service.java:223) at org.wso2.carbon.identity.oauth.endpoint.token.OAuth2TokenEndpoint.getAccessToken(OAuth2TokenEndpoint.java:287) at org.wso2.carbon.identity.oauth.endpoint.token.OAuth2TokenEndpoint.issueAccessToken(OAuth2TokenEndpoint.java:151) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:188) at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:104) at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:204) at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:101) at org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:58) at org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:94) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272) at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121) at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:249) at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:248) at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:222) at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:153) at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:171) at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:289) at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:209) at javax.servlet.http.HttpServlet.service(HttpServlet.java:650) at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:265) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:120) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:218) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) at org.wso2.carbon.identity.context.rewrite.valve.TenantContextRewriteValve.invoke(TenantContextRewriteValve.java:72) at org.wso2.carbon.identity.authz.valve.AuthorizationValve.invoke(AuthorizationValve.java:91) at org.wso2.carbon.identity.auth.valve.AuthenticationValve.invoke(AuthenticationValve.java:60) at org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99) at org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47) at