stackoom
  简体   繁体   中英

wso2 api manager 1.7 /oauth2/userinfo api throws NullPointerException

 原文  2014-11-21 14:16:32       wso2/ wso2is/ wso2-am

Question

We are evaluating wso2 api manager 1.7 and have a use case to fetch user info from authorization token. We tried using /oauth2/userinfo api, but it throws NPE. Please find more details below: 

"curl -k -H "Authorization: Bearer 5e485cb7dbf5118d3b2d99e6f75dee" apim_url/oauth2/userinfo?schema=openid"

java.lang.RuntimeException: org.apache.cxf.interceptor.Fault
        org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:116)
        org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:331)
        org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
        org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:239)
        org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:223)
        org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:203)
        org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:137)
        org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:159)
        org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:286)
        org.apache.cxf.transport.servlet.AbstractHTTPServlet.doGet(AbstractHTTPServlet.java:211)
        javax.servlet.http.HttpServlet.service(HttpServlet.java:735)
        org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:262)
</pre></p><p><b>root cause</b> <pre>org.apache.cxf.interceptor.Fault
        org.apache.cxf.service.invoker.AbstractInvoker.createFault(AbstractInvoker.java:162)
        org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:128)
        org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:194)
        org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:100)
        org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:57)
        org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:93)
        org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)
        org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
        org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:239)
        org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:223)
        org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:203)
        org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:137)
        org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:159)
        org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:286)
        org.apache.cxf.transport.servlet.AbstractHTTPServlet.doGet(AbstractHTTPServlet.java:211)
        javax.servlet.http.HttpServlet.service(HttpServlet.java:735)
        org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:262)
</pre></p><p><b>root cause</b> <pre>java.lang.NullPointerException
        org.wso2.carbon.identity.oauth2.validators.DefaultOAuth2TokenValidator.validateScope(DefaultOAuth2TokenValidator.java:52)
        org.wso2.carbon.identity.oauth2.validators.TokenValidationHandler.findOAuthConsumerIfTokenIsValid(TokenValidationHandler.java:246)
        org.wso2.carbon.identity.oauth2.validators.TokenValidationHandler.validate(TokenValidationHandler.java:129)
        org.wso2.carbon.identity.oauth2.OAuth2TokenValidationService.validate(OAuth2TokenValidationService.java:47)
        org.wso2.carbon.identity.oauth.endpoint.user.impl.UserInfoISAccessTokenValidator.validateToken(UserInfoISAccessTokenValidator.java:45)
        org.wso2.carbon.identity.oauth.endpoint.user.OpenIDConnectUserEndpoint.getUserClaims(OpenIDConnectUserEndpoint.java:57)
        sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
        sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        java.lang.reflect.Method.invoke(Method.java:606)
        org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:180)
        org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96)
        org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:194)
        org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:100)
        org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:57)
        org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:93)
        org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)
        org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
        org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:239)
        org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:223)
        org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:203)
        org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:137)
        org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:159)
        org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:286)
        org.apache.cxf.transport.servlet.AbstractHTTPServlet.doGet(AbstractHTTPServlet.java:211)
        javax.servlet.http.HttpServlet.service(HttpServlet.java:735)
        org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:262)

1 answers

solution1
 0  2015-02-10 14:04:47

seeing the exception root at "DefaultOAuth2TokenValidator.validateScope", try to add a scope=openid at the request

example: 

https://wso2_is_host:9443/oauth2/authorize?response_type=token&client_id=hkJUZBbWYHPzS8FbRtn9PwwuFL4b&redirect_uri=http%3A%2F%2Fapp_host%3A8080%2Fwpapp%2Fcallback.jsp&scope=openid

Good luck Gabriel

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question CORS is not working on oAuth2 UserInfo endpoint in WSO2 API Manager WSO2 Identity and Oauth2 - Userinfo throws Error: Insufficient Scope How to implement OAuth2 authorization with WSO2 API Manager oAuth2 - WSO2 API Manager and Identity Server Integration Accessing a oauth2 secured service via WSO2 API Manager WSO2 API Manager /services/… throw a NullPointerException WSO2 API Manager - Can we limit supported OAuth2 Grant Type for an API WSO2 Api Manager - bypass sign in page when invoking API (oauth2 authorization grant code) 3-legged oauth with Wso2 API Manager WSO2 API Manager with external oauth provider
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM