[英]wso2 api manager 1.7 /oauth2/userinfo api throws NullPointerException
我们正在评估wso2 api管理器1.7,并且有一个用例可以从授权令牌中获取用户信息。 我们尝试使用/ oauth2 / userinfo api,但是会抛出NPE。 请在下面找到更多详细信息:
"curl -k -H "Authorization: Bearer 5e485cb7dbf5118d3b2d99e6f75dee" apim_url/oauth2/userinfo?schema=openid"
java.lang.RuntimeException: org.apache.cxf.interceptor.Fault
org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:116)
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:331)
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:239)
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:223)
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:203)
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:137)
org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:159)
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:286)
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doGet(AbstractHTTPServlet.java:211)
javax.servlet.http.HttpServlet.service(HttpServlet.java:735)
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:262)
</pre></p><p><b>root cause</b> <pre>org.apache.cxf.interceptor.Fault
org.apache.cxf.service.invoker.AbstractInvoker.createFault(AbstractInvoker.java:162)
org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:128)
org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:194)
org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:100)
org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:57)
org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:93)
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:239)
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:223)
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:203)
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:137)
org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:159)
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:286)
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doGet(AbstractHTTPServlet.java:211)
javax.servlet.http.HttpServlet.service(HttpServlet.java:735)
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:262)
</pre></p><p><b>root cause</b> <pre>java.lang.NullPointerException
org.wso2.carbon.identity.oauth2.validators.DefaultOAuth2TokenValidator.validateScope(DefaultOAuth2TokenValidator.java:52)
org.wso2.carbon.identity.oauth2.validators.TokenValidationHandler.findOAuthConsumerIfTokenIsValid(TokenValidationHandler.java:246)
org.wso2.carbon.identity.oauth2.validators.TokenValidationHandler.validate(TokenValidationHandler.java:129)
org.wso2.carbon.identity.oauth2.OAuth2TokenValidationService.validate(OAuth2TokenValidationService.java:47)
org.wso2.carbon.identity.oauth.endpoint.user.impl.UserInfoISAccessTokenValidator.validateToken(UserInfoISAccessTokenValidator.java:45)
org.wso2.carbon.identity.oauth.endpoint.user.OpenIDConnectUserEndpoint.getUserClaims(OpenIDConnectUserEndpoint.java:57)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.lang.reflect.Method.invoke(Method.java:606)
org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:180)
org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96)
org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:194)
org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:100)
org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:57)
org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:93)
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:239)
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:223)
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:203)
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:137)
org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:159)
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:286)
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doGet(AbstractHTTPServlet.java:211)
javax.servlet.http.HttpServlet.service(HttpServlet.java:735)
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:262)
在“ DefaultOAuth2TokenValidator.validateScope”处看到异常根,尝试在请求中添加scope = openid
例:
https://wso2_is_host:9443/oauth2/authorize?response_type=token&client_id=hkJUZBbWYHPzS8FbRtn9PwwuFL4b&redirect_uri=http%3A%2F%2Fapp_host%3A8080%2Fwpapp%2Fcallback.jsp&scope=openid
加百利祝你好运
CORS无法在WSO2 API管理器中的oAuth2 UserInfo端点上工作
[英]CORS is not working on oAuth2 UserInfo endpoint in WSO2 API Manager
WSO2身份和Oauth2-Userinfo引发错误:范围不足
[英]WSO2 Identity and Oauth2 - Userinfo throws Error: Insufficient Scope
oAuth2 - WSO2 API Manager和Identity Server集成
[英]oAuth2 - WSO2 API Manager and Identity Server Integration
WSO2 API管理器/ services /…抛出NullPointerException
[英]WSO2 API Manager /services/… throw a NullPointerException
WSO2 API管理器-我们可以限制API支持的OAuth2授权类型吗
[英]WSO2 API Manager - Can we limit supported OAuth2 Grant Type for an API
WSO2 Api Manager - 调用 API(oauth2 授权授予代码)时绕过登录页面
[英]WSO2 Api Manager - bypass sign in page when invoking API (oauth2 authorization grant code)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.