search

ForgeRock / forgeops

ForgeRock platform assets for Kubernetes deployment. Contains the files you need to build your own Docker images and to deploy the ForgeRock Identity Platform on Kubernetes clusters.
Other
165 stars 243 forks source link

404 Error: Unable to Import sha256.js in ForgeRock iframe #680

Open sachinwalunjakar opened 2 months ago

sachinwalunjakar commented 2 months ago

The following HTML is obtained from ForgeRock. The content of the iframe is retrieved from the url http://example.com/openam/oauth2/cfx_iag/connect/checkSession, where the 404 error occurs when attempting to import the sha256.js script. This iframe is use for getting session state.

<!DOCTYPE html>
<!--
  ~ DO NOT REMOVE COPYRIGHT NOTICES OR THIS HEADER.
  ~
  ~ Copyright 2013-2019 ForgeRock AS. All Rights Reserved
  ~
  ~ Use of this code requires a commercial software license with ForgeRock AS.
  ~ or with one of its affiliates. All use shall be exclusively subject
  ~ to such license between the licensee and ForgeRock AS.
  -->
<html lang="en">
    <head>
        <meta charset="utf-8">
        <meta name="description" content="OpenIDConnect checkSession">
        <title>OpenIDConnect checkSession</title>
    </head>

    <body style="display:none">
        <script src="http://example.com/openam/XUI/js/sha256.js"></script>
        <script type="text/javascript">
            window.addEventListener("message", receiveMessage, false);
            var client_id;
            function receiveMessage(e){
                data = e.data.split(' ');
                client_id = data[0];
                var clientURI = "";
                if (e.origin !== clientURI){
                    return;
                }
                var session_state = data[1];
                var opbs = getBrowserState();
                var ss = CryptoJS.SHA256(client_id + e.origin  + opbs).toString();
                if (session_state == ss) {
                    stat = 'unchanged';
                } else {
                    stat = 'changed';
                }
                e.source.postMessage(stat, e.origin);
            }

            function getBrowserState(){
              var validSession = false;

              if (!validSession){
                   return "";
               }
               var cookieName = "iPlanetDirectoryPro" + "=";
               var cookies = document.cookie+";";
               var cookieStart = cookies.indexOf(cookieName);
               if (cookieStart != -1) {
                   var end = cookies.indexOf(";", cookieStart);
                 return unescape(cookies.substring(cookieStart + cookieName.length, end));
             }
             return "";
         }
        </script>
    </body>
</html>

Getting 404 error when executing this line: <script src="http://example.com/openam/XUI/js/sha256.js"></script>

wstrange commented 2 months ago

Shot in the dark - but you are using http (not https) - which can cause all sorts of problems.

On Tue, Apr 9, 2024 at 11:03 PM sachinwalunjakar @.***> wrote:

The following HTML is obtained from ForgeRock. The content of the iframe is retrieved from the url http://example.com/openam/oauth2/cfx_iag/connect/checkSession, where the 404 error occurs when attempting to import the sha256.js script. This iframe is use for getting session state.

<!DOCTYPE html>

OpenIDConnect checkSession 
<body style="display:none">
    <script src="http://example.com/openam/XUI/js/sha256.js"></script>
    <script type="text/javascript">
        window.addEventListener("message", receiveMessage, false);
        var client_id;
        function receiveMessage(e){
            data = e.data.split(' ');
            client_id = data[0];
            var clientURI = "";
            if (e.origin !== clientURI){
                return;
            }
            var session_state = data[1];
            var opbs = getBrowserState();
            var ss = CryptoJS.SHA256(client_id + e.origin  + opbs).toString();
            if (session_state == ss) {
                stat = 'unchanged';
            } else {
                stat = 'changed';
            }
            e.source.postMessage(stat, e.origin);
        }

        function getBrowserState(){
          var validSession = false;

          if (!validSession){
               return "";
           }
           var cookieName = "iPlanetDirectoryPro" + "=";
           var cookies = document.cookie+";";
           var cookieStart = cookies.indexOf(cookieName);
           if (cookieStart != -1) {
               var end = cookies.indexOf(";", cookieStart);
             return unescape(cookies.substring(cookieStart + cookieName.length, end));
         }
         return "";
     }
    </script>
</body></html>

Getting 404 error when executing this line:

— Reply to this email directly, view it on GitHub https://github.com/ForgeRock/forgeops/issues/680, or unsubscribe https://github.com/notifications/unsubscribe-auth/AADNEZCD25VJ22MTVC23QADY4TBYVAVCNFSM6AAAAABF7XSET2VHI2DSMVQWIX3LMV43ASLTON2WKOZSGIZTINZWGA3TSNQ . You are receiving this because you are subscribed to this thread.Message ID: @.***>

bkrajendra commented 2 months ago

Hi @wstrange , I don't think this is related to HTTPS. Here http://example.com/openam/XUI/js/sha256.js url itself is throwing 404. Still, it's worth a try to host the forgerock on SSL and test again.

lee-baines commented 2 months ago

Hi @sachinwalunjakar, what version of forgeops are you using?

sachinwalunjakar-confluxsys commented 2 months ago

Hi @sachinwalunjakar, what version of forgeops are you using?

I am using ForgeRock Access Management 7.4.0.

lee-baines commented 2 months ago

Are you using the ingress configuration that is provided in ForgeOps? In kustomize/base/ingress/ingress.yaml you'll see that there is no openam endpoint so naturally if you are using an ingress controller like nginx, nginx will throw a 404 as the path doesn't exist. Can you provide some more information about your deployment please? If you run bin/debug-logs and attach the results, it will provide most of this information

sachinwalunjakar-confluxsys commented 2 months ago

I setuped forgerock on, separate VM, my application is hosted in kubernetes. Following are logs of OAuth2Provider, when I refresh the page,

o.f.o.c.BasicOAuth2RequestImpl: 2024-04-12T15:58:30.878+05:30: Thread[http-nio-8080-exec-1]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942869]
DEBUG: Could not read request entity
java.io.IOException: Enclosing message doesn't have the application/x-www-form-urlencoded Content-Type header
[CONTINUED]     at org.forgerock.http.protocol.Entity.getFormAsync(Entity.java:364)
[CONTINUED]     at org.forgerock.http.protocol.Entity.getForm(Entity.java:344)
[CONTINUED]     at org.forgerock.oauth2.core.BasicOAuth2RequestImpl$1.get(BasicOAuth2RequestImpl.java:51)
[CONTINUED]     at org.forgerock.oauth2.core.BasicOAuth2RequestImpl$1.get(BasicOAuth2RequestImpl.java:47)
[CONTINUED]     at io.vavr.Lazy.computeValue(Lazy.java:162)
[CONTINUED]     at io.vavr.Lazy.get(Lazy.java:156)
[CONTINUED]     at org.forgerock.oauth2.core.BasicOAuth2RequestImpl.getEntityAsForm(BasicOAuth2RequestImpl.java:169)
[CONTINUED]     at org.forgerock.oauth2.core.BasicOAuth2RequestDecorator.getEntityAsForm(BasicOAuth2RequestDecorator.java:64)
[CONTINUED]     at org.forgerock.oauth2.core.OAuth2RequestFactory.getParameters(OAuth2RequestFactory.java:265)
[CONTINUED]     at org.forgerock.oauth2.core.OAuth2RequestFactory.createWithRequestParameter(OAuth2RequestFactory.java:147)
[CONTINUED]     at org.forgerock.oauth2.restlet.AuthorizeResource.getOAuth2Request(AuthorizeResource.java:231)
[CONTINUED]     at org.forgerock.oauth2.restlet.AuthorizeResource.authorize(AuthorizeResource.java:144)
[CONTINUED]     at jdk.internal.reflect.GeneratedMethodAccessor173.invoke(Unknown Source)
[CONTINUED]     at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
[CONTINUED]     at java.base/java.lang.reflect.Method.invoke(Method.java:568)
[CONTINUED]     at org.forgerock.openam.http.annotations.AnnotatedMethod.invoke(AnnotatedMethod.java:81)
[CONTINUED]     at org.forgerock.openam.http.annotations.Endpoints$1.handle(Endpoints.java:77)
[CONTINUED]     at org.forgerock.http.handler.Handlers$UndescribedAsDescribableHandler.handle(Handlers.java:180)
[CONTINUED]     at org.forgerock.oauth2.restlet.OAuth2Filter.filter(OAuth2Filter.java:48)
[CONTINUED]     at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
[CONTINUED]     at org.forgerock.openam.audit.AbstractHttpAccessAuditFilter.filter(AbstractHttpAccessAuditFilter.java:88)
[CONTINUED]     at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
[CONTINUED]     at org.forgerock.http.routing.Router.handle(Router.java:100)
[CONTINUED]     at org.forgerock.openam.cors.CorsFilter.filter(CorsFilter.java:91)
[CONTINUED]     at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
[CONTINUED]     at org.forgerock.openam.rest.RealmContextFilter.filter(RealmContextFilter.java:87)
[CONTINUED]     at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
[CONTINUED]     at org.forgerock.http.routing.Router.handle(Router.java:100)
[CONTINUED]     at org.forgerock.openam.http.HttpRoute$6.handle(HttpRoute.java:206)
[CONTINUED]     at org.forgerock.http.routing.Router.handle(Router.java:100)
[CONTINUED]     at org.forgerock.openam.dpro.session.ProofOfPossessionTokenFilter.filter(ProofOfPossessionTokenFilter.java:95)
[CONTINUED]     at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
[CONTINUED]     at org.forgerock.http.swagger.OpenApiRequestFilter.filter(OpenApiRequestFilter.java:63)
[CONTINUED]     at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
[CONTINUED]     at org.forgerock.openam.http.ApiDescriptorFilter.filter(ApiDescriptorFilter.java:66)
[CONTINUED]     at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
[CONTINUED]     at org.forgerock.openam.http.ResponseContext$ResponseContextFilter.filter(ResponseContext.java:53)
[CONTINUED]     at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
[CONTINUED]     at org.forgerock.openam.http.OpenAMHttpApplication.lambda$static$1(OpenAMHttpApplication.java:60)
[CONTINUED]     at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
[CONTINUED]     at org.forgerock.openam.http.OpenAMHttpApplication.lambda$cacheHeaderFilter$3(OpenAMHttpApplication.java:88)
[CONTINUED]     at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
[CONTINUED]     at org.forgerock.http.filter.TransactionIdInboundFilter.filter(TransactionIdInboundFilter.java:86)
[CONTINUED]     at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
[CONTINUED]     at org.forgerock.http.servlet.HttpFrameworkServlet.service(HttpFrameworkServlet.java:282)
[CONTINUED]     at javax.servlet.http.HttpServlet.service(HttpServlet.java:623)
[CONTINUED]     at org.forgerock.openam.http.OpenAMHttpFrameworkServlet.service(OpenAMHttpFrameworkServlet.java:47)
[CONTINUED]     at javax.servlet.http.HttpServlet.service(HttpServlet.java:623)
[CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:209)
[CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
[CONTINUED]     at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:51)
[CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
[CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
[CONTINUED]     at org.forgerock.openam.validation.LargeCookieWarningFilter.doFilter(LargeCookieWarningFilter.java:48)
[CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
[CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
[CONTINUED]     at org.forgerock.openam.headers.SecureCookieFilter.doFilter(SecureCookieFilter.java:63)
[CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
[CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
[CONTINUED]     at org.forgerock.openam.headers.DisableSameSiteCookiesFilter.doFilter(DisableSameSiteCookiesFilter.java:106)
[CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
[CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
[CONTINUED]     at org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:59)
[CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
[CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
[CONTINUED]     at org.forgerock.openam.headers.SetHeadersFilter.doFilter(SetHeadersFilter.java:110)
[CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
[CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
[CONTINUED]     at org.forgerock.openam.headers.SetHeadersFilter.doFilter(SetHeadersFilter.java:110)
[CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
[CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
[CONTINUED]     at com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:116)
[CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
[CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
[CONTINUED]     at org.forgerock.openam.validation.RequestEntitySizeVerificationFilter.doFilter(RequestEntitySizeVerificationFilter.java:74)
[CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
[CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
[CONTINUED]     at org.forgerock.openam.audit.context.AuditContextFilter.doFilter(AuditContextFilter.java:47)
[CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
[CONTINUED]     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
[CONTINUED]     at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:168)
[CONTINUED]     at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90)
[CONTINUED]     at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:481)
[CONTINUED]     at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:130)
[CONTINUED]     at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93)
[CONTINUED]     at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:670)
[CONTINUED]     at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
[CONTINUED]     at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
[CONTINUED]     at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:390)
[CONTINUED]     at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63)
[CONTINUED]     at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:928)
[CONTINUED]     at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1794)
[CONTINUED]     at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52)
[CONTINUED]     at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
[CONTINUED]     at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
[CONTINUED]     at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
[CONTINUED]     at java.base/java.lang.Thread.run(Thread.java:833)
[CONTINUED]java.io.IOException: Enclosing message doesn't have the application/x-www-form-urlencoded Content-Type header
        at org.forgerock.http.protocol.Entity.getFormAsync(Entity.java:364)
        at org.forgerock.http.protocol.Entity.getForm(Entity.java:344)
        at org.forgerock.oauth2.core.BasicOAuth2RequestImpl$1.get(BasicOAuth2RequestImpl.java:51)
        at org.forgerock.oauth2.core.BasicOAuth2RequestImpl$1.get(BasicOAuth2RequestImpl.java:47)
        at io.vavr.Lazy.computeValue(Lazy.java:162)
        at io.vavr.Lazy.get(Lazy.java:156)
        at org.forgerock.oauth2.core.BasicOAuth2RequestImpl.getEntityAsForm(BasicOAuth2RequestImpl.java:169)
        at org.forgerock.oauth2.core.BasicOAuth2RequestDecorator.getEntityAsForm(BasicOAuth2RequestDecorator.java:64)
        at org.forgerock.oauth2.core.OAuth2RequestFactory.getParameters(OAuth2RequestFactory.java:265)
        at org.forgerock.oauth2.core.OAuth2RequestFactory.createWithRequestParameter(OAuth2RequestFactory.java:147)
        at org.forgerock.oauth2.restlet.AuthorizeResource.getOAuth2Request(AuthorizeResource.java:231)
        at org.forgerock.oauth2.restlet.AuthorizeResource.authorize(AuthorizeResource.java:144)
        at jdk.internal.reflect.GeneratedMethodAccessor173.invoke(Unknown Source)
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.base/java.lang.reflect.Method.invoke(Method.java:568)
        at org.forgerock.openam.http.annotations.AnnotatedMethod.invoke(AnnotatedMethod.java:81)
        at org.forgerock.openam.http.annotations.Endpoints$1.handle(Endpoints.java:77)
        at org.forgerock.http.handler.Handlers$UndescribedAsDescribableHandler.handle(Handlers.java:180)
        at org.forgerock.oauth2.restlet.OAuth2Filter.filter(OAuth2Filter.java:48)
        at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
        at org.forgerock.openam.audit.AbstractHttpAccessAuditFilter.filter(AbstractHttpAccessAuditFilter.java:88)
        at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
        at org.forgerock.http.routing.Router.handle(Router.java:100)
        at org.forgerock.openam.cors.CorsFilter.filter(CorsFilter.java:91)
        at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
        at org.forgerock.openam.rest.RealmContextFilter.filter(RealmContextFilter.java:87)
        at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
        at org.forgerock.http.routing.Router.handle(Router.java:100)
        at org.forgerock.openam.http.HttpRoute$6.handle(HttpRoute.java:206)
        at org.forgerock.http.routing.Router.handle(Router.java:100)
        at org.forgerock.openam.dpro.session.ProofOfPossessionTokenFilter.filter(ProofOfPossessionTokenFilter.java:95)
        at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
        at org.forgerock.http.swagger.OpenApiRequestFilter.filter(OpenApiRequestFilter.java:63)
        at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
        at org.forgerock.openam.http.ApiDescriptorFilter.filter(ApiDescriptorFilter.java:66)
        at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
        at org.forgerock.openam.http.ResponseContext$ResponseContextFilter.filter(ResponseContext.java:53)
        at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
        at org.forgerock.openam.http.OpenAMHttpApplication.lambda$static$1(OpenAMHttpApplication.java:60)
        at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
        at org.forgerock.openam.http.OpenAMHttpApplication.lambda$cacheHeaderFilter$3(OpenAMHttpApplication.java:88)
        at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
        at org.forgerock.http.filter.TransactionIdInboundFilter.filter(TransactionIdInboundFilter.java:86)
        at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:54)
        at org.forgerock.http.servlet.HttpFrameworkServlet.service(HttpFrameworkServlet.java:282)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:623)
        at org.forgerock.openam.http.OpenAMHttpFrameworkServlet.service(OpenAMHttpFrameworkServlet.java:47)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:623)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:209)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
        at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:51)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
        at org.forgerock.openam.validation.LargeCookieWarningFilter.doFilter(LargeCookieWarningFilter.java:48)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
        at org.forgerock.openam.headers.SecureCookieFilter.doFilter(SecureCookieFilter.java:63)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
        at org.forgerock.openam.headers.DisableSameSiteCookiesFilter.doFilter(DisableSameSiteCookiesFilter.java:106)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
        at org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:59)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
        at org.forgerock.openam.headers.SetHeadersFilter.doFilter(SetHeadersFilter.java:110)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
        at org.forgerock.openam.headers.SetHeadersFilter.doFilter(SetHeadersFilter.java:110)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
        at com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:116)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
        at org.forgerock.openam.validation.RequestEntitySizeVerificationFilter.doFilter(RequestEntitySizeVerificationFilter.java:74)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
        at org.forgerock.openam.audit.context.AuditContextFilter.doFilter(AuditContextFilter.java:47)
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:178)
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:153)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:168)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:90)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:481)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:130)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:93)
        at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:670)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:342)
        at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:390)
        at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:63)
        at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:928)
        at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1794)
        at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:52)
        at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
        at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
        at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
        at java.base/java.lang.Thread.run(Thread.java:833)
o.f.o.c.BasicOAuth2RequestImpl: 2024-04-12T15:58:30.878+05:30: Thread[http-nio-8080-exec-1]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942869]
WARN: Could not parse request body: No content to map due to end-of-input
[CONTINUED] at [Source: (BufferedReader); line: 1, column: 0]
o.f.o.c.ClientDAO: 2024-04-12T15:58:30.880+05:30: Thread[http-nio-8080-exec-1]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942869]
DEBUG: No value found for key 'com.forgerock.openam.oauth2provider.accessTokenLifeTime' and default value '0'  is returned.
o.f.o.c.ClientDAO: 2024-04-12T15:58:30.880+05:30: Thread[http-nio-8080-exec-1]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942869]
DEBUG: No value found for key 'com.forgerock.openam.oauth2provider.authorizationCodeLifeTime' and default value '0'  is returned.
o.f.o.c.ClientDAO: 2024-04-12T15:58:30.880+05:30: Thread[http-nio-8080-exec-1]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942869]
DEBUG: No value found for key 'com.forgerock.openam.oauth2provider.defaultMaxAge' and default value '0'  is returned.
o.f.o.c.ClientDAO: 2024-04-12T15:58:30.880+05:30: Thread[http-nio-8080-exec-1]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942869]
DEBUG: No value found for key 'com.forgerock.openam.oauth2provider.refreshTokenLifeTime' and default value '0'  is returned.
o.f.o.c.AuthorizationService: 2024-04-12T15:58:30.880+05:30: Thread[http-nio-8080-exec-1]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942869]
DEBUG: Evaluated scope returned PolicyEngineScopeResult{grantedScope=[], deniedScope=[], attributes={}}
o.f.o.c.AuthorizationService: 2024-04-12T15:58:30.880+05:30: Thread[http-nio-8080-exec-1]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942869]
DEBUG: Using implied consent
o.f.o.c.AuthorizationService: 2024-04-12T15:58:30.880+05:30: Thread[http-nio-8080-exec-1]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942869]
DEBUG: No further consent required - [openid, offline_access, profile, group] being granted
o.f.o.o.t.AbstractTokenStore: 2024-04-12T15:58:30.881+05:30: Thread[http-nio-8080-exec-1]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942869]
DEBUG: StatelessTokenStore::Creating grant
o.f.o.o.t.AbstractTokenStore: 2024-04-12T15:58:30.881+05:30: Thread[http-nio-8080-exec-1]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942869]
DEBUG: StatelessTokenStore::Saving new grant
o.f.o.o.t.AbstractTokenStore: 2024-04-12T15:58:30.884+05:30: Thread[http-nio-8080-exec-1]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942869]
DEBUG: StatelessTokenStore::Creating authorization code
o.f.o.o.t.AbstractTokenStore: 2024-04-12T15:58:30.886+05:30: Thread[http-nio-8080-exec-1]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942869]
DEBUG: StatefulTokenStore::Saving new authorization code
o.f.o.o.t.AbstractTokenStore: 2024-04-12T15:58:31.842+05:30: Thread[http-nio-8080-exec-6]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942905]
DEBUG: StatefulTokenStore::Reading authorization code: d9YRrr_yQ1U4kr65lHZ026f4QvQ
o.f.o.o.t.AbstractTokenStore: 2024-04-12T15:58:31.844+05:30: Thread[http-nio-8080-exec-6]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942905]
DEBUG: StatelessTokenStore::Creating access token
o.f.o.o.t.AbstractTokenStore: 2024-04-12T15:58:31.852+05:30: Thread[http-nio-8080-exec-6]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942905]
DEBUG: StatelessTokenStore::Creating refresh token
o.f.o.o.t.OpenIdConnectTokenStore: 2024-04-12T15:58:31.852+05:30: Thread[http-nio-8080-exec-6]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942905]
DEBUG: OpenIdConnectTokenStore::Creating OpsToken
o.f.o.o.t.AbstractTokenStore: 2024-04-12T15:58:31.856+05:30: Thread[http-nio-8080-exec-6]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942905]
DEBUG: StatelessTokenStore::Saving new refresh token
o.f.o.o.t.AbstractTokenStore: 2024-04-12T15:58:31.856+05:30: Thread[http-nio-8080-exec-6]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942905]
DEBUG: StatelessTokenStore::Saving updated grant
o.f.o.o.t.AbstractTokenStore: 2024-04-12T15:58:31.860+05:30: Thread[http-nio-8080-exec-6]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942905]
DEBUG: StatefulTokenStore::Saving updated authorization code
o.f.o.o.t.AbstractTokenStore: 2024-04-12T15:58:31.864+05:30: Thread[http-nio-8080-exec-6]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942905]
DEBUG: StatelessTokenStore::Creating access token
o.f.o.o.t.OpenIdConnectTokenStore: 2024-04-12T15:58:31.864+05:30: Thread[http-nio-8080-exec-6]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942905]
DEBUG: OpenIdConnectTokenStore::Creating OpenID Connect ID Token
o.f.o.o.s.MappedPurposeDelegatingSecretStore: 2024-04-12T15:58:31.876+05:30: Thread[http-nio-8080-exec-6]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942905]
DEBUG: Looking for active secret for purpose Purpose{'oauth2.oidc.idtoken.signing', SigningKey} in store org.forgerock.openam.oauth2.secrets.MappedPurposeDelegatingSecretStore@67e9f21e
o.f.o.o.s.MappedPurposeDelegatingSecretStore: 2024-04-12T15:58:31.877+05:30: Thread[http-nio-8080-exec-6]: TransactionId[49c5d887-579b-4fcd-b900-fd7301106172-7942905]
TRACE: Found active secret for purpose Purpose{'oauth2.oidc.idtoken.signing', SigningKey} in store org.forgerock.openam.oauth2.secrets.MappedPurposeDelegatingSecretStore@67e9f21e: SigningKey{stableId=wU3ifIIaLOUAReRB/FG6eM1P1QM=, expiryTime=2024-04-12T10:33:31.877688992Z, factory=CryptoServiceFactory{provider=SunJCE version 17}, keyUsages=[encrypt, decrypt, sign, verify, agree key, wrap key, unwrap key, verify certificate]}
lee-baines commented 2 months ago

Are you deploying using the forgeops tooling? Deploying the platform using forgeops requires a specific deployment model using the tooling in this repo? I need to understand more detail about what and how you've deployed to your VM. Deploying without forgeops tooling and not deploying the entire integrated platform is unsupported unfortunately by the forgeops team. You would need to engage Ping Identity(previously ForgeRock) support for on-prem product support