Passport authentication failed on first attempt throws oxauth error (works on second attempt with same userid).

MohitMaliFtechiz commented 2 years ago

Describe the issue

Passport authentication failed on first attempt throws oxauth error (works on second attempt with same userid)

How to reproduce

Go to admin ui
go to passport
add a new provider
change the authentication script to passport social
test the Passport_social script.

Expected behaviour

authentication must be successful through passport

Actual behaviour

Authentication failed and get to oxauth error on first attempt however authentication works on second attempt with same user ID.

config

Gluu-server 4.3.1 + couchbase

OS Ubuntu 20.04

logs

021-11-23 03:48:32,212 TRACE [qtp1831477404-14] [org.gluu.service.BaseCacheService] (BaseCacheService.java:84) - Put data, key 'oxId=a4721570-06a2-4391-863e-4fd3a840ea03,ou=sessions,o=gluu': 'SessionId {dn='oxId=a4721570-06a2-4391-863e-4fd3a840ea03,ou=sessions,o=gluu', id='a4721570-06a2-4391-863e-4fd3a840ea03', outsideSid='ce5f5951-21b0-4db7-9b05-13222877fccf', lastUsedAt=Tue Nov 23 03:48:11 UTC 2021, userDn='', authenticationTime=Tue Nov 23 03:48:06 UTC 2021, state=unauthenticated, expirationDate=Tue Nov 23 03:50:06 UTC 2021, sessionState='5bf0ab81afe56399fc58b4f2c2fc6098ab78b7e0a1a5d7c5d4b82a43a29c1c0e.5c491b0c-59e4-4b4d-90fa-6739a19317ac', permissionGranted=null, isJwt=false, jwt=null, permissionGrantedMap=SessionIdAccessMap{permissionGranted={1001.b5bed838-8b1f-4d4e-83b3-6c8d91d7a44a=false}}, sessionAttributes={auth_external_attributes=[{"externalProviders":"java.lang.String"},{}], opbs=b147d6dd-8a8d-4249-ab5a-b7256b092bb2, externalProviders={"google": {"requestForEmail": false, "displayName": "Google", "emailLinkingSafe": false, "type": "oauth", "logo_img": null, "saml": false}}, response_type=code, nonce=bff92e16-8af3-41c7-83eb-2ea182ec7f3f, selectedProvider=null, client_id=1001.b5bed838-8b1f-4d4e-83b3-6c8d91d7a44a, auth_step=1, acr=passport_social, remote_ip=103.225.204.230, scope=openid profile email user_name, acr_values=passport_social, redirect_uri=https://ce.gluu.org/identity/authcode.htm, state=783a2ac8-1cf3-4651-8de8-4c4ec76da737}, persisted=false}'
2021-11-23 03:48:32,212 TRACE [qtp1831477404-14] [org.gluu.oxauth.service.SessionIdService] (SessionIdService.java:821) - Try to get session by id: a4721570-06a2-4391-863e-4fd3a840ea03 ...
2021-11-23 03:48:32,212 TRACE [qtp1831477404-14] [org.gluu.oxauth.service.SessionIdService] (SessionIdService.java:823) - Session dn: oxId=a4721570-06a2-4391-863e-4fd3a840ea03,ou=sessions,o=gluu
2021-11-23 03:48:32,238 DEBUG [qtp1831477404-14] [org.gluu.oxauth.service.common.UserService] (UserService.java:239) - Getting user information from LDAP: attributeName = 'oxExternalUid', attributeValue = 'passport-google:114008635226223682143'
2021-11-23 03:48:32,239 TRACE [qtp1831477404-14] [org.gluu.orm.couchbase.impl.CouchbaseEntryManager] (CouchbaseEntryManager.java:441) - Filter: (oxExternalUid=passport-google:114008635226223682143)
2021-11-23 03:48:32,239 TRACE [qtp1831477404-14] [org.gluu.orm.couchbase.impl.CouchbaseEntryManager] (CouchbaseEntryManager.java:448) - -------------------------------------------------------
2021-11-23 03:48:32,239 TRACE [qtp1831477404-14] [org.gluu.orm.couchbase.impl.CouchbaseEntryManager] (CouchbaseEntryManager.java:449) - Filter: (oxExternalUid=passport-google:114008635226223682143)
2021-11-23 03:48:32,239 TRACE [qtp1831477404-14] [org.gluu.orm.couchbase.impl.CouchbaseEntryManager] (CouchbaseEntryManager.java:450) - objectClasses count: 1 
2021-11-23 03:48:32,239 TRACE [qtp1831477404-14] [org.gluu.orm.couchbase.impl.CouchbaseEntryManager] (CouchbaseEntryManager.java:451) - objectClasses: gluuPerson
2021-11-23 03:48:32,239 TRACE [qtp1831477404-14] [org.gluu.orm.couchbase.impl.CouchbaseEntryManager] (CouchbaseEntryManager.java:452) - Search filter: (&(&(objectClass=gluuPerson))(oxExternalUid=passport-google:114008635226223682143))
2021-11-23 03:48:32,240 DEBUG [qtp1831477404-14] [gluu.orm.couchbase.operation.impl.CouchbaseOperationServiceImpl] (CouchbaseOperationServiceImpl.java:535) - Ignoring scope 'SUB for expression: ( ( objectClass = "gluuPerson" ) AND ANY oxExternalUid_ IN oxExternalUid SATISFIES oxExternalUid_ = "passport-google:114008635226223682143" END )
2021-11-23 03:48:32,240 DEBUG [qtp1831477404-14] [gluu.orm.couchbase.operation.impl.CouchbaseOperationServiceImpl] (CouchbaseOperationServiceImpl.java:619) - Execution query: 'SELECT gluu_doc.*, dn FROM `gluu_user` AS gluu_doc WHERE ( ( objectClass = "gluuPerson" ) AND ANY oxExternalUid_ IN oxExternalUid SATISFIES oxExternalUid_ = "passport-google:114008635226223682143" END ) LIMIT 1'
2021-11-23 03:48:32,280 DEBUG [qtp1831477404-14] [org.gluu.oxauth.service.common.UserService] (UserService.java:251) - Found '0' entries
2021-11-23 03:48:32,280 DEBUG [qtp1831477404-14] [org.gluu.oxauth.service.common.UserService] (UserService.java:239) - Getting user information from LDAP: attributeName = 'mail', attributeValue = 'mohit.mali@google.com'
2021-11-23 03:48:32,281 TRACE [qtp1831477404-14] [org.gluu.orm.couchbase.impl.CouchbaseEntryManager] (CouchbaseEntryManager.java:441) - Filter: (mail=mohit.mali@google.com)
2021-11-23 03:48:32,281 TRACE [qtp1831477404-14] [org.gluu.orm.couchbase.impl.CouchbaseEntryManager] (CouchbaseEntryManager.java:448) - -------------------------------------------------------
2021-11-23 03:48:32,281 TRACE [qtp1831477404-14] [org.gluu.orm.couchbase.impl.CouchbaseEntryManager] (CouchbaseEntryManager.java:449) - Filter: (mail=mohit.mali@google.com)
2021-11-23 03:48:32,281 TRACE [qtp1831477404-14] [org.gluu.orm.couchbase.impl.CouchbaseEntryManager] (CouchbaseEntryManager.java:450) - objectClasses count: 1 
2021-11-23 03:48:32,281 TRACE [qtp1831477404-14] [org.gluu.orm.couchbase.impl.CouchbaseEntryManager] (CouchbaseEntryManager.java:451) - objectClasses: gluuPerson
2021-11-23 03:48:32,282 TRACE [qtp1831477404-14] [org.gluu.orm.couchbase.impl.CouchbaseEntryManager] (CouchbaseEntryManager.java:452) - Search filter: (&(&(objectClass=gluuPerson))(mail=mohit.mali@google.com))
2021-11-23 03:48:32,282 DEBUG [qtp1831477404-14] [gluu.orm.couchbase.operation.impl.CouchbaseOperationServiceImpl] (CouchbaseOperationServiceImpl.java:535) - Ignoring scope 'SUB for expression: ( ( objectClass = "gluuPerson" ) AND ( ( mail = "mohit.mali@google.com" ) OR ( "mohit.mali@google.com" IN mail ) ) )
2021-11-23 03:48:32,282 DEBUG [qtp1831477404-14] [gluu.orm.couchbase.operation.impl.CouchbaseOperationServiceImpl] (CouchbaseOperationServiceImpl.java:619) - Execution query: 'SELECT gluu_doc.*, dn FROM `gluu_user` AS gluu_doc WHERE ( ( objectClass = "gluuPerson" ) AND ( ( mail = "mohit.mali@google.com" ) OR ( "mohit.mali@google.com" IN mail ) ) ) LIMIT 1'
2021-11-23 03:48:32,288 DEBUG [qtp1831477404-14] [org.gluu.oxauth.service.common.UserService] (UserService.java:251) - Found '0' entries
2021-11-23 03:48:32,299 DEBUG [qtp1831477404-14] [org.gluu.oxauth.service.AuthenticationService] (AuthenticationService.java:472) - Authenticating user with LDAP: username: '114008635226223682143', credentials: '320088494'
2021-11-23 03:48:32,299 DEBUG [qtp1831477404-14] [org.gluu.oxauth.service.common.UserService] (UserService.java:81) - Getting user information from LDAP: userId = 114008635226223682143
2021-11-23 03:48:32,300 TRACE [qtp1831477404-14] [org.gluu.orm.couchbase.impl.CouchbaseEntryManager] (CouchbaseEntryManager.java:441) - Filter: ((lower("uid")=114008635226223682143)
2021-11-23 03:48:32,300 TRACE [qtp1831477404-14] [org.gluu.orm.couchbase.impl.CouchbaseEntryManager] (CouchbaseEntryManager.java:448) - -------------------------------------------------------
2021-11-23 03:48:32,300 TRACE [qtp1831477404-14] [org.gluu.orm.couchbase.impl.CouchbaseEntryManager] (CouchbaseEntryManager.java:449) - Filter: ((lower("uid")=114008635226223682143)
2021-11-23 03:48:32,300 TRACE [qtp1831477404-14] [org.gluu.orm.couchbase.impl.CouchbaseEntryManager] (CouchbaseEntryManager.java:450) - objectClasses count: 1 
2021-11-23 03:48:32,301 TRACE [qtp1831477404-14] [org.gluu.orm.couchbase.impl.CouchbaseEntryManager] (CouchbaseEntryManager.java:451) - objectClasses: gluuPerson
2021-11-23 03:48:32,301 TRACE [qtp1831477404-14] [org.gluu.orm.couchbase.impl.CouchbaseEntryManager] (CouchbaseEntryManager.java:452) - Search filter: (&(&(objectClass=gluuPerson))((lower("uid")=114008635226223682143))
2021-11-23 03:48:32,301 DEBUG [qtp1831477404-14] [gluu.orm.couchbase.operation.impl.CouchbaseOperationServiceImpl] (CouchbaseOperationServiceImpl.java:535) - Ignoring scope 'SUB for expression: ( ( objectClass = "gluuPerson" ) AND LOWER(uid) = "114008635226223682143" )
2021-11-23 03:48:32,301 DEBUG [qtp1831477404-14] [gluu.orm.couchbase.operation.impl.CouchbaseOperationServiceImpl] (CouchbaseOperationServiceImpl.java:619) - Execution query: 'SELECT gluu_doc.*, dn FROM `gluu_user` AS gluu_doc WHERE ( ( objectClass = "gluuPerson" ) AND LOWER(uid) = "114008635226223682143" )'
2021-11-23 03:48:32,310 DEBUG [qtp1831477404-14] [org.gluu.oxauth.service.common.UserService] (UserService.java:96) - Found 0 entries for user id = 114008635226223682143
2021-11-23 03:48:32,310 TRACE [qtp1831477404-14] [org.gluu.oxauth.service.CookieService] (CookieService.java:155) - Found cookie: 'a4721570-06a2-4391-863e-4fd3a840ea03'
2021-11-23 03:48:32,310 TRACE [qtp1831477404-14] [org.gluu.service.BaseCacheService] (BaseCacheService.java:37) - Request data, key 'oxId=a4721570-06a2-4391-863e-4fd3a840ea03,ou=sessions,o=gluu'
2021-11-23 03:48:32,310 TRACE [qtp1831477404-14] [org.gluu.service.BaseCacheService] (BaseCacheService.java:39) - Loaded data, key 'oxId=a4721570-06a2-4391-863e-4fd3a840ea03,ou=sessions,o=gluu': 'SessionId {dn='oxId=a4721570-06a2-4391-863e-4fd3a840ea03,ou=sessions,o=gluu', id='a4721570-06a2-4391-863e-4fd3a840ea03', outsideSid='ce5f5951-21b0-4db7-9b05-13222877fccf', lastUsedAt=Tue Nov 23 03:48:11 UTC 2021, userDn='', authenticationTime=Tue Nov 23 03:48:06 UTC 2021, state=unauthenticated, expirationDate=Tue Nov 23 03:50:06 UTC 2021, sessionState='5bf0ab81afe56399fc58b4f2c2fc6098ab78b7e0a1a5d7c5d4b82a43a29c1c0e.5c491b0c-59e4-4b4d-90fa-6739a19317ac', permissionGranted=null, isJwt=false, jwt=null, permissionGrantedMap=SessionIdAccessMap{permissionGranted={1001.b5bed838-8b1f-4d4e-83b3-6c8d91d7a44a=false}}, sessionAttributes={auth_external_attributes=[{"externalProviders":"java.lang.String"},{}], opbs=b147d6dd-8a8d-4249-ab5a-b7256b092bb2, externalProviders={"google": {"requestForEmail": false, "displayName": "Google", "emailLinkingSafe": false, "type": "oauth", "logo_img": null, "saml": false}}, response_type=code, nonce=bff92e16-8af3-41c7-83eb-2ea182ec7f3f, selectedProvider=null, client_id=1001.b5bed838-8b1f-4d4e-83b3-6c8d91d7a44a, auth_step=1, acr=passport_social, remote_ip=103.225.204.230, scope=openid profile email user_name, acr_values=passport_social, redirect_uri=https://ce.gluu.org/identity/authcode.htm, state=783a2ac8-1cf3-4651-8de8-4c4ec76da737}, persisted=false}'
2021-11-23 03:48:32,311 TRACE [qtp1831477404-14] [org.gluu.oxauth.service.SessionIdService] (SessionIdService.java:821) - Try to get session by id: a4721570-06a2-4391-863e-4fd3a840ea03 ...
2021-11-23 03:48:32,311 TRACE [qtp1831477404-14] [org.gluu.oxauth.service.SessionIdService] (SessionIdService.java:823) - Session dn: oxId=a4721570-06a2-4391-863e-4fd3a840ea03,ou=sessions,o=gluu
2021-11-23 03:48:32,318 TRACE [qtp1831477404-14] [org.gluu.service.BaseCacheService] (BaseCacheService.java:84) - Put data, key 'oxId=a4721570-06a2-4391-863e-4fd3a840ea03,ou=sessions,o=gluu': 'SessionId {dn='oxId=a4721570-06a2-4391-863e-4fd3a840ea03,ou=sessions,o=gluu', id='a4721570-06a2-4391-863e-4fd3a840ea03', outsideSid='ce5f5951-21b0-4db7-9b05-13222877fccf', lastUsedAt=Tue Nov 23 03:48:32 UTC 2021, userDn='', authenticationTime=Tue Nov 23 03:48:06 UTC 2021, state=unauthenticated, expirationDate=Tue Nov 23 03:50:06 UTC 2021, sessionState='5bf0ab81afe56399fc58b4f2c2fc6098ab78b7e0a1a5d7c5d4b82a43a29c1c0e.5c491b0c-59e4-4b4d-90fa-6739a19317ac', permissionGranted=null, isJwt=false, jwt=null, permissionGrantedMap=SessionIdAccessMap{permissionGranted={1001.b5bed838-8b1f-4d4e-83b3-6c8d91d7a44a=false}}, sessionAttributes={auth_external_attributes=[{"externalProviders":"java.lang.String"},{}], opbs=b147d6dd-8a8d-4249-ab5a-b7256b092bb2, externalProviders={"google": {"requestForEmail": false, "displayName": "Google", "emailLinkingSafe": false, "type": "oauth", "logo_img": null, "saml": false}}, response_type=code, nonce=bff92e16-8af3-41c7-83eb-2ea182ec7f3f, selectedProvider=null, client_id=1001.b5bed838-8b1f-4d4e-83b3-6c8d91d7a44a, auth_step=1, acr=passport_social, remote_ip=103.225.204.230, scope=openid profile email user_name, acr_values=passport_social, redirect_uri=https://ce.gluu.org/identity/authcode.htm, state=783a2ac8-1cf3-4651-8de8-4c4ec76da737}, persisted=true}'
2021-11-23 03:48:32,319 DEBUG [qtp1831477404-14] [org.gluu.oxauth.auth.Authenticator] (Authenticator.java:331) - Authentication result for user 'null'. auth_step: '1', result: 'false', credentials: '320088494'
2021-11-23 03:48:32,319 TRACE [qtp1831477404-14] [org.gluu.oxauth.auth.Authenticator] (Authenticator.java:338) - #########################################################################
2021-11-23 03:48:32,319 TRACE [qtp1831477404-14] [org.gluu.oxauth.auth.Authenticator] (Authenticator.java:339) - ++++++++++++++++++++++++++++++++++++++++++CURRENT ACR:passport_social
2021-11-23 03:48:32,319 TRACE [qtp1831477404-14] [org.gluu.oxauth.auth.Authenticator] (Authenticator.java:340) - ++++++++++++++++++++++++++++++++++++++++++CURRENT STEP:1
2021-11-23 03:48:32,320 TRACE [qtp1831477404-14] [org.gluu.oxauth.auth.Authenticator] (Authenticator.java:343) - According to API version script supports steps overriding
2021-11-23 03:48:32,321 DEBUG [qtp1831477404-14] [org.gluu.oxauth.auth.Authenticator] (Authenticator.java:346) - Get next step from script: '-1'
2021-11-23 03:48:32,330 TRACE [qtp1831477404-14] [org.gluu.service.BaseCacheService] (BaseCacheService.java:84) - Put data, key 'oxId=a4721570-06a2-4391-863e-4fd3a840ea03,ou=sessions,o=gluu': 'SessionId {dn='oxId=a4721570-06a2-4391-863e-4fd3a840ea03,ou=sessions,o=gluu', id='a4721570-06a2-4391-863e-4fd3a840ea03', outsideSid='ce5f5951-21b0-4db7-9b05-13222877fccf', lastUsedAt=Tue Nov 23 03:48:32 UTC 2021, userDn='', authenticationTime=Tue Nov 23 03:48:06 UTC 2021, state=unauthenticated, expirationDate=Tue Nov 23 03:50:06 UTC 2021, sessionState='5bf0ab81afe56399fc58b4f2c2fc6098ab78b7e0a1a5d7c5d4b82a43a29c1c0e.5c491b0c-59e4-4b4d-90fa-6739a19317ac', permissionGranted=null, isJwt=false, jwt=null, permissionGrantedMap=SessionIdAccessMap{permissionGranted={1001.b5bed838-8b1f-4d4e-83b3-6c8d91d7a44a=false}}, sessionAttributes={auth_external_attributes=[{"externalProviders":"java.lang.String"},{}], opbs=b147d6dd-8a8d-4249-ab5a-b7256b092bb2, externalProviders={"google": {"requestForEmail": false, "displayName": "Google", "emailLinkingSafe": false, "type": "oauth", "logo_img": null, "saml": false}}, response_type=code, nonce=bff92e16-8af3-41c7-83eb-2ea182ec7f3f, selectedProvider=null, client_id=1001.b5bed838-8b1f-4d4e-83b3-6c8d91d7a44a, auth_step=1, acr=passport_social, remote_ip=103.225.204.230, scope=openid profile email user_name, acr_values=passport_social, redirect_uri=https://ce.gluu.org/identity/authcode.htm, state=783a2ac8-1cf3-4651-8de8-4c4ec76da737}, persisted=true}'
2021-11-23 03:48:32,330 INFO  [qtp1831477404-14] [org.gluu.oxauth.auth.Authenticator] (Authenticator.java:225) - Authentication failed for 'null'
2021-11-23 03:48:34,111 DEBUG [oxAuthScheduler_Worker-3] [org.gluu.service.timer.RequestJobListener] (RequestJobListener.java:53) - Bound request started
2021-11-23 03:48:34,111 TRACE [oxAuthScheduler_Worker-3] [org.gluu.service.timer.TimerJob] (TimerJob.java:35) - Fire timer event [org.gluu.service.cdi.event.LoggerUpdateEvent] with qualifiers [@org.gluu.service.cdi.event.Scheduled()] from instance 1591637383
2021-11-23 03:48:34,112 DEBUG [oxAuthScheduler_Worker-3] [org.gluu.service.timer.RequestJobListener] (RequestJobListener.java:63) - Bound request ended
2021-11-23 03:48:34,134 INFO  [ForkJoinPool.commonPool-worker-7] [org.gluu.service.logger.LoggerService] (LoggerService.java:205) - Updated log level of '139' loggers to TRACE
2021-11-23 03:48:34,968 TRACE [qtp1831477404-13] [org.gluu.service.BaseCacheService] (BaseCacheService.java:37) - Request data, key 'organization_oxauth'
2021-11-23 03:48:34,968 TRACE [qtp1831477404-13] [org.gluu.service.BaseCacheService] (BaseCacheService.java:39) - Loaded data, key 'organization_oxauth': 'null'
2021-11-23 03:48:34,968 TRACE [qtp1831477404-13] [org.gluu.service.BaseCacheService] (BaseCacheService.java:61) - Key not in cache. Searching value via load function, key: 'organization_oxauth'
2021-11-23 03:48:34,970 TRACE [qtp1831477404-13] [org.gluu.service.BaseCacheService] (BaseCacheService.java:84) - Put data, key 'organization_oxauth': 'Entry [dn=o=gluu]'
2021-11-23 03:48:35,313 TRACE [qtp1831477404-22] [org.gluu.service.BaseCacheService] (BaseCacheService.java:37) - Request data, key 'organization_oxauth'
2021-11-23 03:48:35,313 TRACE [qtp1831477404-22] [org.gluu.service.BaseCacheService] (BaseCacheService.java:39) - Loaded data, key 'organization_oxauth': 'Entry [dn=o=gluu]'
2021-11-23 03:48:35,313 TRACE [qtp1831477404-22] [org.gluu.service.BaseCacheService] (BaseCacheService.java:58) - Loaded from cache, key: 'organization_oxauth'
2021-11-23 03:48:49,105 DEBUG [oxAuthScheduler_Worker-1] [org.gluu.service.timer.RequestJobListener] (RequestJobListener.java:53) - Bound request started

yuriyz commented 2 years ago

@MohitMaliFtechiz can you check you really have user with mail mohit.mali@google.com in persistence ? (logs shows (&(&(objectClass=gluuPerson))(mail=mohit.mali@google.com)))

Otherwise I don't see any errors or exceptions in logs which you attached.

yuriyz commented 2 years ago

@MohitMaliFtechiz Is it only couchbase problem ? Does it work with LDAP ?

MohitMaliFtechiz commented 2 years ago

hi @yuriyz yes on LDAP its works fine.

yuriyz commented 2 years ago

Then it must be something related to couchbase only. @yurem any idea ?

yurem commented 2 years ago

@MohitMaliFtechiz can you send us all logs for check?

MohitMaliFtechiz commented 2 years ago

passport_oxauth.txt here is the full oxauth log

yurem commented 2 years ago

There are few stack traces with:

2021-12-13 16:36:52,167 ERROR [qtp1831477404-14] [org.gluu.oxauth.uma.service.UmaRptService] (UmaRptService.java:121) - Failed to find entry: tknCde=d08915bcbd7d3cac0adf8b71084c905376e11ff7f0c7015f9528d316b696c892,ou=uma_rpt,ou=tokens,o=gluu
org.gluu.persist.exception.EntryPersistenceException: Failed to find entry: tknCde=d08915bcbd7d3cac0adf8b71084c905376e11ff7f0c7015f9528d316b696c892,ou=uma_rpt,ou=tokens,o=gluu
    at org.gluu.orm.couchbase.impl.CouchbaseEntryManager.find(CouchbaseEntryManager.java:376) ~[gluu-orm-couchbase-4.3.1-SNAPSHOT.jar:?]

yuriyz commented 2 years ago

Is it maybe due to missed token attributes ? In jans @mbaser fixed schema as

"sup": [
     "jansToken"
],

https://github.com/JanssenProject/jans-setup/commit/fe9b47704e237d28d16b455d775543a0c19a959b

@mbaser can we do the same for Gluu ?

devrimyatar commented 2 years ago

Done https://github.com/GluuFederation/community-edition-setup/commit/aae3bd2811632661c159d33ae982865ec1e39f2b

devrimyatar commented 2 years ago

mysql> show columns from oxAuthUmaRPT;
+-----------------+--------------+------+-----+---------+-------+
| Field           | Type         | Null | Key | Default | Extra |
+-----------------+--------------+------+-----+---------+-------+
| doc_id          | varchar(64)  | NO   | PRI | NULL    |       |
| objectClass     | varchar(48)  | YES  |     | NULL    |       |
| dn              | varchar(128) | YES  |     | NULL    |       |
| authnTime       | datetime(3)  | YES  |     | NULL    |       |
| clnId           | varchar(64)  | YES  |     | NULL    |       |
| iat             | datetime(3)  | YES  |     | NULL    |       |
| exp             | datetime(3)  | YES  |     | NULL    |       |
| del             | smallint     | YES  |     | NULL    |       |
| tknCde          | varchar(80)  | YES  |     | NULL    |       |
| usrId           | varchar(64)  | YES  |     | NULL    |       |
| ssnId           | varchar(64)  | YES  |     | NULL    |       |
| oxUmaPermission | json         | YES  |     | NULL    |       |
| uuid            | varchar(64)  | YES  |     | NULL    |       |
| authzCode       | varchar(64)  | YES  |     | NULL    |       |
| grtId           | varchar(64)  | YES  |     | NULL    |       |
| grtTyp          | varchar(64)  | YES  |     | NULL    |       |
| jwtReq          | text         | YES  |     | NULL    |       |
| nnc             | text         | YES  |     | NULL    |       |
| scp             | text         | YES  |     | NULL    |       |
| tknTyp          | varchar(32)  | YES  |     | NULL    |       |
| acr             | varchar(48)  | YES  |     | NULL    |       |
| chlng           | varchar(64)  | YES  |     | NULL    |       |
| chlngMth        | varchar(64)  | YES  |     | NULL    |       |
| clms            | varchar(64)  | YES  |     | NULL    |       |
| attr            | text         | YES  |     | NULL    |       |
| tknBndCnf       | tinytext     | YES  |     | NULL    |       |
+-----------------+--------------+------+-----+---------+-------+
26 rows in set (0.00 sec)

yuriyz commented 2 years ago

@mbaser nice, thank you! @MohitMaliFtechiz can you try it with Mustafa's changes ?

jgomer2001 commented 2 years ago

This seems to be the same problem described here 2 years ago:

https://github.com/GluuFederation/gluu-passport/issues/63

MohitMaliFtechiz commented 2 years ago

@yurem and @mbaser i tested the fix. it is still same as it was in couchbase.

MohitMaliFtechiz commented 1 year ago

fixed

GluuFederation / oxAuth