search

GluuFederation / oxd

Client software to secure apps with OAuth 2.0, OpenID Connect, and UMA
https://oxd.gluu.org
Apache License 2.0
46 stars 24 forks source link

invalid_claims_redirect_uri error if claims redirect url is other than OP host url #115

Closed centroxy closed 7 years ago

centroxy commented 7 years ago

Setup_client command throws error invalid_claims_redirect_uri if claims redirect url is other than OP host url

{ "op_host" : "https://gluu.local.org", "authorization_redirect_uri": "https://gluu.local.org:3000/login.html", "claims_redirect_uri": ["https://any_url_except_gluu.local.org/login.html"], "scope" : ["openid", "email", "profile","uma_protection"], "grant_types":["authorization_code"], "client_name": "UMA_client" }

2017-11-09 12:49:44,558 ERROR [org.xdi.oxd.server.op.RegisterSiteOperation] ClientId: null, clientSecret: null
2017-11-09 12:49:44,558 ERROR [org.xdi.oxd.server.op.RegisterSiteOperation] Value of one or more claims_redirect_uris is invalid.
2017-11-09 12:49:44,562 ERROR [org.xdi.oxd.server.op.SetupClientOperation] Failed to register client for site. Details:{"error":"invalid_claims_redirect_uri","error_description":"Value of one or more claims_redirect_uris is invalid."}
java.lang.RuntimeException: Failed to register client for site. Details:{"error":"invalid_claims_redirect_uri","error_description":"Value of one or more claims_redirect_uris is invalid."}
    at org.xdi.oxd.server.op.RegisterSiteOperation.registerClient(RegisterSiteOperation.java:272)
    at org.xdi.oxd.server.op.RegisterSiteOperation.persistRp(RegisterSiteOperation.java:226)
    at org.xdi.oxd.server.op.RegisterSiteOperation.execute_(RegisterSiteOperation.java:64)
    at org.xdi.oxd.server.op.SetupClientOperation.execute(SetupClientOperation.java:44)
    at org.xdi.oxd.server.op.SetupClientOperation.execute(SetupClientOperation.java:24)
    at org.xdi.oxd.server.Processor.process(Processor.java:76)
    at org.xdi.oxd.server.Processor.process(Processor.java:51)
    at org.xdi.oxd.server.SocketProcessor.run(SocketProcessor.java:55)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
    at java.lang.Thread.run(Unknown Source)
yuriyz commented 7 years ago

uma2_auto_register_claims_gathering_endpoint_as_redirect_uri_of_client: notifies the oxd-server whether to automatically register the Claims Gathering Endpoint as the redirect_uri for a given client. It is useful for UMA 2 clients that wish to force authorization against the Gluu Server. by default it is set to true it means that oxd register claims_redirect_uri for you and that uri is claims gathering uri of AS so if you wish to register own claims_redirect_uri then please set it to false