Closed gatesn closed 5 months ago
Looks like it's fixed upstream here: https://github.com/OpenAPITools/openapi-generator/issues/13548
I've got the same issue with the hydra-client-v2.2.0-rc.3. I cannot perform the Authorization Code Flow without setting the 'audience' request parameter. The response of
GET https://www.ory.sh/admin/oauth2/auth/requests/login?challenge=uJQp89szo......GcAez4qV0-V_
looks as follows:
"challenge": "uJQp89szo......GcAez4qV0-V_", "requested_scope": [ "offline_access", "openid" ], "requested_access_token_audience": null, "skip": true, "subject": "user", "oidc_context": {}, ...
As you can see, the 'requested_access_token_audience' attribute is null, but the OAuth2LoginRequest.validateJsonObject method doesn't check properly for null values and throws an java.lang.IllegalArgumentException ( "Expected the field requested_access_token_audience
to be an array in the JSON string but got null
")
The current code
// ensure the required json array is present
else if (!jsonObj.get("requested_access_token_audience").isJsonArray()) {
throw new IllegalArgumentException(String.format("Expected the field `requested_access_token_audience` to be an array in the JSON string but got `%s`", jsonObj.get("requested_access_token_audience").toString()));
}
has to be changed as follows:
// ensure the required json array is present else if (!jsonObj.get("requested_access_token_audience").isJsonNull() && !jsonObj.get("requested_access_token_audience").isJsonArray()) { throw new IllegalArgumentException(String.format("Expected the field `requested_access_token_audience` to be an array in the JSON string but got `%s`", jsonObj.get("requested_access_token_audience").toString())); }
This same issue was reported for the Rust client in the Community Slack.
This is fixed now
For me this is not fixed with server and client versions at 2.2.0. I still get the IllegalArgumentException
when i call createOAuth2Client
. In my case the problematic fields are contacts
, redirectUris
and responseTypes
.
The underlying bug in openapi-generator was fixed in version 7.0.0 (https://github.com/OpenAPITools/openapi-generator/pull/16213 / https://github.com/OpenAPITools/openapi-generator/issues/16212). Currently ory/sdk is at 6.2.1 for Java. The latest version is 7.3.0, here is a PR that updates the java generator to this version: https://github.com/ory/sdk/pull/332
Preflight checklist
Describe the bug
I get an error in the Java client when deserializing a response from the server:
Reproducing the bug
Making a call to
OAuth2Api#createOAuth2Client
Relevant log output
No response
Relevant configuration
No response
Version
2.1.1
On which operating system are you observing this issue?
macOS
In which environment are you deploying?
Binary
Additional Context
The issue is that the OAuth2Api incorrectly checks for null values:
Instead, it should be: