This topic has 4 replies, 2 voices, and was last updated 5 years, 1 month ago by abarry.

  • Author
    Posts
  • #18553
     abarry
    Participant

    I’m trying to delete a user’s resource but I’m having some issues. I’ve got the PAT and I can read the user’s resources with this request :

    curl -i \
     --header "Authorization: Bearer cbbf27b6-e3ec-4ab8-8ca2-00151ef3a6ac" \
     http://openam.test.com:8080/openam/oauth2/resource_set/

    I got the resources IDs as an output :
    ["eea0ab51-ae5a-496c-a2a7-1512128e706c0","e1cffe92-f676-40e9-b926-dcce09cb09c81","61198084-7180-414b-89e7-18131ff8000c0"]

    To get the Etag of the resource with ID : eea0ab51-ae5a-496c-a2a7-1512128e706c0 I used this command line :

    curl -i \
     --header "Authorization: Bearer cbbf27b6-e3ec-4ab8-8ca2-00151ef3a6ac" \
     http://openam.test.com:8080/openam/oauth2/resource_set/eea0ab51-ae5a-496c-a2a7-1512128e706c0

    And I got this output :

    HTTP/1.1 200 OK
    X-Frame-Options: SAMEORIGIN
    ETag: W/"673035371"
    Date: Mon, 21 Aug 2017 15:02:52 GMT
    Accept-Ranges: bytes
    Server: Restlet-Framework/2.3.4
    Vary: Accept-Charset, Accept-Encoding, Accept-Language, Accept
    Content-Type: application/json
    Transfer-Encoding: chunked
    
    {"name":"Photo Album","scopes":["view"],"_id":"eea0ab51-ae5a-496c-a2a7-1512128e706c0","uri":"http://app1.test.com:8081/HelloWorld/Image/rose.jpg","labels":["3D","VIP"],"user_access_policy_uri":"http://openam.test.com:8080/openam/XUI/?realm=/#uma/share/eea0ab51-ae5a-496c-a2a7-1512128e706c0"}

    Then I tried to remove this resource by using this command line:
    curl \
    –request DELETE \
    –header “Authorization: Bearer cbbf27b6-e3ec-4ab8-8ca2-00151ef3a6ac” \
    –header “If-Match: “673035371”” \
    http://openam.test.com:8080/openam/oauth2/resource_set/eea0ab51-ae5a-496c-a2a7-1512128e706c0
    But I got server_error. In openam/log/access.audit.json I found this :
    {"realm":"/","timestamp":"2017-08-21T15:11:06.461Z","transactionId":"c085223e-e1ce-4a48-844d-fbcc6acb33a6-54138","eventName":"AM-ACCESS-OUTCOME","component":"OAuth","userId":"demo","response":{"status":"FAILED","statusCode":"400","elapsedTime":130,"elapsedTimeUnits":"MILLISECONDS","detail":{"reason":"The request could not be understood by the server due to malformed syntax"}},"client":{"ip":"xxxx","port":xxx},"server":{"ip":"xxxxx","port":xxxxx},"http":{"request":{"secure":false,"method":"DELETE","path":"http://openam.test.com:8080/openam/oauth2/resource_set/eea0ab51-ae5a-496c-a2a7-1512128e706c0","queryParameters":{},"headers":{"accept":["*/*"],"host":["openam.test.com:8080"],"if-match":["673035371"],"user-agent":["curl/7.29.0"]},"cookies":{}}},"trackingIds":["c085223e-e1ce-4a48-844d-fbcc6acb33a6-50833"],"_id":"c085223e-e1ce-4a48-844d-fbcc6acb33a6-54150"}

    Thank you in advance for your help.

    #18568
     Peter Major
    Moderator

    Did you use those funny double quotes in the curl command? What if you use plain old double quotes instead?

    #18570
     abarry
    Participant

    Tried with that but same error :
    curl --request DELETE --header "Authorization: Bearer 6dc38e8d-fb5e-4509-92d9-f399153408bb" --header "If-Match: "673035371"" http://openam.test.com:8080/openam/oauth2/resource_set/eea0ab51-ae5a-496c-a2a7-1512128e706c0

    #18571
     abarry
    Participant

    I’m having the same issue when I try to acquire a requesting party token. And I think my command line isn’t wrong. I’m wondering if I didn’t miss something in openam configuration. When I run the request I have no output in debug folder but only in log/access.audit.json file. "detail":{"reason":"The request could not be understood by the server due to malformed syntax"}},

    Request :

    curl \
     --request POST \
     --header "Authorization: Bearer 8518b088-e9fb-41d7-8186-64f654fe08d5" \
     --data \
     '{
      "ticket" : "c06b7dde-49b2-4676-9dbc-4ae2121a73ac0"
     }' \
     http://openam.test.com:8080/openam/uma/authz_request

    output :
    {"error_description":"Unable to retrieve Permission Ticket","error":"invalid_ticket"}

    I know I shouldn’t use the same post for 2 different topics but I think those 2 errors are related and maybe it can help to figure out the issue.
    Thank you in advance for your help.

    • This reply was modified 5 years, 1 month ago by abarry.
    #18576
     abarry
    Participant

    I solved the issue to acquire a requesting party token. It was due to the lifetime of the ticket (default value was 120) I just increase it. And I also had to desactivate the “Require Trust Elevation” parameter. I made all those changes under Realms > realm name > services > UMA Provider.
    But I still can’t delete a resource…

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?