Issue with using OpenIG as UMA resource resource.

This topic has 0 replies, 1 voice, and was last updated 5 years, 2 months ago by johndoe.

  • Author
    Posts
  • #18269
     johndoe
    Participant

    Hi,

    I’m following the guide: https://backstage.forgerock.com/docs/ig/5/gateway-guide#uma-openig-configuration. I was able to get the sample application working as described in Section 11.5.

    I found that there’s a problem in step 6 where Bob accesses one of Alice’s resources. When I checked the code for the sample application (bob.hmtl in IG-doc-samples-5.0.0.jar) shown below:

    .done(function (data) {
                      var rpt = data.rpt;
                      $("#rpt").html(json2html(data, "Requesting Party Token", "rpt-data"));
      
                      // Get a resource.
                      $.ajax({
                          url: resource_url,
                          type: "GET",
                          beforeSend: function (xhr) {
                              xhr.setRequestHeader("Authorization", "Bearer " + rpt);
                          }
                      })
                      // Alternative: Post to a resource.
                      //  FixMe: fails with error="insufficient_scope",
                      //         see https://docs.kantarainitiative.org/uma/rec-uma-core.html#rfc.section.3.1.2
                      /*
                      $.ajax({
                          url: resource_url,
                          type: "POST",
                          beforeSend: function (xhr) {
                              xhr.setRequestHeader("Authorization", "Bearer " + rpt);
                          },
                          data: {
                              "username": "demo",
                              "password": "password"
                          }
                      })
                      */
                      .done(function (data) {
                          var title = "<h3>Resulting Resource</h3>";
                          var escapedData = $('<div/>').text(data).html();
                          var html  = "<small><pre id='result-data'>" + escapedData + "</pre></small>";
                          $("#result").html(title + html);
                      })
                      .fail(function (data) {
                          $("#result").html(json2html(data, "Failed to access the resource", "error"));
                      });
                  })

    The GET call to get a resource works but not sure why POST to a resource is failing. I think POST is required to get the final access to the shared source. Is this an issue with OpenAM/OpenIG implementation? Is there is a fix for this? Any help will be appreciated.

    Thanks.

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?