Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Requests with faulty bearer token causes 'Out of bounds' error #3050

Closed
rubina-shk opened this issue Aug 7, 2024 · 1 comment
Closed

Requests with faulty bearer token causes 'Out of bounds' error #3050

rubina-shk opened this issue Aug 7, 2024 · 1 comment
Labels
Affected/APIM-4.0.0 Type/Bug

Comments

@rubina-shk
Copy link

Description

This ticket is related to [1].

When the JWT token is of the format 'Bearer header.payload.', the response that is received is incorrect (Note: there are 2 dots in the token and the issue comes when they have a dot at the end)

Error in logs is as below:

ERROR - ServerWorker Error processing GET request for : /pizzashack/1.0.0/menu.
    java.lang.ArrayIndexOutOfBoundsException: Index 2 out of bounds for length 2 
    at org.wso2.carbon.apimgt.gateway.handlers.security.oauth.OAuthAuthenticator.getSignedJwt_aroundBody62(OAuthAuthenticator.java:565) ~[org.wso2.carbon.apimgt.gateway_9.0.174.440.jar:?]
    at org.wso2.carbon.apimgt.gateway.handlers.security.oauth.OAuthAuthenticator.getSignedJwt(OAuthAuthenticator.java:563) ~[org.wso2.carbon.apimgt.gateway_9.0.174.440.jar:?]

While the correct error response should be:

{
    "fault": {
        "code": 900901,
        "message": "Invalid Credentials",
        "description": "Invalid Credentials. Make sure you have provided the correct security credentials"
    }
}

We need to fix this issue to validate if a token has 2 dots.

Steps to Reproduce

  1. Create an API.
  2. Invoke the API with a JWT like below
eyJ4NXQiOiJNell4TW1Ga09HWXdNV0kwWldObU5EY3hOR1l3WW1NNFpUQTNNV0kyTkRBelpHUXpOR00wWkdSbE5qSmtPREZrWkRSaU9URmtNV0ZoTXpVMlpHVmxOZyIsImtpZCI6Ik16WXhNbUZrT0dZd01XSTBaV05tTkRjeE5HWXdZbU00WlRBM01XSTJOREF6WkdRek5HTTBaR1JsTmpKa09ERmtaRFJpT1RGa01XRmhNelUyWkdWbE5nX1JTMjU2IiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiJhZG1pbiIsImF1dCI6IkFQUExJQ0FUSU9OIiwiYXVkIjoiUU93UTJZdW1UVnA0UE9sWXdkOEZkdm1QcjJzYSIsIm5iZiI6MTY2MTI1MTEwNywiYXpwIjoiUU93UTJZdW1UVnA0UE9sWXdkOEZkdm1QcjJzYSIsInNjb3BlIjoiZGVmYXVsdCIsImlzcyI6Imh0dHBzOlwvXC9sb2NhbGhvc3Q6OTQ0M1wvb2F1dGgyXC90b2tlbiIsImV4cCI6MTY2MTI1NDcwNywiaWF0IjoxNjYxMjUxMTA3LCJqdGkiOiIzYWNlYjQxNi05ZDU1LTQ5YTctYjEyZi1kYWU0ZDJkODA0OGUifQ.

Affected Component

APIM

Version

4.0.0

Environment Details (with versions)

No response

Relevant Log Output

No response

Related Issues

[1]https://github.com/wso2-enterprise/wso2-apim-internal/issues/545

Suggested Labels

No response
@HiranyaKavishani
Copy link

Closing the issue as it duplicate with #666

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Affected/APIM-4.0.0 Type/Bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@HiranyaKavishani @rubina-shk