Oracle Access Manager (OAM) OAuth Token Validation Endpoint Does Not Consume An Escape Attribute Value And Output Is In JSON Format
(Doc ID 2938315.1)
Last updated on SEPTEMBER 17, 2024
Applies to:
Oracle Access Manager - Version 12.2.1.3.220405 and laterInformation in this document applies to any platform.
Symptoms
Using Oracle Access Manger (OAM) session linking generates an oauth_token value that can be swapped for an access token. When validating the access token by passing it to /oauth2/rest/token/info the result is not proper json format.
- It is observed that if an LDAP attribute has characters that need to be escaped, the /oauth2/rest/token/info endpoint response it is not complying with JSON standard.
- The " (quotation mark) character is not escaped as per JSON standard.
- Desired outcome would be, if the response "<ATTRIBUTE_NAME>": "<ATTRIBUTE_VALUE> ", according JSON has to be "<ATTRIBUTE_NAME>": \"<ATTRIBUTE_VALUE> \"
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
References |