Layer7 API Management

  • Private Community

  • 1.  oAuth token validation error

    Posted Aug 31, 2017 05:24 AM
      |   view attached

    Hi All,

     

    I am validating the token in soapUI getting attached file.

    Oathtoolkit  version 3.6

    policy mangaer 9.2

     

     

    Thanks in advance for your inputs and help.

     

    --Sudhakar



  • 2.  Re: oAuth token validation error

    Broadcom Employee
    Posted Aug 31, 2017 08:29 AM

    Hi Sudhakar,

     

    Can you provide an export of the policy you are testing?

     

    Regards,

    Joe



  • 3.  Re: oAuth token validation error

    Posted Aug 31, 2017 08:39 AM

    Hi Joe,

    I have tested policy - Include policy fragment under OTK Require OAuth 2.0 Token.

    in soapui getting below error:

    HTTP/1.1 500 Internal Server Error
    Server: Apache-Coyote/1.1
    Content-Type: text/xml;charset=utf-8
    Content-Length: 568
    Date: Thu, 31 Aug 2017 18:01:40 GMT
    Connection: close

     

    <?xml version="1.0" encoding="UTF-8"?>
    <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
        <soapenv:Body>
            <soapenv:Fault>
                <faultcode>soapenv:Server</faultcode>
                <faultstring>Policy Falsified</faultstring>
                <faultactor>https://192.168.56.200:8443/test/oauth</faultactor>
                <detail>
                    <l7:policyResult status="Internal Server Error" xmlns:l7="http://www.layer7tech.com/ws/policy/fault"/>
                </detail>
            </soapenv:Fault>
        </soapenv:Body>
    </soapenv:Envelope>

     

    Regards,

    Sudhakar



  • 4.  Re: oAuth token validation error

    Posted Aug 31, 2017 08:57 AM

    Hi Joe,

    I have tested policy - Include policy fragment under OTK Require OAuth 2.0 Token.

    in soapui getting below error:

    HTTP/1.1 500 Internal Server Error
    Server: Apache-Coyote/1.1
    Content-Type: text/xml;charset=utf-8
    Content-Length: 568
    Date: Thu, 31 Aug 2017 18:01:40 GMT
    Connection: close

     

    <?xml version="1.0" encoding="UTF-8"?>
    <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
        <soapenv:Body>
            <soapenv:Fault>
                <faultcode>soapenv:Server</faultcode>
                <faultstring>Policy Falsified</faultstring>
                <faultactor>https://192. ,,,,,/test/oauth</faultactor>
                <detail>
                    <l7:policyResult status="Internal Server Error" xmlns:l7="http://www.layer7tech.com/ws/policy/fault"/>
                </detail>
            </soapenv:Fault>
        </soapenv:Body>
    </soapenv:Envelope>

     

    Regards,

    Sudhakar



  • 5.  Re: oAuth token validation error

    Broadcom Employee
    Posted Sep 01, 2017 09:26 AM

    Hi Sudhakar,

     

    I see a support case was opened along side this post. If you can please export the sample policy generating this error we will be happy to look into it more. Unfortunately the error provided does not give much details.

     

    Regards,

    Joe



  • 6.  Re: oAuth token validation error

    Posted Sep 01, 2017 09:32 PM

    HI Joe,

     

    Please find the attached log and below assertion using oAuth token

    validating.

     

     

     

    Regards,

    Sudhakar

     

    On Fri, Sep 1, 2017 at 6:56 PM, dasjo02 <



  • 7.  Re: oAuth token validation error
    Best Answer

    Broadcom Employee
    Posted Sep 05, 2017 09:04 AM

    Sudhakar, 

     

    It seems you are using the 'Require Oauth 2.0 Toekn' Policy Fragment instead of the assertion which is causing this. The reason you are getting the below error:

     

    missing or invalid context variable : catch_lifetime

     

    is because that context variable is not being set in the Policy Fragment. You will need to use the 'OTK Require OAuth 2.0 Token' assertion itself for this. Once applied to Policy, a window will pop up where you can set the value. 

     

    I hope this helps.

     

    -Alec Daniello

    APIM Support