wso2is-5.2.0 SCIM create request returns status 200

0
votes

I working with WSO2is-5.2.0 SCIM interface, and encountered some strange problems.

this is a mobile application project, we decide to use WSO2 IS as Identity management. customer signup is to done through SCIM interface of WSO2 IS.

at the mobile device enter and submit a username and password via a Restful post message with content-type = application/json (see below TS code) 

 public signin(){
    let data = {"userName":this.sf.get("userName").value,
    "password":this.sf.get("password").value};
    debugger;
    this.gabriel.create(data).subscribe(
      (res) => {
        this. _res = res;
        debugger;
      },
      error => {
          console.log('somthing went wrong ');
        },
      () => {}
    );
  }

the gateway is an apache cxf JAX-RS; and we used the wso2 Charon code set to ensure compatibility with the WSO2 IS.

at the gate this request is intercepted and interpreted as an sub-class of "org.wso2.charon.core.objects.User" (see code below)

@POST
    @Consumes(MediaType.APPLICATION_JSON)
    @Produces(MediaType.APPLICATION_JSON)
    @Path("/signin")
    public ScimRes signin(GubUser signin);

the definition of GubUser and ScimRes

public class GubUser extends User {

    private static final long serialVersionUID = 5431026567781364473L;

    public GubUser() {
        super();
    }
...


public class ScimRes {
    private int state;
    private String id;

    public int getState(){
        return this.state;
    }

    public void setState(int state){
        this.state = state;
    }
    ...

the reason for extending the User class is that we want to include some extra information from the terminal. and these extra information is deleted from the object before it is delivered to WSO2 IS SCIM interface so that the data sent to WSO2 IS SCIM interface is 100% conformant to User definition(see code below)

@Override
        public ScimRes signin(GubUser signin) {

            if(signin == null){
                return null;
            }

            Boolean klp = null; 
            String device = null;
            String user = null;
            try {               
                  klp = signin.getKlp();

                  if(klp != null && klp.booleanValue() == true){ 
                    device = signin.getGubDevice();
                    signin.deleteAttribute("klp");
                    signin.deleteAttribute("gubDevice");
                  }

                  Observable.just(signin)
                    .flatMap(in -> {return Observable.just(Scim.createUser(in));})
                    .subscribe(res -> this.scimRes = res);

...

now, calling to the WSO2 IS SCIM (see code below)

 public class Scim {
    private static HttpClient client = new DefaultHttpClient();
    private static String basicAuthToken = setBasicAuthToken();

    public static ScimRes createUser(User user) throws CharonException, ClientProtocolException, IOException, ParseException{
        String encodedUser = new SCIMClient().encodeSCIMObject(user, SCIMConstants.JSON);
        HttpPost post = new HttpPost(Params.scimUrl);
        post.addHeader(SCIMConstants.AUTHORIZATION_HEADER, basicAuthToken);
        post.addHeader("Accept", SCIMConstants.APPLICATION_JSON);
        post.addHeader("Accept-Charset", "utf-8");
        StringEntity entity = new StringEntity(encodedUser, SCIMConstants.APPLICATION_JSON, "UTF-8");
        post.setEntity(entity );
        ScimRes scimRes = new ScimRes();
        HttpResponse res = client.execute(post);
        scimRes.setState(res.getStatusLine().getStatusCode());

        int resStatus = scimRes.getState();
        if(resStatus == HttpStatus.SC_CREATED || resStatus == HttpStatus.SC_OK ){
            InputStream is = res.getEntity().getContent();
            JSONParser jsonParser = new JSONParser();
            JSONObject jo = (JSONObject)jsonParser.parse(new InputStreamReader(is, "UTF-8"));
            scimRes.setId((String)jo.get("id"));
            is.close();

        }
        return scimRes;
    }

the program trapped at the 

JSONObject jo = (JSONObject)jsonParser.parse(new InputStreamReader(is, "UTF-8"));

I got a copy of the http response message header(see below)

HTTP/1.1 200 OK [X-Frame-Options: DENY, X-Content-Type-Options: nosniff, X-XSS-Protection: 1; mode=block, Content-Type: text/html;charset=UTF-8, Content-Length: 1445, Date: Tue, 06 Dec 2016 11:52:39 GMT, Server: WSO2 Carbon Server]

and also the stack printout 

Unexpected character (<) at position 0.
at org.json.simple.parser.Yylex.yylex(Yylex.java:610)
at org.json.simple.parser.JSONParser.nextToken(JSONParser.java:269)
at org.json.simple.parser.JSONParser.parse(JSONParser.java:118)
at org.json.simple.parser.JSONParser.parse(JSONParser.java:92)
at com.gubnoi.user.provision.Scim.createUser(Scim.java:52)
at com.gubnoi.gate.Gate.lambda$signin$0(Gate.java:131)
at io.reactivex.internal.operators.observable.ObservableScalarXMap$ScalarXMapObservable.subscribeActual(ObservableScalarXMap.java:141)

it seems that the message body start with a "<". which triggered an exception during JSON parsing.

anyone has any ideas? or any comments? or suggestion?

thanks

1
javajsonwso2wso2isscim
Looks like an error has occurred and you're getting an error in text/html. 1) See if there are any logs in IS logs. 2) Print incoming message without parsing to json and see what's in it.Bee

1 Answers

0
votes

this turned out to be a false alarm.

the problem lies with the endpoint value(scimUrl) which had been set as "https://xxx.xxx.xxx:9443/wso2/scim".

I changed it to "https://xxx.xxx.xxx:9443/wso2/scim/Users", then it works fine.

cheers