LI80948: CHANGING OAUTH NATIVE PROVIDER TITLE, FROM THE UI, MAY LEAD TO INVALID OAUTH CONFIGURATION

APAR status

• Closed as program error.

Error description

• When you change the Title of an OAuth provider from the UI to
  include spaces or uppercase letter, the new tile is propagated
  to the oauth-provider-settings-ref as is which causes the oauth
  provide configuration to be invalid and loose the OAuth
  Provider Settings object reference in DataPower.
  As a result, when you try to test the oauth provider methods,
  you receive a 404 not found message.
  - Reproduction steps
  -----------------------
  1- Create a Native Oauth Provider in CMC called for example
  'Test OAuth Provider'
  2- Check the API editor and you will see that the title was set
  to 'test-oauth-provider' and most of all the default
  oauth-provider-settings-ref to 'test-oauth-provider'
  as seen below
  ***
  info:
  description: ''
  x-ibm-name:
  test-oauth-provider815a193a-12a1-4e96-841f-a6ffed53aac1
  version: 1.0.0
  title: test-oauth-provider
  x-ibm-configuration:
  gateway: datapower-api-gateway
  assembly:
    execute:
     - oauth:
       title: oauth-auto-generated-1
       version: 2.0.0
       description: >-
        This oauth policy performs all OAuth/OpenID Connect
  protocol steps
        that are needed for OAuth Validation by default. The
  inputs and
        outputs of each of the steps are driven by documented
  context
        variables. Add or remove the Supported OAuth Components
  as required.
       oauth-provider-settings-ref:
        default: test-oauth-provider
  ****
  3- go to the Info tab of the native oauth provider and change
  the title to 'Test OAuth Provider changed'
  4- Check the API editor and you will see that the title was set
  to 'Test OAuth Provider changed' and most of all the default
  oauth-provider-settings-ref to 'Test OAuth Provider changed'
  as seen below:
  ****
  info:
  description: ''
  x-ibm-name:
  test-oauth-provider-changed815a193a-12a1-4e96-841f-a6ffed53aac1
  version: 1.0.0
  title: Test OAuth Provider changed
  x-ibm-configuration:
  gateway: datapower-api-gateway
  assembly:
    execute:
     - oauth:
       title: oauth-auto-generated-1
       version: 2.0.0
       description: >-
        This oauth policy performs all OAuth/OpenID Connect
  protocol steps
        that are needed for OAuth Validation by default. The
  inputs and
        outputs of each of the steps are driven by documented
  context
        variables. Add or remove the Supported OAuth Components
  as required.
       oauth-provider-settings-ref:
        default: Test OAuth Provider changed
  ****
  This is now causing the object reference to oauth provider
  setting to be lost in the Assembly OAuth Actions.
  

Local fix

• You have to manually change the source to reference 'default:
  test-oauth-provider-changed' instead of 'default: Test OAuth
  Provider changed'.
  

Problem summary

• Change title of API gateway OAuth provider will lead to invalid
  value change in all OAuth policy in the API.
  

Problem conclusion

• Fix is targeted for inclusion in API Connect v2018.4.1.8
  

Temporary fix

Comments

APAR Information

• APAR is sysrouted FROM one or more of the following:

• APAR is sysrouted TO one or more of the following:

Fix information

• Fixed component name

  API CONNECT ENT

• Fixed component ID

  5725Z2201

Applicable component levels

• R18X PSY

     UP