0 Replies Latest reply on Aug 1, 2019 2:19 PM by user13285016

    Getting error in ORDS OAuth 2 : Client Credentials set up

    user13285016

      We have created a ORDS rest webservice for a request and is working alright.

       

      So for moving that request to production we have to add security setup to that.

       

      Below are the process we have followed:

       

      1. Create Role.

      BEGIN

        ORDS.create_role(

          p_role_name => 'webservice1'

        );

       

        COMMIT;

      END;

      /

       

      2. Create Privilege.

      DECLARE

        l_priv_roles owa.vc_arr;

        l_priv_patterns owa.vc_arr;

        l_priv_modules owa.vc_arr;

      BEGIN

        l_priv_roles(1) := 'webservice1';

       

       

        ords.define_privilege(

          p_privilege_name     => 'positions_priv',

          p_roles              => l_priv_roles,

          p_label              => 'positions data',

          p_description        => 'Securing access to data'

        );

      END;

      /

       

       

      BEGIN

        ORDS.create_privilege_mapping(

          p_privilege_name => 'positions_priv',

          p_pattern => '/poc/positions*'

        );    

       

        COMMIT;

      END;

      /

       

       

      BEGIN

        OAUTH.create_client(

          p_name            => 'CLIENT1',

          p_grant_type      => 'client_credentials',

          p_owner           => 'Ankit',

          p_description     => 'Client for RT',

          p_support_email   => 'ankit.menon@a.com',

          p_privilege_names => 'positions_priv'

        );

       

        COMMIT;

      END;

      /

       

       

      BEGIN

        OAUTH.grant_client_role(

          p_client_name => 'CLIENT1',

          p_role_name   => 'webservice1'

        );

       

        COMMIT;

      END;

       

      we tried generting the token and it was success using clientid and secret

       

      URL:   http://hostname/ords/xa/oauth/token

       

      then we tried accessing the service using the token generated.

       

      curl -i -k -H"Authorization: Bearer -Gok7Z_6kzFEoNbcnAzkaZA.." http://hostname/ords/xa/poc/positions?limit_rows=100

       

       

      Request: GET http://hostname/ords/xa/poc/positions?limit_rows=100&access_token=Gok7Z_6kzFEoNbcnAzkaZA.. was aborted abnormally by: oracle.dbtools.http.auth.AuthorizationConstraintsDispatchHook@4834e74d. The mapped dispatcher will not be invoked

      [TE] GET /ords/xa/poc/positions?limit_rows=100&access_token=Gok7Z_6kzFEoNbcnAzkaZA.. start: 2019-08-01T14:18:35.206Z duration: 887ms

       

      DispatchHookException [statusCode=500, reasons=[Processing of the request was aborted due to an internal error raised by dispatch hook: oracle.dbtools.http.auth.AuthorizationConstraintsDispatchHook@37d68b4e]]

      at oracle.dbtools.http.dispatch.hooks.DispatchHookChain.requestAborted(DispatchHookChain.java:70)

      at oracle.dbtools.http.dispatch.hooks.DispatchHookChain.before(DispatchHookChain.java:47)

      at oracle.dbtools.http.dispatch.hooks.DispatchHooks.before(DispatchHooks.java:49)

      at oracle.dbtools.http.entrypoint.Dispatcher.dispatch(Dispatcher.java:139)

      at oracle.dbtools.http.entrypoint.EntryPoint$FilteredServlet.service(EntryPoint.java:243)

      at oracle.dbtools.http.filters.FilterChainImpl.doFilter(FilterChainImpl.java:73)

      at oracle.dbtools.http.forwarding.QueryFilteringRewrite.doFilter(QueryFilteringRewrite.java:90)

      at oracle.dbtools.http.filters.HttpFilter.doFilter(HttpFilter.java:47)

      at oracle.dbtools.http.filters.FilterChainImpl.doFilter(FilterChainImpl.java:64)

      at oracle.dbtools.http.forwarding.ForwardingFilter.doFilter(ForwardingFilter.java:68)

      at oracle.dbtools.http.filters.HttpFilter.doFilter(HttpFilter.java:47)

      at oracle.dbtools.http.filters.FilterChainImpl.doFilter(FilterChainImpl.java:64)

      at oracle.dbtools.http.cors.CORSPreflightFilter.doFilter(CORSPreflightFilter.java:66)

      at oracle.dbtools.http.filters.HttpFilter.doFilter(HttpFilter.java:47)

      at oracle.dbtools.http.filters.FilterChainImpl.doFilter(FilterChainImpl.java:64)

      at oracle.dbtools.http.cookies.auth.CookieSessionCSRFFilter.doFilter(CookieSessionCSRFFilter.java:71)

      at oracle.dbtools.http.filters.HttpFilter.doFilter(HttpFilter.java:47)

      at oracle.dbtools.http.filters.FilterChainImpl.doFilter(FilterChainImpl.java:64)

      at oracle.dbtools.http.auth.AuthenticationFilter.authenticate(AuthenticationFilter.java:91)

      at oracle.dbtools.http.auth.AuthenticationFilter.doFilter(AuthenticationFilter.java:64)

      at oracle.dbtools.http.filters.HttpFilter.doFilter(HttpFilter.java:47)

      at oracle.dbtools.http.filters.FilterChainImpl.doFilter(FilterChainImpl.java:64)

      at oracle.dbtools.url.mapping.RequestMapperImpl.doFilter(RequestMapperImpl.java:161)

      at oracle.dbtools.url.mapping.URLMappingBase.doFilter(URLMappingBase.java:96)

      at oracle.dbtools.url.mapping.filter.URLMappingFilter.doFilter(URLMappingFilter.java:127)

      at oracle.dbtools.http.filters.HttpFilter.doFilter(HttpFilter.java:47)

      at oracle.dbtools.http.filters.FilterChainImpl.doFilter(FilterChainImpl.java:64)

      at oracle.dbtools.http.auth.external.ExternalSessionFilter.doFilter(ExternalSessionFilter.java:59)

      at oracle.dbtools.http.filters.HttpFilter.doFilter(HttpFilter.java:47)

      at oracle.dbtools.http.filters.FilterChainImpl.doFilter(FilterChainImpl.java:64)

      at oracle.dbtools.rt.authentication.apex.ApexSessionQueryRewriteFilter.doFilter(ApexSessionQueryRewriteFilter.java:58)

      at oracle.dbtools.http.filters.HttpFilter.doFilter(HttpFilter.java:47)

      at oracle.dbtools.http.filters.FilterChainImpl.doFilter(FilterChainImpl.java:64)

      at oracle.dbtools.http.cors.CORSResponseFilter.doFilter(CORSResponseFilter.java:83)

      at oracle.dbtools.http.filters.HttpResponseFilter.doFilter(HttpResponseFilter.java:45)

      at oracle.dbtools.http.filters.FilterChainImpl.doFilter(FilterChainImpl.java:64)

      at oracle.dbtools.http.filters.AbsoluteLocationFilter.doFilter(AbsoluteLocationFilter.java:65)

      at oracle.dbtools.http.filters.HttpResponseFilter.doFilter(HttpResponseFilter.java:45)

      at oracle.dbtools.http.filters.FilterChainImpl.doFilter(FilterChainImpl.java:64)

      at oracle.dbtools.http.errors.ErrorPageFilter.doFilter(ErrorPageFilter.java:85)

      at oracle.dbtools.http.filters.HttpFilter.doFilter(HttpFilter.java:47)

      at oracle.dbtools.http.filters.FilterChainImpl.doFilter(FilterChainImpl.java:64)

      at oracle.dbtools.http.secure.ForceHttpsFilter.doFilter(ForceHttpsFilter.java:74)

      at oracle.dbtools.http.filters.HttpFilter.doFilter(HttpFilter.java:47)

      at oracle.dbtools.http.filters.FilterChainImpl.doFilter(FilterChainImpl.java:64)

      at oracle.dbtools.http.auth.ForceAuthFilter.doFilter(ForceAuthFilter.java:44)

      at oracle.dbtools.http.filters.HttpFilter.doFilter(HttpFilter.java:47)

      at oracle.dbtools.http.filters.FilterChainImpl.doFilter(FilterChainImpl.java:64)

      at oracle.dbtools.http.filters.Filters.filter(Filters.java:67)

      at oracle.dbtools.http.entrypoint.EntryPoint.service(EntryPoint.java:82)

      at oracle.dbtools.http.entrypoint.EntryPointServlet.service(EntryPointServlet.java:102)

      at oracle.dbtools.entrypoint.WebApplicationRequestEntryPoint.service(WebApplicationRequestEntryPoint.java:50)

      at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)

      at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:865)

      at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:535)

      at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:255)

      at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1595)

      at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:255)

      at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1253)

      at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:203)

      at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:473)

      at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1564)

      at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:201)

      at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1155)

      at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:144)

      at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:219)

      at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:126)

      at org.eclipse.jetty.server.handler.StatisticsHandler.handle(StatisticsHandler.java:169)

      at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)

      at org.eclipse.jetty.server.Server.handle(Server.java:531)

      at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:352)

      at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:260)

      at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:281)

      at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:102)

      at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:118)

      at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:760)

      at org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:678)

      at java.lang.Thread.run(Thread.java:748)

      Caused by: java.lang.IllegalArgumentException: Error parsing pattern, reason: Expected one of: <<literal>> but got: <<*>>

      at oracle.dbtools.http.routes.RoutePatternsProvider.parseGlobPattern(RoutePatternsProvider.java:124)

      at oracle.dbtools.http.routes.RoutePatternsProvider.routePattern(RoutePatternsProvider.java:76)

      at oracle.dbtools.rest.resource.privileges.jdbc.JDBCPrivilegeMappings.mappings(JDBCPrivilegeMappings.java:182)