Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

IdentityProviderApi cannot properly deserialize /ipds responses #972

Closed
anatolip-cvent opened this issue Jan 16, 2024 · 1 comment
Closed

IdentityProviderApi cannot properly deserialize /ipds responses #972

anatolip-cvent opened this issue Jan 16, 2024 · 1 comment
Assignees
@arvindkrishnakumar-okta
Labels
bug

Comments

@anatolip-cvent
Copy link

Describe the bug?

okta-sdk v.14 that is using polymorphic deserialization cannot correctly deserialize responses from /api/v1/idps/${idpId} endpoint.

Below are a few tests to demonstrate the issue.

    @Test
    void getIdentityProviderHasNullPolicy() {
        ApiClient apiClient = Clients.builder()
                .setOrgUrl("https://sso-development.<my-domain>.com")  
                .setClientCredentials(new TokenClientCredentials("<secret>"))
                .build();
        IdentityProviderApi identityProviderApi = new IdentityProviderApi(apiClient);
        IdentityProvider idp = identityProviderApi.getIdentityProvider("0oa13b4m2byJwpt420h8");
        assertNotNull(idp);
        assertNotNull(idp.getPolicy(), "idp.policy is NULL"); // the test fails here because 'policy' field could not be deserialized and Jackson was configured to ignore the error
    }

The same test but without ignoring the Jackson error

    @Test
    void getIdentityProviderHasNullPolicy() {
        ApiClient apiClient = Clients.builder()
                .setOrgUrl("https://sso-development.<my-domain>.com")  
                .setClientCredentials(new TokenClientCredentials("<secret>"))
                .build();

        // override Jackson configuration set in ApiClient constructor
        apiClient.getObjectMapper().configure(DeserializationFeature.FAIL_ON_INVALID_SUBTYPE, true);
        
        IdentityProviderApi identityProviderApi = new IdentityProviderApi(apiClient);
        IdentityProvider idp = identityProviderApi.getIdentityProvider("0oa13b4m2byJwpt420h8");  // InvalidTypeIdException is thrown here
        assertNotNull(idp);
        assertNotNull(idp.getPolicy(), "idp.policy is NULL");
    }

Full stack trace from the test above

ApiException{code=0, responseHeaders=null, responseBody='null'}
	at com.okta.sdk.resource.client.ApiClient.invokeAPI(ApiClient.java:1099)
	at com.okta.sdk.resource.api.IdentityProviderApi.getIdentityProvider(IdentityProviderApi.java:908)
	at com.okta.sdk.resource.api.IdentityProviderApi.getIdentityProvider(IdentityProviderApi.java:858)
	at com.cvent.login.okta.api.IdentityProvidersApiClientTest.getIdentityProviderThrowsJacksonException(IdentityProvidersApiClientTest.java:197)
	at java.base/java.lang.reflect.Method.invoke(Method.java:568)
	at java.base/java.util.ArrayList.forEach(ArrayList.java:1511)
	at java.base/java.util.ArrayList.forEach(ArrayList.java:1511)
Caused by: com.fasterxml.jackson.databind.exc.InvalidTypeIdException: Could not resolve subtype of [simple type, class com.okta.sdk.resource.model.IdentityProviderPolicy]: missing type id property 'type' (for POJO property 'policy')
 at [Source: (String)"{"id":"0oa13b4m2byJwpt420h8","name":"Conference Cisco","status":"ACTIVE","created":"2021-11-26T06:29:51.000Z","lastUpdated":"2023-03-16T19:48:10.000Z","protocol":{"type":"SAML2","endpoints":{"sso":{"url":"https://cvent-conference-dev.onelogin.com/trust/saml2/http-post/sso/d93bfaec-0326-4f04-8993-5b7bfc46c585","binding":"HTTP-POST","destination":"https://cvent-conference-dev.onelogin.com/trust/saml2/http-post/sso/d93bfaec-0326-4f04-8993-5b7bfc46c585"},"acs":{"binding":"HTTP-POST","type":"INSTANCE"[truncated 1628 chars]; line: 1, column: 1557] (through reference chain: com.okta.sdk.resource.model.IdentityProvider["policy"])

	at com.fasterxml.jackson.databind.exc.InvalidTypeIdException.from(InvalidTypeIdException.java:43)
	at com.fasterxml.jackson.databind.DeserializationContext.missingTypeIdException(DeserializationContext.java:2094)
	at com.fasterxml.jackson.databind.DeserializationContext.handleMissingTypeId(DeserializationContext.java:1607)
	at com.fasterxml.jackson.databind.jsontype.impl.TypeDeserializerBase._handleMissingTypeId(TypeDeserializerBase.java:307)
	at com.fasterxml.jackson.databind.jsontype.impl.AsPropertyTypeDeserializer._deserializeTypedUsingDefaultImpl(AsPropertyTypeDeserializer.java:211)
	at com.fasterxml.jackson.databind.jsontype.impl.AsPropertyTypeDeserializer.deserializeTypedFromObject(AsPropertyTypeDeserializer.java:145)
	at com.fasterxml.jackson.databind.deser.BeanDeserializerBase.deserializeWithType(BeanDeserializerBase.java:1296)
	at com.fasterxml.jackson.databind.deser.impl.MethodProperty.deserializeAndSet(MethodProperty.java:138)
	at com.fasterxml.jackson.databind.deser.BeanDeserializer.vanillaDeserialize(BeanDeserializer.java:314)
	at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(BeanDeserializer.java:177)
	at com.fasterxml.jackson.databind.deser.DefaultDeserializationContext.readRootValue(DefaultDeserializationContext.java:323)
	at com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:4825)
	at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3772)
	at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3755)
	at com.okta.sdk.resource.client.ApiClient.deserialize(ApiClient.java:805)
	at com.okta.sdk.resource.client.ApiClient.processResponse(ApiClient.java:954)
	at com.okta.sdk.resource.client.ApiClient.invokeAPI(ApiClient.java:1072)

What is expected to happen?

  • Both unit tests above should pass
  • IdentityProviderApi should return Identity providers with policy field properly populated from Okta /idps/* endpoint responses

What is the actual behavior?

IdentityProviderApi#getIdentityProvider returns an Identity Provider with NULL policy field even though the policy object is present in the REST response

Reproduction Steps?

Please see the provided unit tests

Additional Information?

No response

Java Version

openjdk version "17.0.5" 2022-10-18 LTS
OpenJDK Runtime Environment Corretto-17.0.5.8.1 (build 17.0.5+8-LTS)
OpenJDK 64-Bit Server VM Corretto-17.0.5.8.1 (build 17.0.5+8-LTS, mixed mode, sharing)

SDK Version

14.0.0

OS version

Darwin C02G22CMMD6R 22.6.0 Darwin Kernel Version 22.6.0: Tue Nov 7 21:48:06 PST 2023; root:xnu-8796.141.3.702.9~2/RELEASE_X86_64 x86_64
@arvindkrishnakumar-okta
Copy link
Contributor

@anatolip-cvent Thanks for bringing this to attention! I'd create a PR with the fix shortly.

arvindkrishnakumar-okta added a commit that referenced this issue Jan 16, 2024
@arvindkrishnakumar-okta
Fix issue #972 - IdentityProviderApi cannot properly deserialize /ipd…
0958cee 
…s response
Closed
13 tasks
@arvindkrishnakumar-okta arvindkrishnakumar-okta changed the title IdentityProviderApi cannot property deserialize /ipds responses IdentityProviderApi cannot properly deserialize /ipds responses Jan 16, 2024
@arvindkrishnakumar-okta arvindkrishnakumar-okta changed the title IdentityProviderApi cannot properly deserialize /ipds responses IdentityProviderApi cannot properly deserialize /ipds responses Jan 25, 2024
arvindkrishnakumar-okta added a commit that referenced this issue Jan 25, 2024
@arvindkrishnakumar-okta
Fix #972: IdentityProviderApi cannot properly deserialize /ipds respo…
bd83b40 
…nses
Merged
13 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@arvindkrishnakumar-okta arvindkrishnakumar-okta

Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@arvindkrishnakumar-okta @anatolip-cvent