dynamic_permission Dynamic Scopes script distributed with 3.0.1 CE does not work

By: Dominique Petitpierre user 08 Jun 2017 at 2:03 p.m. CDT

3 Responses
Dominique Petitpierre gravatar
Hello, while testing Dynamic Scopes custom scripts I noticed that the dynamic_permission script distributed with 3.0.1 CE does not work. cf. [https://github.com/GluuFederation/community-edition-setup/blob/master/templates/scripts.ldif#L344](http://https://github.com/GluuFederation/community-edition-setup/blob/master/templates/scripts.ldif#L344) ([http://ostermiller.org/calc/encode.html](http:/http://ostermiller.org/calc/encode.html/) is your friend). The following script line ``` roles = userService.getCustomAttribute(user, "role"); ``` causes an error message in ```/opt/gluu/jetty/oxauth/logs/oxauth.log``` because _userService_ is unknown (_NameError_): ``` 2017-06-08 19:40:54,183 DEBUG [qtp1395089624-11] [org.xdi.oxauth.service.external.ExternalDynamicScopeService] (ExternalDynamicScopeService.java:46) - Executing python 'update' method 2017-06-08 19:40:54,187 ERROR [qtp1395089624-11] [org.xdi.oxauth.service.external.ExternalDynamicScopeService] (ExternalDynamicScopeService.java:51) - null org.python.core.PyException: null at org.python.core.Py.NameError(Py.java:284) ~[jython-2.7.0.jar:?] ``` But fixing the name to ```UserService``` is not enough, because now there is another error (_TypeError_): ``` 2017-06-08 19:45:31,349 DEBUG [qtp1395089624-11] [org.xdi.oxauth.service.external.ExternalDynamicScopeService] (ExternalDynamicScopeService.java:46) - Executing python 'update' method 2017-06-08 19:45:31,360 ERROR [qtp1395089624-11] [org.xdi.oxauth.service.external.ExternalDynamicScopeService] (ExternalDynamicScopeService.java:51) - null org.python.core.PyException: null at org.python.core.Py.TypeError(Py.java:259) ~[jython-2.7.0.jar:?] ``` If it matters here are the relevant tools versions installed by the Gluu server installer: ``` % /opt/jre/bin/java -version java version "1.8.0_112" Java(TM) SE Runtime Environment (build 1.8.0_112-b15) Java HotSpot(TM) 64-Bit Server VM (build 25.112-b15, mixed mode) % /opt/jre/bin/java -jar /opt/jython/jython.jar -V Jython 2.7.0 % /usr/bin/python -V Python 2.7.9 ``` Not proficient in jython I stopped there. But in any case the script as distributed does not work and should be replaced by another functional one (especially that it is enabled by default). Such distributed scripts are very useful as examples to learn from, but only if they work out of the box! PS: I looked at ```UserService.getCustomAttribute``` and was surprised by the dumb loop to find the claim in the list: [https://github.com/GluuFederation/oxAuth/blob/master/Server/src/main/java/org/xdi/oxauth/service/UserService.java#L314](https://github.com/GluuFederation/oxAuth/blob/master/Server/src/main/java/org/xdi/oxauth/service/UserService.java#L314). I am curious: - Why are claims not stored in a key-value map?
OS Version : N/A
closed

Answers

By William Lowe user 08 Jun 2017 at 2:20 p.m. CDT

Copy
William Lowe gravatar
Thanks, Dominique . We'll take a look.

By Yuriy Movchan staff 09 Jun 2017 at 6:06 a.m. CDT

Copy
Yuriy Movchan gravatar
Hi, Thank you for notifying us about this issue. I believe it works fine in 2.4.4. We fixed it in [3.0.2](https://github.com/GluuFederation/community-edition-setup/commit/43bad1199757921a0ce73086b166ab06994fa65a). I hope we will issue final 3.0.2 on Monday.

By Dominique Petitpierre user 15 Jun 2017 at 4:54 p.m. CDT

Copy
Dominique Petitpierre gravatar
Hello, I have tried the new script taken from ``` https://github.com/GluuFederation/community-edition-setup/blob/43bad1199757921a0ce73086b166ab06994fa65a/templates/scripts.ldif ``` Now it works as expected: the role claim values are added dynamically to the response. Thanks!

Post an answer