Solved: Malformed OAuth access token: String contains cont...

Report Inappropriate Content · 07-13-2018 05:30 AM

I am connecting to Apigee Edge by using OAuth (Saml) authentication. If I send a intentionally malformed access token - I added extra characters to the token - I get back an 502 server error with a debug data instead of a 401 authentication error.

Response:

{"message":{"message":"String contains control character","fileName":"userContext_js","lineNumber":138}}

dchiesa1

I just tried this:

hdr=$(printf "%b%b%b%b" '\x1B' '\x1c' '\x11' '\x0B')
curl -i -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.e$hdr" $mgmtserver/v1/o/cap500

..and sure enough I got a 400 error., not a 401 error.

The solution seems to be:

"don't do that."

Send a valid authorization token.

View solution in original post

dchiesa1

Are you still experiencing this problem?

If so, please provide additional details.

You say "connecting to Apigee Edge". Exactly how? What specifically are you sending?

dchiesa1

I just tried this:

hdr=$(printf "%b%b%b%b" '\x1B' '\x1c' '\x11' '\x0B')
curl -i -H "Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.e$hdr" $mgmtserver/v1/o/cap500

..and sure enough I got a 400 error., not a 401 error.

The solution seems to be:

"don't do that."

Send a valid authorization token.

Malformed OAuth access token: String contains control character