Afternoon,
I have a Signed PAR Request as follows
{
"iat": 1666488033,
"nbf": 1666488033,
"exp": 1666488638,
"jti": "1be-9mC5GGe0TVkNh-fpn",
"aud": "https://xxxx/openam/oauth2",
"iss": "xxxx",
"scope": "openid",
"code_challenge": "A73kot8LXGRkZWwGkZhsKv7VxYmsjErfxIL0bmkVjEo",
"code_challenge_method": "S256",
"claims": {
"id_token": {
"auth_time": {
"essential": true
},
"given_name": {
"essential": true
},
"acr": {
"essential": true,
"values": [
"urn:australia:digitalid:undefined"
]
}
}
},
"response_type": "code id_token",
"redirect_uri": "http://localhost:8080/code",
"state": "11a45522-036f-424e-84cd-fbf5a8952ce6",
"nonce": "11a45522-036f-424e-84cd-fbf5a8952ce6",
"client_id": "xxxxx"
}
This returns an error of
{
"error_description": "class java.util.LinkedHashMap cannot be cast to class java.lang.String (java.util.LinkedHashMap and java.lang.String are in module java.base of loader 'bootstrap')",
"error": "server_error"
}
If I convert the claims
into a JSON String
"claims": "{\"id_token\":{\"auth_time\":{\"essential\":true},\"given_name\":{\"essential\":true},\"acr\":{\"essential\":true,\"values\":[\"urn:australia:digitalid:undefined\"]}}}",
Then the error goes away and I can continue with the next part of the puzzle.
My quesiton is why do I have to convert it into a string?
I am guessing that because I would need to if I was not a making a Signed PAR Object, as that would be on the URI and would need to be a string.
How do I raise a defect on this, as an outside of ForgeRock Support?
Regards
Nicholas