Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bug: hashCode/equals is broken for clients/scopes/NativePersistenceCacheEntity #1651

Closed
yuriyz opened this issue Mar 11, 2022 · 1 comment
Closed

bug: hashCode/equals is broken for clients/scopes/NativePersistenceCacheEntity #1651

yuriyz opened this issue Mar 11, 2022 · 1 comment
Assignees
@yuriyz
Labels
bug bug in code high priority resolution must be prioritized

Comments

@yuriyz
Copy link
Contributor

yuriyz commented Mar 11, 2022
edited
Loading

Describe the issue

bug: hashCode/equals is broken for clients/scopes/NativePersistenceCacheEntity

There are a few symptoms of this:

  • When calling the end_session service when there are multiple clients in a session, validation of the post_logout_redirect_uri fails for all but one of them
  • If post_logout_redirect_uri validation succeeds for the lucky client, the other clients don't receive their front-channel logout.
    Cutting to the chase, it looks like the issue was introduced with this commit.

With this change, org.gluu.oxauth.model.registration.Client now inherits the hashCode() and equals() methods from org.gluu.persist.model.base.Entry.

This is a problem because org.gluu.oxauth.model.registration.Client overrides the dn property of Entry, such that hashCode() and equals() are now being computed based on Entry's dn, which is null.

This causes "very bad things" to happen with collections of Clients, for example: here where only the first client ever gets added to the resulting Set since all instances of Client have the same hashCode and are equals() to each other.

Support: 10366
@yuriyz yuriyz added bug bug in code high priority resolution must be prioritized labels Mar 11, 2022
@yuriyz yuriyz self-assigned this Mar 11, 2022
@harrdou harrdou mentioned this issue Mar 13, 2022
Closed
yuriyz added a commit to GluuFederation/oxCore that referenced this issue Mar 14, 2022
@yuriyz
fix(master): removed duplicated dn field
d25870a 
GluuFederation/oxAuth#1651
yuriyz added a commit to GluuFederation/oxCore that referenced this issue Mar 14, 2022
@yuriyz
fix(4.3.2): removed duplicated dn field
790a166 
GluuFederation/oxAuth#1651
yuriyz added a commit that referenced this issue Mar 14, 2022
@yuriyz
fix(oxauth): removed duplicated dn field
2d75db1 
#1651
@yuriyz yuriyz mentioned this issue Mar 14, 2022
Merged
yuriyz added a commit that referenced this issue Mar 14, 2022
@yuriyz
fix(oxauth): removed duplicated dn field (#1651) (master)
5d82681 
#1651
yuriyz added a commit that referenced this issue Mar 14, 2022
@yuriyz
fix(oxauth): removed duplicated dn field (4.3.2)
b5a6b4c 
#1651
yuriyz added a commit to JanssenProject/jans that referenced this issue Mar 17, 2022
@yuriyz
fix(jans-auth-server): fixed equals/hashcode by removing redundant dn…
d27659d 
… field

GluuFederation/oxAuth#1651
@yuriyzz yuriyzz mentioned this issue Mar 17, 2022
Merged
@yuriyz
Copy link
Contributor Author

yuriyz commented Mar 17, 2022

Issue is fixed in jans, oxauth 4.4.0 (master) and 4.3.2.

@yuriyz yuriyz closed this as completed Mar 17, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@yuriyz yuriyz

Labels
bug bug in code high priority resolution must be prioritized
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@yuriyz