Description
In getLatestAccessTokens method [1], the DB query parameters 9 and 10 are not populated [2] as the query includes 10 parameters but only 8 parameters are populated, which throws SQL Exception
java.sql.SQLException: No value specified for parameter 9
[1] - https://github.com/wso2-extensions/identity-inbound-auth-oauth/blob/488e6d7d2b6d38c218975c2dcce32705226f9e58/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/dao/AccessTokenDAOImpl.java#L2839
[2] - https://github.com/wso2-extensions/identity-inbound-auth-oauth/blob/488e6d7d2b6d38c218975c2dcce32705226f9e58/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/dao/SQLQueries.java#L145
Steps to Reproduce
- In Identity server 7.1 disable the internal token clean up task
- Get authorization code token along with a refresh token
- After the above obtained token, refresh token and access token expired, then obtain another access token with authorization code grant type. This sets DB entry for previous token's TOKEN_STATE to EXPIRED
- Then use previous expired old refresh token with refresh token grant type. This gives following error response due to the java.sql.SQLException: No value specified for parameter 9 exception
{"error_description":"Error occurred while trying to retrieve latest 'ACTIVE or EXPIRED' access token for Client ID : <ID>, User ID : <user> and Scope : openid","error":"invalid_grant"}
Even though the old refresh token is expired, the flow should not get the SQL Exceptions and handle with a proper error message.
Version
7.1.0
Environment Details (with versions)
No response
Developer Checklist
Description
In getLatestAccessTokens method [1], the DB query parameters 9 and 10 are not populated [2] as the query includes 10 parameters but only 8 parameters are populated, which throws SQL Exception
java.sql.SQLException: No value specified for parameter 9
[1] - https://github.com/wso2-extensions/identity-inbound-auth-oauth/blob/488e6d7d2b6d38c218975c2dcce32705226f9e58/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/dao/AccessTokenDAOImpl.java#L2839
[2] - https://github.com/wso2-extensions/identity-inbound-auth-oauth/blob/488e6d7d2b6d38c218975c2dcce32705226f9e58/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/oauth2/dao/SQLQueries.java#L145
Steps to Reproduce
{"error_description":"Error occurred while trying to retrieve latest 'ACTIVE or EXPIRED' access token for Client ID : <ID>, User ID : <user> and Scope : openid","error":"invalid_grant"}Even though the old refresh token is expired, the flow should not get the SQL Exceptions and handle with a proper error message.
Version
7.1.0
Environment Details (with versions)
No response
Developer Checklist
impact/behavioral-changeadded7.2.0-migration)configadded