Bug ID 1382329: Handling 'active' attribute in introspection response

Last Modified: Dec 05, 2024

Affected Product(s):
BIG-IP APM(all modules)

Known Affected Versions:
16.1.4.1, 16.1.4.2, 16.1.4.3

Fixed In:
17.1.2, 16.1.5

Opened: Oct 21, 2023

Severity: 4-Minor

Symptoms

When Google is configured as an authorization server it does not include an 'active' attribute in response to the token validation endpoint. OAuth Scope fails without any error message.

Impact

BIG-IP Administrator will not be able to figure out why OAuth Scope fails by looking at the debug logs.

Conditions

BIG-IP configured as OAuth Client + Resource Server and Google as Authorisation server.

Workaround

None

Fix Information

Log an error message describing the absence of an 'active' attribute.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips