A fix is available
APAR status
Closed as program error.
Error description
When an OAuth API is implemented on the gateway, on the /authorize call when the error query parameter is present an error is thrown back to the TPP (which isn't in sync with the behaviour of adding other non /authorize "random" query params where they are just ignored) and the error value that comes from the query param in the request is used as the error value in the redirect
Local fix
N/A
Problem summary
Fixed input validation on /authorize call of OAuth API.
Problem conclusion
The fix is in 2018.4.1.1
Temporary fix
Comments
APAR Information
APAR number
IT27844
Reported component name
DATAPOWER
Reported component ID
DP1234567
Reported release
770
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2019-01-22
Closed date
2019-01-22
Last modified date
2019-01-22
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
DATAPOWER
Fixed component ID
DP1234567
Applicable component levels
R18X PSY
UP
R770 PSY
UP
[{"Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SS9H2Y","label":"IBM DataPower Gateways"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"770"}]
Document Information
Modified date:
28 September 2021