Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Internal Server Error When Using Offset >= Total Organizations and Limit = 0 in Organization Discovery GET API #21025

Closed
BimsaraBodaragama opened this issue Sep 2, 2024 · 3 comments · Fixed by wso2/identity-api-server#749 · May be fixed by #21263 or wso2/identity-api-server#680

Comments

@BimsaraBodaragama
Copy link
Member

BimsaraBodaragama commented Sep 2, 2024

Describe the issue:
When querying the Organization Discovery GET API with an offset greater than or equal to the total number of organizations and with a limit of 0, the server returns a 500 Internal Server Error. The error message indicates an "Unexpected Processing Error" and the server logs show a StackOverflowError caused by a recursive call in the calculateOffsetForPreviousLink method.

Error Message:

{
    "code": "SE-50000",
    "message": "Unexpected Processing Error.",
    "description": "Server encountered an error while serving the request.",
    "traceId": <Trace ID>
}

How to reproduce:

  1. Create 10 organizations (or any number of organizations for demonstration purposes).
  2. Send a GET request to the Organization Discovery API with offset=10 and limit=0.
  3. Observe that the server returns a 500 Internal Server Error.
  4. Repeat the request with offset=15 and limit=0 to observe the same behavior (you can use any offset greater than the total number of organizations for demonstration).

Example Requests:

curl -X GET "https://localhost:9443/t/carbon.super/api/server/v1/organizations/discovery?filter=&offset=<Your count of orgs>&limit=0" \
-H "Authorization: Bearer <Your Bearer Token>" \
-H "Cookie: <Your Cookies>" \
-H "accept: application/json"
curl -X GET "https://localhost:9443/t/carbon.super/api/server/v1/organizations/discovery?filter=&offset=<Your count of orgs + 5>&limit=0" \
-H "Authorization: Bearer <Your Bearer Token>" \
-H "Cookie: <Your Cookies>" \
-H "accept: application/json"

You can replace <Your Bearer Token>, <Your Cookies>, and <Your count of orgs> with the relevant values before using these curl commands.

Expected behavior:
The API should return a valid response with count=0, startIndex=offset+1, and a previous link as shown in the responses for other valid limits. The API should not cause a server error or throw a StackOverflowError.

@BimsaraBodaragama
Copy link
Member Author

For testing purposes, you can create 10 organizations using the following bash script.

  • Before running the script, replace <n>, <Your Auth Token>, <Your Parent ID>, <Your Cookies>, and other relevant session-related header values with your specific details.
#!/bin/bash

# Base values
BASE_URL='https://localhost:9443/api/server/v1/organizations'
AUTH_TOKEN='<Your Auth Token>'
PARENT_ID='<Your Parent ID>'

# Loop to create organizations org1 to org10
for i in {1..10}
do
  # Organization name
  ORG_NAME="org${i}"

  # JSON payload
  DATA=$(cat <<EOF
{
    "name": "${ORG_NAME}",
    "parentId": "${PARENT_ID}",
    "type": "TENANT"
}
EOF
)

  # Make the curl request
  curl --location --insecure "$BASE_URL" \
  --header 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:129.0) Gecko/20100101 Firefox/129.0' \
  --header 'Accept: application/json' \
  --header 'Accept-Language: en-US,en;q=0.5' \
  --header 'Accept-Encoding: gzip, deflate, br, zstd' \
  --header 'Content-Type: application/json' \
  --header "Authorization: Bearer $AUTH_TOKEN" \
  --header 'Origin: https://localhost:9443' \
  --header 'Connection: keep-alive' \
  --header 'Cookie: <Your Cookies>' \
  --header 'Sec-Fetch-Dest: empty' \
  --header 'Sec-Fetch-Mode: cors' \
  --header 'Sec-Fetch-Site: same-origin' \
  --data "$DATA"

  echo "Created organization $ORG_NAME"
done

@BimsaraBodaragama
Copy link
Member Author

Note
Once this issue is resolved, please remove the testGetPaginatedOrganizationsDiscoveryWithInvalidOffsetAndLimitZero test method and its corresponding data provider, organizationDiscoveryInvalidOffsetAtLimitAndLimitZeroDataProvider, from the file located at:

modules/integration/tests-integration/tests-backend/src/test/java/org/wso2/identity/integration/test/rest/api/server/organization/management/v1/OrganizationManagementFailureTest.java

These tests will no longer be necessary after the fix.

@kumardeepak5
Copy link

@BimsaraBodaragama, just a gentle reminder to review the related PR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment