APAR status
Closed as unreproducible in next release.
Error description
When obtaining a third party JWT from an authentication server, the Content-type header is incorrectly set to "application/json;charset=UTF-8" on the HTTP request to the authentication server. It was also not possible to set the accept header to "application/jwt".
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: All users of z/OS Connect V3.0 API requester * * (OAS2 and OAS3) when obtaining a JWT from an * * authentication server using the third party * * JWT configuration. * **************************************************************** * PROBLEM DESCRIPTION: The Content-type header is incorrectly * * set to application/json;charset=UTF-8 * * on JWT requests. * **************************************************************** On the request to obtain a JWT from an authentication server, the Content-type header was incorrectly set to "application/json;charset=UTF-8". The IANA registered media type https://www.iana.org/assignments/media-types/application/json does not have any required or optional parameters, and there is a note on the specification: "No "charset" parameter is defined for this registration. Adding one really has no effect on compliant recipients." In addition, z/OS Connect did not set the Accept header to "application/json" when the responseFormat was JSON, nor to "text/plain" when the responseFormat was Text. There was also no option to set an Accept header of "application/jwt", which is typically the media type used when the response is the JWT string, which is equivalent to the Text format.
Problem conclusion
Temporary fix
Comments
z/OS Connect has been changed to set the Content-type header to "application/json" on the request to obtain a JWT from an authentication server. A new value of "JWT" has been added to the responseFormat attribute of the zosconnect_authToken > tokenResponse element. This indicates that a JWT is returned as a string in the response body, the same as for Text. An Accept header is now set on the request with a value of "application/json" if the responseFormat is JSON, "text/plain" if the responseFormat is Text, and "application/jwt" if the responseFormat is JWT. The fix for this APAR is expected to be delivered by the PTF for z/OS Connect V3.0.69.0 (PH53896).
APAR Information
APAR number
PH53008
Reported component name
Z/OS CONNECT EE
Reported component ID
5655CE300
Reported release
000
Status
CLOSED UR1
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2023-03-06
Closed date
2023-04-26
Last modified date
2023-04-26
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
Z/OS CONNECT EE
Fixed component ID
5655CE300
Applicable component levels
[{"Business Unit":{"code":"BU029","label":"Software"},"Product":{"code":"SSVVFY","label":"z\/OS Connect Enterprise Edition"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"3.0"}]
Document Information
Modified date:
26 April 2023