CentOS and Gateway10.1CR2 with OTK version 4.4.0-4346.
We are in the process of upgrading all our clusters to RHEL8 and noticed something strange in the OTK authorization server.
For the /auth/oauth/v2/authorize endpoint, right around assertion 60, we have an error: "Code not available for assertion: CustomAssertion" for the "Check Response Type Supported" assertion.
We see it in multiple places throughout the OTK, but that's the one that's getting us now.
- We tried exporting/importing, uninstalling/reinstalling the OTK, and the error persists. We can delete the assertion, but then OAuth messages take far longer to run, so this wouldn't work for us in a production environment.
- In the logs, I am seeing warnings for unlicensed assertions in the OTK, but that seems like it's a symptom of the issue, not the cause.
"Policy for service <serviceID>, auth/oauth/v2/authorize (<anotherID>) contains an unlicensed assertion: Code not available for assertion: CustomAssertion