You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@openwebbeans.apache.org by "Romain Manni-Bucau (JIRA)" <ji...@apache.org> on 2019/02/19 21:30:00 UTC
[jira] [Comment Edited] (MEECROWAVE-183) OAuth2TokenService
generated jwt does not include issuer and causes NPE
[ https://issues.apache.org/jira/browse/MEECROWAVE-183?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16772340#comment-16772340 ]
Romain Manni-Bucau edited comment on MEECROWAVE-183 at 2/19/19 9:29 PM:
------------------------------------------------------------------------
[~jgesser]think we can hack org.apache.cxf.rs.security.oauth2.provider.AbstractOAuthDataProvider#createJwtAccessToken
edit: you can configure geronimo-jwt-auth to not require an issuer or kid in the jwt itself, just set the default, form memory it should be something like geronimo.jwt-auth.issuer.default
was (Author: romain.manni-bucau):
[~jgesser]think we can hack org.apache.cxf.rs.security.oauth2.provider.AbstractOAuthDataProvider#createJwtAccessToken
> OAuth2TokenService generated jwt does not include issuer and causes NPE
> -----------------------------------------------------------------------
>
> Key: MEECROWAVE-183
> URL: https://issues.apache.org/jira/browse/MEECROWAVE-183
> Project: Meecrowave
> Issue Type: Bug
> Affects Versions: 1.2.5, 1.2.6
> Reporter: Julio Vilmar Gesser
> Priority: Major
>
> When using the OAuth2TokenService (oauth2/token) to generate a token in the JWT format it is generated without the issuer field.
> There is no configuration to define a issuer string to be used. The lack of the issuer in the token causes a NPE when using the token to authenticate (see stack trace at the end).
> I tried to find a way to provide the issuer, but I couldn't.
> if OAuth2Configurer allowed me to define a custom AbstractOAuthDataProvider I would override the method createNewAccessToken and set the issuer. But unfortunately the it is not possible yet. I thin this option interesting besides the bug I am reporting because would bring more flexibility.
> But any way, should be a way to define the issuer.
>
> The stacktrace of the problem:
> java.lang.NullPointerException: no mapping for iss
> at org.apache.johnzon.core.JsonObjectImpl.valueOrExcpetion(JsonObjectImpl.java:49) ~[johnzon-core-1.1.10.jar:1.1.10]
> at org.apache.johnzon.core.JsonObjectImpl.getString(JsonObjectImpl.java:82) ~[johnzon-core-1.1.10.jar:1.1.10]
> at org.apache.geronimo.microprofile.impl.jwtauth.jwt.JwtParser.lambda$parse$0(JwtParser.java:93) ~[geronimo-jwt-auth-1.0.1.jar:1.0.1]
> at java.util.stream.MatchOps$1MatchSink.accept(MatchOps.java:90) ~[?:1.8.0_181]
> at java.util.HashMap$KeySpliterator.tryAdvance(HashMap.java:1574) ~[?:1.8.0_181]
> at java.util.stream.ReferencePipeline.forEachWithCancel(ReferencePipeline.java:126) ~[?:1.8.0_181]
> at java.util.stream.AbstractPipeline.copyIntoWithCancel(AbstractPipeline.java:498) ~[?:1.8.0_181]
> at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:485) ~[?:1.8.0_181]
> at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:471) ~[?:1.8.0_181]
> at java.util.stream.MatchOps$MatchOp.evaluateSequential(MatchOps.java:230) ~[?:1.8.0_181]
> at java.util.stream.MatchOps$MatchOp.evaluateSequential(MatchOps.java:196) ~[?:1.8.0_181]
> at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) ~[?:1.8.0_181]
> at java.util.stream.ReferencePipeline.noneMatch(ReferencePipeline.java:459) ~[?:1.8.0_181]
> at org.apache.geronimo.microprofile.impl.jwtauth.jwt.JwtParser.parse(JwtParser.java:93) ~[geronimo-jwt-auth-1.0.1.jar:1.0.1]
> at org.apache.geronimo.microprofile.impl.jwtauth.jwt.JwtParser$$OwbNormalScopeProxy0.parse(org/apache/geronimo/microprofile/impl/jwtauth/jwt/JwtParser.java) ~[?:1.0.1]
> at org.apache.geronimo.microprofile.impl.jwtauth.servlet.JwtRequest.lambda$new$0(JwtRequest.java:62) ~[geronimo-jwt-auth-1.0.1.jar:1.0.1]
> at org.apache.geronimo.microprofile.impl.jwtauth.servlet.JwtRequest.getUserPrincipal(JwtRequest.java:93) ~[geronimo-jwt-auth-1.0.1.jar:1.0.1]
> at javax.servlet.http.HttpServletRequestWrapper.getUserPrincipal(HttpServletRequestWrapper.java:196) ~[meecrowave-specs-api-1.2.6.jar:1.2.6]
> at org.apache.cxf.transport.http.AbstractHTTPDestination$2.getUserPrincipal(AbstractHTTPDestination.java:392) ~[cxf-rt-transports-http-3.3.0.jar:3.3.0]
> at org.apache.cxf.transport.http.AbstractHTTPDestination.getAuthorizationPolicyFromMessage(AbstractHTTPDestination.java:206) ~[cxf-rt-transports-http-3.3.0.jar:3.3.0]
> at org.apache.cxf.transport.http.AbstractHTTPDestination.setupMessage(AbstractHTTPDestination.java:405) ~[cxf-rt-transports-http-3.3.0.jar:3.3.0]
> at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:252) ~[cxf-rt-transports-http-3.3.0.jar:3.3.0]
> at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:234) ~[cxf-rt-transports-http-3.3.0.jar:3.3.0]
> at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:208) ~[cxf-rt-transports-http-3.3.0.jar:3.3.0]
> at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:160) ~[cxf-rt-transports-http-3.3.0.jar:3.3.0]
> at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:216) ~[cxf-rt-transports-http-3.3.0.jar:3.3.0]
> at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:301) ~[cxf-rt-transports-http-3.3.0.jar:3.3.0]
> at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doGet(AbstractHTTPServlet.java:225) ~[cxf-rt-transports-http-3.3.0.jar:3.3.0]
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:634) ~[meecrowave-specs-api-1.2.6.jar:1.2.6]
> at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:276) ~[cxf-rt-transports-http-3.3.0.jar:3.3.0]
> at org.apache.meecrowave.cxf.CxfCdiAutoSetup$1.doFilter(CxfCdiAutoSetup.java:121) ~[meecrowave-core-1.2.6.jar:1.2.6]
> at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-catalina-9.0.14.jar:9.0.14]
> at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-catalina-9.0.14.jar:9.0.14]
> at org.apache.geronimo.microprofile.opentracing.common.microprofile.server.OpenTracingFilter.doFilter(OpenTracingFilter.java:157) ~[geronimo-opentracing-common-1.0.1.jar:1.0.1]
> at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-catalina-9.0.14.jar:9.0.14]
> at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-catalina-9.0.14.jar:9.0.14]
> at org.apache.geronimo.microprofile.impl.jwtauth.servlet.GeronimoJwtAuthFilter.lambda$doFilter$3(GeronimoJwtAuthFilter.java:83) ~[geronimo-jwt-auth-1.0.1.jar:1.0.1]
> at org.apache.geronimo.microprofile.impl.jwtauth.cdi.GeronimoJwtAuthExtension.execute(GeronimoJwtAuthExtension.java:276) ~[geronimo-jwt-auth-1.0.1.jar:1.0.1]
> at org.apache.geronimo.microprofile.impl.jwtauth.cdi.GeronimoJwtAuthExtension$$OwbNormalScopeProxy0.execute(org/apache/geronimo/microprofile/impl/jwtauth/cdi/GeronimoJwtAuthExtension.java) ~[?:1.0.1]
> at org.apache.geronimo.microprofile.impl.jwtauth.servlet.GeronimoJwtAuthFilter.doFilter(GeronimoJwtAuthFilter.java:83) ~[geronimo-jwt-auth-1.0.1.jar:1.0.1]
> at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) ~[tomcat-catalina-9.0.14.jar:9.0.14]
> at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) ~[tomcat-catalina-9.0.14.jar:9.0.14]
> at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199) [tomcat-catalina-9.0.14.jar:9.0.14]
> at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) [tomcat-catalina-9.0.14.jar:9.0.14]
> at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490) [tomcat-catalina-9.0.14.jar:9.0.14]
> at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139) [tomcat-catalina-9.0.14.jar:9.0.14]
> at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) [tomcat-catalina-9.0.14.jar:9.0.14]
> at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) [tomcat-catalina-9.0.14.jar:9.0.14]
> at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) [tomcat-catalina-9.0.14.jar:9.0.14]
> at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:408) [tomcat-coyote-9.0.14.jar:9.0.14]
> at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) [tomcat-coyote-9.0.14.jar:9.0.14]
> at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:834) [tomcat-coyote-9.0.14.jar:9.0.14]
> at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1417) [tomcat-coyote-9.0.14.jar:9.0.14]
> at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) [tomcat-coyote-9.0.14.jar:9.0.14]
> at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_181]
> at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_181]
> at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-util-9.0.14.jar:9.0.14]
> at java.lang.Thread.run(Thread.java:748) [?:1.8.0_181]
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)