search

Altinn / altinn-authorization

Altinn platform microservice for handling authorization
2 stars 3 forks source link

ArgumentException on XacmlPolicy subject dictionary build operation #500

Closed jonkjetiloye closed 1 year ago

jonkjetiloye commented 1 year ago

Description of the bug

Triggering multiple parallel Decision requests for the same Resource/App for the first time after the policy have been retrieved.

When multiple requests hit the same pod (and thus same cached object) and starts building the subject dictionary, the build can cause ArgumentException of adding the same key twice.

Steps To Reproduce

On a clean-cache run execute multiple Decision requests for the same App or Resource in parallel

Additional Information

Call Stack example:

System.ArgumentException:
   at System.ThrowHelper.ThrowAddingDuplicateWithKeyArgumentException (System.Private.CoreLib, Version=7.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
   at System.Collections.Generic.Dictionary`2.TryInsert (System.Private.CoreLib, Version=7.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
   at System.Collections.Generic.Dictionary`2.Add (System.Private.CoreLib, Version=7.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
   at Altinn.Authorization.ABAC.Xacml.XacmlPolicy.GetAttributeDictionaryByCategory (Altinn.Authorization.ABAC, Version=0.0.0.6, Culture=neutral, PublicKeyToken=null)
   at Altinn.Platform.Authorization.Services.Implementation.ContextHandler+<EnrichSubjectAttributes>d__17.MoveNext (Altinn.Platform.Authorization, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null: /Authorization/Authorization/Services/Implementation/ContextHandler.cs:318)
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw (System.Private.CoreLib, Version=7.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Private.CoreLib, Version=7.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Private.CoreLib, Version=7.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
   at Altinn.Platform.Authorization.Services.Implementation.ContextHandler+<EnrichResourceAttributes>d__11.MoveNext (Altinn.Platform.Authorization, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null: /Authorization/Authorization/Services/Implementation/ContextHandler.cs:132)
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw (System.Private.CoreLib, Version=7.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Private.CoreLib, Version=7.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Private.CoreLib, Version=7.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
   at Altinn.Platform.Authorization.Services.Implementation.ContextHandler+<Enrich>d__10.MoveNext (Altinn.Platform.Authorization, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null: /Authorization/Authorization/Services/Implementation/ContextHandler.cs:80)
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw (System.Private.CoreLib, Version=7.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Private.CoreLib, Version=7.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Private.CoreLib, Version=7.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
   at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult (System.Private.CoreLib, Version=7.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
   at Altinn.Platform.Authorization.Controllers.DecisionController+<Authorize>d__13.MoveNext (Altinn.Platform.Authorization, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null: /Authorization/Authorization/Controllers/DecisionController.cs:210)
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw (System.Private.CoreLib, Version=7.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Private.CoreLib, Version=7.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Private.CoreLib, Version=7.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
   at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult (System.Private.CoreLib, Version=7.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
   at Altinn.Platform.Authorization.Controllers.DecisionController+<Authorize>d__9.MoveNext (Altinn.Platform.Authorization, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null: /Authorization/Authorization/Controllers/DecisionController.cs:110)
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw (System.Private.CoreLib, Version=7.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Private.CoreLib, Version=7.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Private.CoreLib, Version=7.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
   at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult (System.Private.CoreLib, Version=7.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
   at Altinn.Platform.Authorization.Controllers.DecisionController+<AuthorizeJsonRequest>d__11.MoveNext (Altinn.Platform.Authorization, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null: /Authorization/Authorization/Controllers/DecisionController.cs:190)
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw (System.Private.CoreLib, Version=7.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
   at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess (System.Private.CoreLib, Version=7.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification (System.Private.CoreLib, Version=7.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
   at System.Runtime.CompilerServices.TaskAwaiter`1.GetResult (System.Private.CoreLib, Version=7.0.0.0, Culture=neutral, PublicKeyToken=7cec85d7bea7798e)
   at Altinn.Platform.Authorization.Controllers.DecisionController+<Post>d__8.MoveNext (Altinn.Platform.Authorization, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null: /Authorization/Authorization/Controllers/DecisionController.cs:74)
jonkjetiloye commented 1 year ago

Merged and tested in AT.