search

Apicurio / apicurio-registry

An API/Schema registry - stores APIs and Schemas.
https://www.apicur.io/registry/
Apache License 2.0
587 stars 260 forks source link

Resource owner password grant - basic auth - java.lang.IllegalStateException: Client is closed #3725

Closed dweber019 closed 11 months ago

dweber019 commented 11 months ago

Description

Registry Version: 2.4.4 Persistence type: kafkasql

Environment

We are using AMQ Streams 2.3 (latest patch), RHSSO 7.6 (latest patch) on OpenShift. Our ApicurioRegistry CRD is configured like this:

apiVersion: registry.apicur.io/v1
kind: ApicurioRegistry
metadata:
  ...
spec:
  configuration:
    env:
      - name: QUARKUS_HTTP_PROXY_PROXY_ADDRESS_FORWARDING
        value: 'true'
      - name: QUARKUS_HTTP_PROXY_ALLOW_FORWARDED
        value: 'true'
      - name: AUTH_ENABLED
        value: 'true'
      - name: KEYCLOAK_URL
        value: 'https://xxx/auth'
      - name: KEYCLOAK_REALM
        value: xxx
      - name: KEYCLOAK_API_CLIENT_ID
        valueFrom:
          secretKeyRef:
            key: CLIENT_ID
            name: >-
              xxx
      - name: KEYCLOAK_API_CLIENT_SECRET
        valueFrom:
          secretKeyRef:
            key: CLIENT_SECRET
            name: >-
              xxx
      - name: KEYCLOAK_UI_CLIENT_ID
        value: service-registry-ui
      - name: ROLE_BASED_AUTHZ_ENABLED
        value: 'true'
      - name: ROLES_ENABLED
        value: 'true'
      - name: REGISTRY_AUTH_ANONYMOUS_READ_ACCESS_ENABLED
        value: 'true'
      - name: CLIENT_CREDENTIALS_BASIC_AUTH_ENABLED
        value: 'false'
      - name: registry.ui.config.auth.keycloak.pkceMethod
        value: S256
    kafkasql:
      bootstrapServers: 'xxx.svc:9093'
      security:
        tls:
          keystoreSecretName: xxx
          truststoreSecretName: xxx
    logLevel: INFO
    persistence: kafkasql
    registryLogLevel: INFO
  deployment:
    host: xxx
    replicas: 1

We have CLIENT_CREDENTIALS_BASIC_AUTH_ENABLED=false as we want to use the direct access grant and not the client credentials flow.

All functionality beside the basic auth is working fine.

Steps to Reproduce

Do the following call with basic auth information to a existing artifact:

GET https://xxx/apis/registry/v2/groups/default/artifacts/sz.is.stockbroker.bond-value/versions
Content-Type: application/json
Accept: application/json
Authorization: Basic xxx

The first call will be fine an return the expected result. If I repeat the call a second time, I get the following log entry.

I guess there is a vertx error, maybe closing / concurrency issue beginning from io.apicurio.rest.client.auth.OidcAuth.obtainAccessTokenPasswordGrant

Logs

2023-09-29 13:47:32 WARN <_> [io.sentry.dsn.Dsn] (executor-thread-0) *** Couldn't find a suitable DSN, Sentry operations will do nothing! See documentation: https://docs.sentry.io/clients/java/ ***
2023-09-29 13:47:32 WARN <_> [io.sentry.DefaultSentryClientFactory] (executor-thread-0) No 'stacktrace.app.packages' was configured, this option is highly recommended as it affects stacktrace grouping and display on Sentry. See documentation: https://docs.sentry.io/clients/java/config/#in-application-stack-frames
2023-09-29 13:47:34 WARN <_> [io.apicurio.registry.metrics.health.liveness.ResponseErrorLivenessCheck] (executor-thread-0) Liveness problem suspected in ResponseErrorLivenessCheck because of an exception: : java.lang.IllegalStateException: Client is closed
    at io.vertx.core.http.impl.HttpClientImpl.checkClosed(HttpClientImpl.java:665)
    at io.vertx.core.http.impl.HttpClientImpl.doRequest(HttpClientImpl.java:566)
    at io.vertx.core.http.impl.HttpClientImpl.request(HttpClientImpl.java:439)
    at io.vertx.ext.web.client.impl.HttpContext.handleCreateRequest(HttpContext.java:488)
    at io.vertx.ext.web.client.impl.HttpContext.execute(HttpContext.java:372)
    at io.vertx.ext.web.client.impl.HttpContext.next(HttpContext.java:362)
    at io.vertx.ext.web.client.impl.HttpContext.fire(HttpContext.java:329)
    at io.vertx.ext.web.client.impl.HttpContext.createRequest(HttpContext.java:220)
    at io.vertx.ext.web.client.impl.HttpContext.handlePrepareRequest(HttpContext.java:418)
    at io.vertx.ext.web.client.impl.HttpContext.execute(HttpContext.java:369)
    at io.vertx.ext.web.client.impl.HttpContext.next(HttpContext.java:362)
    at io.vertx.ext.web.client.impl.HttpContext.fire(HttpContext.java:329)
    at io.vertx.ext.web.client.impl.HttpContext.prepareRequest(HttpContext.java:208)
    at io.vertx.ext.web.client.impl.HttpRequestImpl.send(HttpRequestImpl.java:504)
    at io.vertx.ext.web.client.impl.HttpRequestImpl.sendBuffer(HttpRequestImpl.java:399)
    at io.apicurio.rest.client.VertxHttpClient.sendRequestWithPayload(VertxHttpClient.java:178)
    at io.apicurio.rest.client.VertxHttpClient.executePost(VertxHttpClient.java:140)
    at io.apicurio.rest.client.VertxHttpClient.sendRequest(VertxHttpClient.java:119)
    at io.apicurio.rest.client.auth.OidcAuth.obtainAccessTokenPasswordGrant(OidcAuth.java:130)
    at io.apicurio.common.apps.auth.authn.AppAuthenticationMechanism.customAuthentication(AppAuthenticationMechanism.java:164)
    at io.apicurio.common.apps.auth.authn.AppAuthenticationMechanism.authenticate(AppAuthenticationMechanism.java:149)
    at io.apicurio.common.apps.auth.authn.AppAuthenticationMechanism_ClientProxy.authenticate(Unknown Source)
    at io.quarkus.vertx.http.runtime.security.HttpAuthenticator.createSecurityIdentity(HttpAuthenticator.java:114)
    at io.quarkus.vertx.http.runtime.security.HttpAuthenticator.attemptAuthentication(HttpAuthenticator.java:93)
    at io.quarkus.vertx.http.runtime.security.HttpSecurityRecorder$2.lambda$handle$0(HttpSecurityRecorder.java:173)
    at io.smallrye.context.impl.wrappers.SlowContextualFunction.apply(SlowContextualFunction.java:21)
    at io.smallrye.mutiny.operators.uni.UniOnItemTransformToUni$UniOnItemTransformToUniProcessor.performInnerSubscription(UniOnItemTransformToUni.java:68)
    at io.smallrye.mutiny.operators.uni.UniOnItemTransformToUni$UniOnItemTransformToUniProcessor.onItem(UniOnItemTransformToUni.java:57)
    at io.smallrye.mutiny.operators.uni.builders.UniCreateFromKnownItem$KnownItemSubscription.forward(UniCreateFromKnownItem.java:38)
    at io.smallrye.mutiny.operators.uni.builders.UniCreateFromKnownItem$KnownItemSubscription.access$100(UniCreateFromKnownItem.java:26)
    at io.smallrye.mutiny.operators.uni.builders.UniCreateFromKnownItem.subscribe(UniCreateFromKnownItem.java:23)
    at io.smallrye.mutiny.operators.AbstractUni.subscribe(AbstractUni.java:36)
    at io.smallrye.mutiny.operators.uni.UniOnItemTransformToUni.subscribe(UniOnItemTransformToUni.java:25)
    at io.smallrye.mutiny.operators.AbstractUni.subscribe(AbstractUni.java:36)
    at io.smallrye.mutiny.operators.uni.UniMemoizeOp.subscribe(UniMemoizeOp.java:84)
    at io.smallrye.mutiny.operators.AbstractUni.subscribe(AbstractUni.java:36)
    at io.smallrye.mutiny.operators.uni.UniOnItemTransformToUni.subscribe(UniOnItemTransformToUni.java:25)
    at io.smallrye.mutiny.operators.AbstractUni.subscribe(AbstractUni.java:36)
    at io.smallrye.mutiny.operators.uni.UniOnTermination.subscribe(UniOnTermination.java:21)
    at io.smallrye.mutiny.operators.AbstractUni.subscribe(AbstractUni.java:36)
    at io.smallrye.mutiny.operators.uni.UniMemoizeOp.subscribe(UniMemoizeOp.java:84)
    at io.smallrye.mutiny.operators.AbstractUni.subscribe(AbstractUni.java:36)
    at io.smallrye.mutiny.operators.uni.UniBlockingAwait.await(UniBlockingAwait.java:60)
    at io.smallrye.mutiny.groups.UniAwait.atMost(UniAwait.java:65)
    at io.smallrye.mutiny.groups.UniAwait.indefinitely(UniAwait.java:46)
    at io.quarkus.security.runtime.SecurityIdentityAssociation.getIdentity(SecurityIdentityAssociation.java:66)
    at io.quarkus.security.runtime.SecurityIdentityAssociation_ClientProxy.getIdentity(Unknown Source)
    at io.quarkus.security.runtime.SecurityIdentityProxy.isAnonymous(SecurityIdentityProxy.java:28)
    at io.quarkus.security.runtime.SecurityIdentityProxy_ClientProxy.isAnonymous(Unknown Source)
    at io.apicurio.registry.auth.AuthorizedInterceptor.authorizeMethod(AuthorizedInterceptor.java:124)
    at io.apicurio.registry.auth.AuthorizedInterceptor_Bean.intercept(Unknown Source)
    at io.quarkus.arc.impl.InterceptorInvocation.invoke(InterceptorInvocation.java:42)
    at io.quarkus.arc.impl.AroundInvokeInvocationContext.perform(AroundInvokeInvocationContext.java:41)
    at io.quarkus.arc.impl.InvocationContexts.performAroundInvoke(InvocationContexts.java:33)
    at io.apicurio.registry.rest.v2.GroupsResourceImpl_Subclass.listArtifactVersions(Unknown Source)
    at io.apicurio.registry.rest.v2.GroupsResourceImpl_ClientProxy.listArtifactVersions(Unknown Source)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:568)
    at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:170)
    at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:130)
    at org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:660)
    at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:524)
    at org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$2(ResourceMethodInvoker.java:474)
    at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:364)
    at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:476)
    at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:434)
    at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:408)
    at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:69)
    at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:492)
    at org.jboss.resteasy.core.SynchronousDispatcher.lambda$invoke$4(SynchronousDispatcher.java:261)
    at org.jboss.resteasy.core.SynchronousDispatcher.lambda$preprocess$0(SynchronousDispatcher.java:161)
    at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:364)
    at org.jboss.resteasy.core.SynchronousDispatcher.preprocess(SynchronousDispatcher.java:164)
    at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:247)
    at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:249)
    at io.quarkus.resteasy.runtime.ResteasyFilter$ResteasyResponseWrapper.service(ResteasyFilter.java:70)
    at io.quarkus.resteasy.runtime.ResteasyFilter$ResteasyResponseWrapper.sendError(ResteasyFilter.java:76)
    at io.undertow.servlet.handlers.DefaultServlet.doGet(DefaultServlet.java:172)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:503)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:590)
    at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74)
    at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
    at io.quarkus.resteasy.runtime.ResteasyFilter.doFilter(ResteasyFilter.java:31)
    at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
    at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
    at io.apicurio.registry.ui.servlets.HSTSFilter.doFilter(HSTSFilter.java:62)
    at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
    at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
    at io.apicurio.registry.ui.servlets.ResourceCacheControlFilter.doFilter(ResourceCacheControlFilter.java:92)
    at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
    at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
    at io.apicurio.registry.rest.RegistryApplicationServletFilter.doFilter(RegistryApplicationServletFilter.java:155)
    at io.apicurio.registry.rest.RegistryApplicationServletFilter_ClientProxy.doFilter(Unknown Source)
    at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
    at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
    at io.apicurio.registry.ui.servlets.RedirectFilter.doFilter(RedirectFilter.java:95)
    at io.apicurio.registry.ui.servlets.RedirectFilter_ClientProxy.doFilter(Unknown Source)
    at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
    at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
    at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
    at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:63)
    at io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)
    at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
    at io.undertow.servlet.handlers.RedirectDirHandler.handleRequest(RedirectDirHandler.java:67)
    at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:133)
    at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
    at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
    at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
    at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:65)
    at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
    at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
    at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
    at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
    at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
    at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
    at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:247)
    at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:56)
    at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:111)
    at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:108)
    at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
    at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
    at io.quarkus.undertow.runtime.UndertowDeploymentRecorder$9$1.call(UndertowDeploymentRecorder.java:595)
    at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:227)
    at io.undertow.servlet.handlers.ServletInitialHandler.handleRequest(ServletInitialHandler.java:152)
    at io.quarkus.undertow.runtime.UndertowDeploymentRecorder$1.handleRequest(UndertowDeploymentRecorder.java:120)
    at io.undertow.server.Connectors.executeRootHandler(Connectors.java:284)
    at io.undertow.server.DefaultExchangeHandler.handle(DefaultExchangeHandler.java:18)
    at io.quarkus.undertow.runtime.UndertowDeploymentRecorder$5$1.run(UndertowDeploymentRecorder.java:417)
    at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539)
    at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
    at io.quarkus.vertx.core.runtime.VertxCoreRecorder$14.runWith(VertxCoreRecorder.java:576)
    at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2449)
    at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1478)
    at org.jboss.threads.DelegatingRunnable.run(DelegatingRunnable.java:29)
    at org.jboss.threads.ThreadLocalResettingRunnable.run(ThreadLocalResettingRunnable.java:29)
    at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
    at java.base/java.lang.Thread.run(Thread.java:833)

2023-09-29 13:47:34 INFO <_> [io.apicurio.registry.metrics.health.liveness.ResponseErrorLivenessCheck] (executor-thread-0) After this event, the error counter is 1 (out of the maximum 5 allowed).
2023-09-29 13:47:34 ERROR <_> [io.apicurio.registry.services.http.RegistryExceptionMapperService] (executor-thread-0) [500 ERROR DETECTED] : Client is closed: java.lang.IllegalStateException: Client is closed
    at io.vertx.core.http.impl.HttpClientImpl.checkClosed(HttpClientImpl.java:665)
    at io.vertx.core.http.impl.HttpClientImpl.doRequest(HttpClientImpl.java:566)
    at io.vertx.core.http.impl.HttpClientImpl.request(HttpClientImpl.java:439)
    at io.vertx.ext.web.client.impl.HttpContext.handleCreateRequest(HttpContext.java:488)
    at io.vertx.ext.web.client.impl.HttpContext.execute(HttpContext.java:372)
    at io.vertx.ext.web.client.impl.HttpContext.next(HttpContext.java:362)
    at io.vertx.ext.web.client.impl.HttpContext.fire(HttpContext.java:329)
    at io.vertx.ext.web.client.impl.HttpContext.createRequest(HttpContext.java:220)
    at io.vertx.ext.web.client.impl.HttpContext.handlePrepareRequest(HttpContext.java:418)
    at io.vertx.ext.web.client.impl.HttpContext.execute(HttpContext.java:369)
    at io.vertx.ext.web.client.impl.HttpContext.next(HttpContext.java:362)
    at io.vertx.ext.web.client.impl.HttpContext.fire(HttpContext.java:329)
    at io.vertx.ext.web.client.impl.HttpContext.prepareRequest(HttpContext.java:208)
    at io.vertx.ext.web.client.impl.HttpRequestImpl.send(HttpRequestImpl.java:504)
    at io.vertx.ext.web.client.impl.HttpRequestImpl.sendBuffer(HttpRequestImpl.java:399)
    at io.apicurio.rest.client.VertxHttpClient.sendRequestWithPayload(VertxHttpClient.java:178)
    at io.apicurio.rest.client.VertxHttpClient.executePost(VertxHttpClient.java:140)
    at io.apicurio.rest.client.VertxHttpClient.sendRequest(VertxHttpClient.java:119)
    at io.apicurio.rest.client.auth.OidcAuth.obtainAccessTokenPasswordGrant(OidcAuth.java:130)
    at io.apicurio.common.apps.auth.authn.AppAuthenticationMechanism.customAuthentication(AppAuthenticationMechanism.java:164)
    at io.apicurio.common.apps.auth.authn.AppAuthenticationMechanism.authenticate(AppAuthenticationMechanism.java:149)
    at io.apicurio.common.apps.auth.authn.AppAuthenticationMechanism_ClientProxy.authenticate(Unknown Source)
    at io.quarkus.vertx.http.runtime.security.HttpAuthenticator.createSecurityIdentity(HttpAuthenticator.java:114)
    at io.quarkus.vertx.http.runtime.security.HttpAuthenticator.attemptAuthentication(HttpAuthenticator.java:93)
    at io.quarkus.vertx.http.runtime.security.HttpSecurityRecorder$2.lambda$handle$0(HttpSecurityRecorder.java:173)
    at io.smallrye.context.impl.wrappers.SlowContextualFunction.apply(SlowContextualFunction.java:21)
    at io.smallrye.mutiny.operators.uni.UniOnItemTransformToUni$UniOnItemTransformToUniProcessor.performInnerSubscription(UniOnItemTransformToUni.java:68)
    at io.smallrye.mutiny.operators.uni.UniOnItemTransformToUni$UniOnItemTransformToUniProcessor.onItem(UniOnItemTransformToUni.java:57)
    at io.smallrye.mutiny.operators.uni.builders.UniCreateFromKnownItem$KnownItemSubscription.forward(UniCreateFromKnownItem.java:38)
    at io.smallrye.mutiny.operators.uni.builders.UniCreateFromKnownItem$KnownItemSubscription.access$100(UniCreateFromKnownItem.java:26)
    at io.smallrye.mutiny.operators.uni.builders.UniCreateFromKnownItem.subscribe(UniCreateFromKnownItem.java:23)
    at io.smallrye.mutiny.operators.AbstractUni.subscribe(AbstractUni.java:36)
    at io.smallrye.mutiny.operators.uni.UniOnItemTransformToUni.subscribe(UniOnItemTransformToUni.java:25)
    at io.smallrye.mutiny.operators.AbstractUni.subscribe(AbstractUni.java:36)
    at io.smallrye.mutiny.operators.uni.UniMemoizeOp.subscribe(UniMemoizeOp.java:84)
    at io.smallrye.mutiny.operators.AbstractUni.subscribe(AbstractUni.java:36)
    at io.smallrye.mutiny.operators.uni.UniOnItemTransformToUni.subscribe(UniOnItemTransformToUni.java:25)
    at io.smallrye.mutiny.operators.AbstractUni.subscribe(AbstractUni.java:36)
    at io.smallrye.mutiny.operators.uni.UniOnTermination.subscribe(UniOnTermination.java:21)
    at io.smallrye.mutiny.operators.AbstractUni.subscribe(AbstractUni.java:36)
    at io.smallrye.mutiny.operators.uni.UniMemoizeOp.subscribe(UniMemoizeOp.java:84)
    at io.smallrye.mutiny.operators.AbstractUni.subscribe(AbstractUni.java:36)
    at io.smallrye.mutiny.operators.uni.UniBlockingAwait.await(UniBlockingAwait.java:60)
    at io.smallrye.mutiny.groups.UniAwait.atMost(UniAwait.java:65)
    at io.smallrye.mutiny.groups.UniAwait.indefinitely(UniAwait.java:46)
    at io.quarkus.security.runtime.SecurityIdentityAssociation.getIdentity(SecurityIdentityAssociation.java:66)
    at io.quarkus.security.runtime.SecurityIdentityAssociation_ClientProxy.getIdentity(Unknown Source)
    at io.quarkus.security.runtime.SecurityIdentityProxy.isAnonymous(SecurityIdentityProxy.java:28)
    at io.quarkus.security.runtime.SecurityIdentityProxy_ClientProxy.isAnonymous(Unknown Source)
    at io.apicurio.registry.auth.AuthorizedInterceptor.authorizeMethod(AuthorizedInterceptor.java:124)
    at io.apicurio.registry.auth.AuthorizedInterceptor_Bean.intercept(Unknown Source)
    at io.quarkus.arc.impl.InterceptorInvocation.invoke(InterceptorInvocation.java:42)
    at io.quarkus.arc.impl.AroundInvokeInvocationContext.perform(AroundInvokeInvocationContext.java:41)
    at io.quarkus.arc.impl.InvocationContexts.performAroundInvoke(InvocationContexts.java:33)
    at io.apicurio.registry.rest.v2.GroupsResourceImpl_Subclass.listArtifactVersions(Unknown Source)
    at io.apicurio.registry.rest.v2.GroupsResourceImpl_ClientProxy.listArtifactVersions(Unknown Source)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.base/java.lang.reflect.Method.invoke(Method.java:568)
    at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:170)
    at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:130)
    at org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:660)
    at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:524)
    at org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$2(ResourceMethodInvoker.java:474)
    at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:364)
    at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:476)
    at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:434)
    at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:408)
    at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:69)
    at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:492)
    at org.jboss.resteasy.core.SynchronousDispatcher.lambda$invoke$4(SynchronousDispatcher.java:261)
    at org.jboss.resteasy.core.SynchronousDispatcher.lambda$preprocess$0(SynchronousDispatcher.java:161)
    at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:364)
    at org.jboss.resteasy.core.SynchronousDispatcher.preprocess(SynchronousDispatcher.java:164)
    at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:247)
    at org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.service(ServletContainerDispatcher.java:249)
    at io.quarkus.resteasy.runtime.ResteasyFilter$ResteasyResponseWrapper.service(ResteasyFilter.java:70)
    at io.quarkus.resteasy.runtime.ResteasyFilter$ResteasyResponseWrapper.sendError(ResteasyFilter.java:76)
    at io.undertow.servlet.handlers.DefaultServlet.doGet(DefaultServlet.java:172)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:503)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:590)
    at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74)
    at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
    at io.quarkus.resteasy.runtime.ResteasyFilter.doFilter(ResteasyFilter.java:31)
    at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
    at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
    at io.apicurio.registry.ui.servlets.HSTSFilter.doFilter(HSTSFilter.java:62)
    at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
    at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
    at io.apicurio.registry.ui.servlets.ResourceCacheControlFilter.doFilter(ResourceCacheControlFilter.java:92)
    at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
    at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
    at io.apicurio.registry.rest.RegistryApplicationServletFilter.doFilter(RegistryApplicationServletFilter.java:155)
    at io.apicurio.registry.rest.RegistryApplicationServletFilter_ClientProxy.doFilter(Unknown Source)
    at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
    at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
    at io.apicurio.registry.ui.servlets.RedirectFilter.doFilter(RedirectFilter.java:95)
    at io.apicurio.registry.ui.servlets.RedirectFilter_ClientProxy.doFilter(Unknown Source)
    at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
    at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
    at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
    at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:63)
    at io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)
    at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
    at io.undertow.servlet.handlers.RedirectDirHandler.handleRequest(RedirectDirHandler.java:67)
    at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:133)
    at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
    at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
    at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
    at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:65)
    at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
    at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
    at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
    at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
    at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
    at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
    at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:247)
    at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:56)
    at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:111)
    at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:108)
    at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
    at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
    at io.quarkus.undertow.runtime.UndertowDeploymentRecorder$9$1.call(UndertowDeploymentRecorder.java:595)
    at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:227)
    at io.undertow.servlet.handlers.ServletInitialHandler.handleRequest(ServletInitialHandler.java:152)
    at io.quarkus.undertow.runtime.UndertowDeploymentRecorder$1.handleRequest(UndertowDeploymentRecorder.java:120)
    at io.undertow.server.Connectors.executeRootHandler(Connectors.java:284)
    at io.undertow.server.DefaultExchangeHandler.handle(DefaultExchangeHandler.java:18)
    at io.quarkus.undertow.runtime.UndertowDeploymentRecorder$5$1.run(UndertowDeploymentRecorder.java:417)
    at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539)
    at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
    at io.quarkus.vertx.core.runtime.VertxCoreRecorder$14.runWith(VertxCoreRecorder.java:576)
    at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2449)
    at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1478)
    at org.jboss.threads.DelegatingRunnable.run(DelegatingRunnable.java:29)
    at org.jboss.threads.ThreadLocalResettingRunnable.run(ThreadLocalResettingRunnable.java:29)
    at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
    at java.base/java.lang.Thread.run(Thread.java:833)

2023-09-29 13:47:34 INFO <_> [io.apicurio.common.apps.logging.audit.AuditLogService] (executor-thread-0) apicurio.audit action="request" result="failure" src_ip="172.19.1.61" path="/apis/registry/v2/groups/default/artifacts/sz.is.stockbroker.bond-value/versions" response_code="500" method="GET" user=""
carlesarnal commented 11 months ago

Hey @dweber019,

This is indeed a bug, I was looking a the code and the client was being closed by mistake. However, I would like to know more about why you want to use the password grant since there are way more secure ways of interacting with the server (either going through the UI or using the application directly). I know that there are tools that do not support anything else but basic authentication, but that's essentially the reason why we built the basic client-credentials-based feature. Is there any particular reason for using this flow in particular?

Thanks!

carlesarnal commented 11 months ago

This is basically the reason for your problem -> https://github.com/Apicurio/apicurio-common-app-components/pull/121

dweber019 commented 11 months ago

Hey @carlesarnal We are aware of the issues with the password grant 😉 Sadly our current setup only supports technical users with the password grant as these technical users aren't represented as oAuth client and therefor we can't use the client credentials flow as of now but we are working on it.

Similar to Flyway, we have the avro schemas in our source repos and these avro's are managed with the maven plugin. We don't allow anonymous access to the registry and therefor we need to use the basic auth feature with password grant.

carlesarnal commented 11 months ago

Sorry for the delay. OK, that makes sense then. This will be included in an upcoming 2.5.0.Final release.