search

International-Data-Spaces-Association / DataspaceConnectorUI

User interface for the Dataspace Connector.
Apache License 2.0
10 stars 14 forks source link

Proxy setting is set without any change via empty object #101

Closed SebastianOpriel closed 3 years ago

SebastianOpriel commented 3 years ago

I used the Connector UI to register a Broker at https://broker.test.ids.smart-connected.nl and received following Exception:

2021-09-08T14:43:22,861 [https-jsse-nio-8080-exec-5] INFO - Sending request to https://broker.test.ids.smart-connected.nl/ ...
2021-09-08T14:43:22,864 [https-jsse-nio-8080-exec-5] ERROR - An unhandled exception has been caught. [exception=(hostname can't be null)]
java.lang.IllegalArgumentException: hostname can't be null
    at java.net.InetSocketAddress.checkHost(InetSocketAddress.java:149) ~[?:?]
    at java.net.InetSocketAddress.<init>(InetSocketAddress.java:216) ~[?:?]
    at de.fraunhofer.ids.messaging.core.config.ClientProvider$1.select(ClientProvider.java:183) ~[core-4.3.0.jar:?]
    at okhttp3.internal.connection.RouteSelector$resetNextProxy$1.invoke(RouteSelector.kt:106) ~[okhttp-4.9.1.jar:?]
    at okhttp3.internal.connection.RouteSelector.resetNextProxy(RouteSelector.kt:113) ~[okhttp-4.9.1.jar:?]
    at okhttp3.internal.connection.RouteSelector.<init>(RouteSelector.kt:53) ~[okhttp-4.9.1.jar:?]
    at okhttp3.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.kt:202) ~[okhttp-4.9.1.jar:?]
    at okhttp3.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.kt:106) ~[okhttp-4.9.1.jar:?]
    at okhttp3.internal.connection.ExchangeFinder.find(ExchangeFinder.kt:74) ~[okhttp-4.9.1.jar:?]
    at okhttp3.internal.connection.RealCall.initExchange$okhttp(RealCall.kt:255) ~[okhttp-4.9.1.jar:?]
    at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.kt:32) ~[okhttp-4.9.1.jar:?]
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109) ~[okhttp-4.9.1.jar:?]
    at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.kt:95) ~[okhttp-4.9.1.jar:?]
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109) ~[okhttp-4.9.1.jar:?]
    at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.kt:83) ~[okhttp-4.9.1.jar:?]
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109) ~[okhttp-4.9.1.jar:?]
    at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.kt:76) ~[okhttp-4.9.1.jar:?]
    at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109) ~[okhttp-4.9.1.jar:?]
    at okhttp3.internal.connection.RealCall.getResponseWithInterceptorChain$okhttp(RealCall.kt:201) ~[okhttp-4.9.1.jar:?]
    at okhttp3.internal.connection.RealCall.execute(RealCall.kt:154) ~[okhttp-4.9.1.jar:?]
    at de.fraunhofer.ids.messaging.protocol.http.IdsHttpService.sendRequest(IdsHttpService.java:384) ~[messaging-4.3.0.jar:?]
    at de.fraunhofer.ids.messaging.protocol.http.IdsHttpService.send(IdsHttpService.java:221) ~[messaging-4.3.0.jar:?]
    at de.fraunhofer.ids.messaging.protocol.http.IdsHttpService.sendAndCheckDat(IdsHttpService.java:447) ~[messaging-4.3.0.jar:?]
    at de.fraunhofer.ids.messaging.protocol.MessageService.sendIdsMessage(MessageService.java:134) ~[messaging-4.3.0.jar:?]
    at de.fraunhofer.ids.messaging.protocol.MessageService.sendIdsMessage(MessageService.java:166) ~[messaging-4.3.0.jar:?]
    at de.fraunhofer.ids.messaging.requests.builder.IdsRequestBuilder.sendMultipart(IdsRequestBuilder.java:377) ~[messaging-4.3.0.jar:?]
    at de.fraunhofer.ids.messaging.requests.builder.ConnectorRequestBuilder.execute(ConnectorRequestBuilder.java:137) ~[messaging-4.3.0.jar:?]
    at de.fraunhofer.ids.messaging.broker.BrokerService.updateSelfDescriptionAtBroker(BrokerService.java:213) ~[broker-4.3.0.jar:?]
    at io.dataspaceconnector.service.message.GlobalMessageService.sendConnectorUpdateMessage(GlobalMessageService.java:104) ~[classes/:?]
    at io.dataspaceconnector.controller.message.ids.ConnectorUpdateMessageController.sendMessage(ConnectorUpdateMessageController.java:127) ~[classes/:?]
HeinrichPet commented 3 years ago

With my local setup (latest main version) I get this Error:

2021-09-08T15:27:40,415 [https-jsse-nio-8080-exec-1] INFO - Sending request to https://broker.test.ids.smart-connected.nl/ ...
2021-09-08T15:27:40,710 [https-jsse-nio-8080-exec-1] ERROR - Received response but response-code not in 200-299! [code=(405)]

When using the standard path (/infrastructure) from IAIS Metadatabroker I get a valid response:

2021-09-08T15:29:39,171 [https-jsse-nio-8080-exec-3] INFO - Successfully loaded Keystore.
2021-09-08T15:29:39,360 [https-jsse-nio-8080-exec-3] INFO - Successfully loaded Truststore.
2021-09-08T15:29:39,442 [https-jsse-nio-8080-exec-3] INFO - Sending request to https://broker.test.ids.smart-connected.nl/infrastructure ...
2021-09-08T15:29:39,762 [https-jsse-nio-8080-exec-3] INFO - Successfully received response to request.
2021-09-08T15:29:39,798 [https-jsse-nio-8080-exec-3] INFO - Initializing SHACL shapes.
2021-09-08T15:29:39,798 [https-jsse-nio-8080-exec-3] INFO - Loading SHACL shapes from resources. You can optionally download the latest shapes from GitHub.
2021-09-08T15:29:44,408 [https-jsse-nio-8080-exec-3] INFO - Loading ontology from resources
2021-09-08T15:29:44,544 [https-jsse-nio-8080-exec-3] INFO - Initialization of SHACL shapes complete.
2021-09-08T15:29:45,678 [https-jsse-nio-8080-exec-3] INFO - Successfully passed SHACL-Validation.
2021-09-08T15:29:46,608 [https-jsse-nio-8080-exec-3] WARN - Received unexpected response message. [response=({reason=https://w3id.org/idsa/code/NOT_AUTHENTICATED, payload={"reason":"No security token present in IDS header","origin":"Core Container","type":"TokenVerificationException","status":"Error"}, type=class de.fraunhofer.iais.eis.RejectionMessageImpl})]

That warning may be a problem with my local DAPS certificate.

However, in your message log the DSC tries to use an empty proxy hostname (in ClientProvider.java:183):

java.lang.IllegalArgumentException: hostname can't be null
    at java.net.InetSocketAddress.checkHost(InetSocketAddress.java:149) ~[?:?]
    at java.net.InetSocketAddress.<init>(InetSocketAddress.java:216) ~[?:?]
    at de.fraunhofer.ids.messaging.core.config.ClientProvider$1.select(ClientProvider.java:183) ~[core-4.3.0.jar:?]
    at okhttp3.internal.connection.RouteSelector$resetNextProxy$1.invoke(RouteSelector.kt:106) ~[okhttp-4.9.1.jar:?]
    at okhttp3.internal.connection.RouteSelector.resetNextProxy(RouteSelector.kt:113) ~[okhttp-4.9.1.jar:?]

What did you do with your proxy configuration in DSC?

tmberthold commented 3 years ago

Did you change the DSC settings via the DSC UI settings page before trying to register at a broker? Maybe the DSC proxy config was set incorrectly by this.

SebastianOpriel commented 3 years ago

Mainly it was all out of the box, so no big adjustems to any Config. But Yes, I updated the settings via the gui, but didn't enter any proxy settings. Might it be the dsc backend, that not checks for empty proxy urls?

tmberthold commented 3 years ago

I suspect that the code runs into the following line and thereby resets the proxy-settings, since the UI will certainly not not send us a proxy when no details available but a empty proxy object (desc) with just no further details instead. This will reset the proxy settings.

https://github.com/International-Data-Spaces-Association/DataspaceConnector/blob/5b9bb85976e4ad2c551e729094aebdbe481c730e/src/main/java/io/dataspaceconnector/model/configuration/ConfigurationFactory.java#L315

Will definitely take another look.

HeinrichPet commented 3 years ago

Solution in UI:

tmberthold commented 3 years ago

Small technical formal note: "Return the same object you get" may not be the right approach in some cases, as the DSC API does not always provide all data available in the DSC, such as passwords. If this then actually in some cases and some sense incomplete data given by the DSC API for the UI is returned back from the UI to the DSC, the original complete data in the DSC could be overwritten by the incomplete data from the UI with e.g. missing passwords for proxies if they were set. The user would have to specify in any case the proxy-auth-details again in the UI so that they are not lost if they were set. (ProxyFactory -> updateAuthentication will remove the actually existing auth-data, if they are not set again in the UI and were set before)

HeinrichPet commented 3 years ago

Okay, then also take the proxy settings to a separate Settings page and add there a cancel button. With cancel nothing happens, if you press save there the password will be set (when authentication is enabled). This solves the problem that the password have to be reentered when the user wants to change anything else in the settings.

BastianWel commented 3 years ago

Prior to the UI release for version 8.0.0, we had agreed in the meeting (July 20) that the UI would send null to the DSC for the proxy username and password if the user did not make any changes to them. However, it seems that this has not yet been implemented correctly on the DSC side.

tmberthold commented 3 years ago

The original problem of the issue is generally further upstream in the flow, we need to look at that overall again.

tmberthold commented 3 years ago

The original problem of this issue is that when no proxy settings is set in the connector-configuration, an empty proxySettings array is sent from the UI to the DSC up on saving the Settings-Page, which DSC-internally creates a proxy in the config with default values. As a result, a config in the DSC is from then on used which has a proxy with not working default values, which was not existent before in the config. This in turn triggers the error described above.

Return of the UI to the DSC: image

BastianWel commented 3 years ago

Couldn't the DSC just interpret a proxy without URL as no proxy set?

BastianWel commented 3 years ago

Fixed in bae1910