CamundaTaskListClient does not reconnect when using SimpleAuthentication

camunda-community-hub / camunda-tasklist-client-java

Java client for the Tasklist API of Camunda Platform 8

Apache License 2.0

26 stars 16 forks source link

CamundaTaskListClient does not reconnect when using SimpleAuthentication #58

Closed sam0r040 closed 6 months ago

sam0r040 commented 8 months ago

Hi, my team is using Camunda 8 without Identity for local development. We noticed that CamundaTaskListClient is currently not supporting the auto-reconnect functionality when used with SimpleAuthentication.

The CamundaTaskListClient is trying to read the bearer token to get the token expiration from the jwt:

   if (header.getValue().startsWith("Bearer ")) {
      this.tokenExpiration = JwtUtils.getExpiration(header.getValue().substring(7));
    }

Unfortunately this does not work for SimpleAuthentication since it is not using a bearer tokens. If tokenExpiration is not set or not updated, reconnectEventually will not attempt to re-authenticate and our services are getting disconnected while developing.

chDame commented 8 months ago

Hi @sam0r040,

You're right and I believe it's not possible to know when the cookie will expire. But we could arbitrarly fix the expiration in such a case. Would you be able to tell me an approximation of elapsed time between connection and getting disconnected ?

Thanks in advance! I'll try to release a patch early next week!

chDame commented 8 months ago

Hi @sam0r040,

I released a version 8.3.3.4 with two attributes added to the CamundaTaskListClientBuilder: alwaysReconnect will enforce reconnection before each request if true (default false) cookieExpiration will set an arbitrary expiration time for the cookie (default 3mn).

So if keep the default, the cookie will be renegociated after 3mn. If you want to change this behaviour, you can play with these 2 properties.

Tell me if that solves your issue! Thanks

sam0r040 commented 8 months ago

@chDame Sorry for not getting back to you today. I could not find documentation about default session timeout, but I think it should be 30 minutes. With the old API, we just extended SimpleAuthentication and set it to reconnect after 30 mins:

override fun authenticate(client: CamundaTaskListClient?) {
            super.authenticate(client)
            client?.setTokenExpiration(((System.currentTimeMillis() + 30.minutes.inWholeMilliseconds) / 1000).toInt())
}

Your solution with additional properties should work. I will integrated tomorrow with 30 mins expiration to give you feedback.

Thanks a lot for quick response!

thackba commented 7 months ago

Hi. We have the same problem see: #60

chDame commented 7 months ago

Hi @thackba, 8.4.0.2 is released with your PR! Thanks :)