search

doorkeeper-gem / doorkeeper-openid_connect

OpenID Connect extension for Doorkeeper
MIT License
175 stars 117 forks source link

/oauth/token returns an ArgumentError in 1.8.0 #151

Open MH4GF opened 3 years ago

MH4GF commented 3 years ago

Hi! After upgrading to 1.8.0, I noticed an ArgumentError in /oauth/token .

app_1       | Started POST "/oauth/token" for 172.20.0.1 at 2021-06-02 14:56:47 +0900
app_1       | Processing by Doorkeeper::TokensController#create as */*
app_1       |   Parameters: {"client_id"=>"uid", "client_secret"=>"[FILTERED]", "grant_type"=>"password", "username"=>"foo@example.com", "password"=>"[FILTERED]", "scope"=>"openid email", "token"=>{"client_id"=>"uid", "client_secret"=>"[FILTERED]", "grant_type"=>"password", "username"=>"foo@example.com", "password"=>"[FILTERED]", "scope"=>"openid email"}}
app_1       |   Account Load (0.8ms)  SELECT `accounts`.* FROM `accounts` WHERE `accounts`.`email` IS NULL LIMIT 1
app_1       |   ↳ config/initializers/doorkeeper.rb:22:in `block (2 levels) in <main>'
app_1       | Completed 500 Internal Server Error in 3ms (ActiveRecord: 0.8ms | Allocations: 1388)
app_1       |
app_1       |
app_1       | wrong number of arguments (given 5, expected 3..4) excluded from capture: No host specified, no public_key specified, no project_id specified
app_1       |
app_1       | ArgumentError (wrong number of arguments (given 5, expected 3..4)):
app_1       |
app_1       | doorkeeper-openid_connect (1.8.0) lib/doorkeeper/openid_connect/oauth/password_access_token_request.rb:9:in `initialize'
app_1       | doorkeeper (5.5.1) lib/doorkeeper/request/password.rb:9:in `new'
app_1       | doorkeeper (5.5.1) lib/doorkeeper/request/password.rb:9:in `request'
app_1       | doorkeeper (5.5.1) lib/doorkeeper/request/strategy.rb:8:in `authorize'
app_1       | doorkeeper (5.5.1) app/controllers/doorkeeper/tokens_controller.rb:133:in `authorize_response'
app_1       | doorkeeper (5.5.1) app/controllers/doorkeeper/tokens_controller.rb:8:in `create'
app_1       | actionpack (6.0.3.7) lib/action_controller/metal/basic_implicit_render.rb:6:in `send_action'
app_1       | actionpack (6.0.3.7) lib/abstract_controller/base.rb:195:in `process_action'
app_1       | actionpack (6.0.3.7) lib/action_controller/metal/rendering.rb:30:in `process_action'
app_1       | actionpack (6.0.3.7) lib/abstract_controller/callbacks.rb:42:in `block in process_action'
app_1       | activesupport (6.0.3.7) lib/active_support/callbacks.rb:112:in `block in run_callbacks'
app_1       | sentry-raven (3.1.2) lib/raven/integrations/rails/controller_transaction.rb:7:in `block in included'
app_1       | activesupport (6.0.3.7) lib/active_support/callbacks.rb:121:in `instance_exec'
app_1       | activesupport (6.0.3.7) lib/active_support/callbacks.rb:121:in `block in run_callbacks'
app_1       | activesupport (6.0.3.7) lib/active_support/callbacks.rb:139:in `run_callbacks'
app_1       | actionpack (6.0.3.7) lib/abstract_controller/callbacks.rb:41:in `process_action'
app_1       | actionpack (6.0.3.7) lib/action_controller/metal/rescue.rb:22:in `process_action'
app_1       | actionpack (6.0.3.7) lib/action_controller/metal/instrumentation.rb:33:in `block in process_action'
app_1       | activesupport (6.0.3.7) lib/active_support/notifications.rb:180:in `block in instrument'
app_1       | activesupport (6.0.3.7) lib/active_support/notifications/instrumenter.rb:24:in `instrument'
app_1       | activesupport (6.0.3.7) lib/active_support/notifications.rb:180:in `instrument'
app_1       | actionpack (6.0.3.7) lib/action_controller/metal/instrumentation.rb:32:in `process_action'
app_1       | actionpack (6.0.3.7) lib/action_controller/metal/params_wrapper.rb:245:in `process_action'
app_1       | activerecord (6.0.3.7) lib/active_record/railties/controller_runtime.rb:27:in `process_action'
app_1       | actionpack (6.0.3.7) lib/abstract_controller/base.rb:136:in `process'
app_1       | actionview (6.0.3.7) lib/action_view/rendering.rb:39:in `process'
app_1       | actionpack (6.0.3.7) lib/action_controller/metal.rb:190:in `dispatch'
app_1       | actionpack (6.0.3.7) lib/action_controller/metal.rb:254:in `dispatch'
app_1       | actionpack (6.0.3.7) lib/action_dispatch/routing/route_set.rb:50:in `dispatch'
app_1       | actionpack (6.0.3.7) lib/action_dispatch/routing/route_set.rb:33:in `serve'
app_1       | actionpack (6.0.3.7) lib/action_dispatch/journey/router.rb:49:in `block in serve'
app_1       | actionpack (6.0.3.7) lib/action_dispatch/journey/router.rb:32:in `each'
app_1       | actionpack (6.0.3.7) lib/action_dispatch/journey/router.rb:32:in `serve'
app_1       | actionpack (6.0.3.7) lib/action_dispatch/routing/route_set.rb:834:in `call'
app_1       | bullet (6.1.4) lib/bullet/rack.rb:15:in `call'
app_1       | rack (2.2.3) lib/rack/deflater.rb:44:in `call'
app_1       | warden (1.2.9) lib/warden/manager.rb:36:in `block in call'
app_1       | warden (1.2.9) lib/warden/manager.rb:34:in `catch'
app_1       | warden (1.2.9) lib/warden/manager.rb:34:in `call'
app_1       | rack (2.2.3) lib/rack/tempfile_reaper.rb:15:in `call'
app_1       | rack (2.2.3) lib/rack/etag.rb:27:in `call'
app_1       | rack (2.2.3) lib/rack/conditional_get.rb:40:in `call'
app_1       | rack (2.2.3) lib/rack/head.rb:12:in `call'
app_1       | actionpack (6.0.3.7) lib/action_dispatch/http/content_security_policy.rb:18:in `call'
app_1       | rack (2.2.3) lib/rack/session/abstract/id.rb:266:in `context'
app_1       | rack (2.2.3) lib/rack/session/abstract/id.rb:260:in `call'
app_1       | actionpack (6.0.3.7) lib/action_dispatch/middleware/cookies.rb:648:in `call'
app_1       | activerecord (6.0.3.7) lib/active_record/migration.rb:567:in `call'
app_1       | actionpack (6.0.3.7) lib/action_dispatch/middleware/callbacks.rb:27:in `block in call'
app_1       | activesupport (6.0.3.7) lib/active_support/callbacks.rb:101:in `run_callbacks'
app_1       | actionpack (6.0.3.7) lib/action_dispatch/middleware/callbacks.rb:26:in `call'
app_1       | actionpack (6.0.3.7) lib/action_dispatch/middleware/executor.rb:14:in `call'
app_1       | actionpack (6.0.3.7) lib/action_dispatch/middleware/actionable_exceptions.rb:18:in `call'
app_1       | actionpack (6.0.3.7) lib/action_dispatch/middleware/debug_exceptions.rb:32:in `call'
app_1       | web-console (4.1.0) lib/web_console/middleware.rb:132:in `call_app'
app_1       | web-console (4.1.0) lib/web_console/middleware.rb:28:in `block in call'
app_1       | web-console (4.1.0) lib/web_console/middleware.rb:17:in `catch'
app_1       | web-console (4.1.0) lib/web_console/middleware.rb:17:in `call'
app_1       | actionpack (6.0.3.7) lib/action_dispatch/middleware/show_exceptions.rb:33:in `call'
app_1       | rack-dev-mark (0.7.9) lib/rack/dev-mark/middleware.rb:19:in `call'
app_1       | railties (6.0.3.7) lib/rails/rack/logger.rb:37:in `call_app'
app_1       | railties (6.0.3.7) lib/rails/rack/logger.rb:26:in `block in call'
app_1       | activesupport (6.0.3.7) lib/active_support/tagged_logging.rb:80:in `block in tagged'
app_1       | activesupport (6.0.3.7) lib/active_support/tagged_logging.rb:28:in `tagged'
app_1       | activesupport (6.0.3.7) lib/active_support/tagged_logging.rb:80:in `tagged'
app_1       | railties (6.0.3.7) lib/rails/rack/logger.rb:26:in `call'
app_1       | sprockets-rails (3.2.2) lib/sprockets/rails/quiet_assets.rb:13:in `call'
app_1       | actionpack (6.0.3.7) lib/action_dispatch/middleware/remote_ip.rb:81:in `call'
app_1       | request_store (1.5.0) lib/request_store/middleware.rb:19:in `call'
app_1       | actionpack (6.0.3.7) lib/action_dispatch/middleware/request_id.rb:27:in `call'
app_1       | rack (2.2.3) lib/rack/method_override.rb:24:in `call'
app_1       | rack (2.2.3) lib/rack/runtime.rb:22:in `call'
app_1       | activesupport (6.0.3.7) lib/active_support/cache/strategy/local_cache_middleware.rb:29:in `call'
app_1       | actionpack (6.0.3.7) lib/action_dispatch/middleware/executor.rb:14:in `call'
app_1       | actionpack (6.0.3.7) lib/action_dispatch/middleware/static.rb:126:in `call'
app_1       | rack (2.2.3) lib/rack/sendfile.rb:110:in `call'
app_1       | actionpack (6.0.3.7) lib/action_dispatch/middleware/host_authorization.rb:82:in `call'
app_1       | rack-cors (1.1.1) lib/rack/cors.rb:100:in `call'
app_1       | secure_headers (6.3.2) lib/secure_headers/middleware.rb:11:in `call'
app_1       | sentry-raven (3.1.2) lib/raven/integrations/rack.rb:51:in `call'
app_1       | webpacker (4.3.0) lib/webpacker/dev_server_proxy.rb:23:in `perform_request'
app_1       | rack-proxy (0.6.5) lib/rack/proxy.rb:57:in `call'
app_1       | railties (6.0.3.7) lib/rails/engine.rb:527:in `call'
app_1       | puma (5.3.2) lib/puma/configuration.rb:249:in `call'
app_1       | puma (5.3.2) lib/puma/request.rb:77:in `block in handle_request'
app_1       | puma (5.3.2) lib/puma/thread_pool.rb:338:in `with_force_shutdown'
app_1       | puma (5.3.2) lib/puma/request.rb:76:in `handle_request'
app_1       | puma (5.3.2) lib/puma/server.rb:438:in `process_client'
app_1       | puma (5.3.2) lib/puma/thread_pool.rb:145:in `block in spawn_thread'

Probably because the number of arguments in Doorkeeper::OAuth::PasswordAccessTokenRequest has changed since doorkeeper 5.5. https://github.com/toupeira/doorkeeper/blob/ce48908b4c11a5956f23f56c1aa084d80d5b2cec/lib/doorkeeper/oauth/password_access_token_request.rb#L15

it resolved when I downgrade to Doorkeeper 5.4. I'd appreciate anybody help.

Regards

CircumnavigatingFlatEarther commented 3 years ago

I tried matching the initialize method in doorkeeper-openid_connect and set skip_client_authentication_for_password_grant to true in the doorkeeper config and it resolved the issue.

Further testing is needed.

Antiarchitect commented 3 years ago

Also experiencing this with doorkeeper-openid_connect 1.8.0 + doorkeeper 5.5.2