Authentication issue for on premise open vsx and on premise github

[skopcsa]

Hello,

First of, thank you so much for this project! We really appreciate it.

I am trying to deploy open vsx internally though Kubernetes. I have the frontend, backend, elasticsearch and postgresql deployed and they seems to be fine.

I can access the web ui and currently, there are no extensions but this is normal - I just deployed it.

Then, I am trying to configure open vsx to use our internally hosted github for authentication and this is where I am stuck :(

The flow (from web ui) is:

1. I click on login and being redirected to our github to authorize
2. I authorize and then I am redirected back to the web ui.
3. I can see the users into my GitHub OAuth app is set to 1
4. Issue is, I am redirected to ?auth-error

Do you know what might cause this?

==============================

My versions are:

• frontend and backend: 0.12.0 => I tried newer versions but I get some errors and the pod keeps restarting
• postgresql: 14.7-alpine
• elasticsearch: 8.7.1

My application.yml file is (I tried different combinations):

 server:
  address: 0.0.0.0
  port: 8080
  shutdown: graceful
  use-forward-headers: true
  compression:
    enabled: true
    mime-types: text/html,text/plain,text/css,application/javascript,application/json,text/xml,application/xml,application/xml+rss,text/javascript
    min-response-size: 1024
  servlet:
    session:
      cookie:
        same-site: None  # This will set SameSite=None
        secure: false    # Ensure cookies are only sent over HTTPS

spring:
  profiles:
    include: ovsx
  cache:
    jcache:
      config: classpath:ehcache.xml
  datasource:
    url: jdbc:postgresql://postgres:5432/<db>
    username: <user>
    password: <password>
  flyway:
    baseline-on-migrate: true
    baseline-version: 0.1.0
    baseline-description: JobRunr tables
  jpa:
    open-in-view: false
    properties:
      hibernate:
        dialect: org.hibernate.dialect.PostgreSQLDialect
    hibernate:
      ddl-auto: none
  session:
    timeout: 3600 
    store-type: jdbc
    jdbc:
      initialize-schema: never
  web:
    cors:
      allowed-origins: "<ingress host>"  # Change this to the domain of your frontend
      allowed-methods: GET, POST, PUT, DELETE, OPTIONS
      allowed-headers: Authorization, Content-Type, Cache-Control, X-Requested-With
      exposed-headers: Authorization, link, location
      allow-credentials: true
      max-age: 3600
  security:
    oauth2:
      client:
        registration:
          github:
            client-id: <client ID>
            client-secret: <client secret>
            redirect-uri-template: "{baseUrl}/login/oauth2/code/{registrationId}"
            authorization-grant-type: authorization_code
            client-authentication-method: client_secret_post
            scope:
              - read:user
              - user:email

        provider:
          github:
            authorization-uri: https://<github internal host>/login/oauth/authorize
            token-uri: https://<github internal host>/login/oauth/access_token
            user-info-uri: https://api<github internal host>/user
            user-name-attribute: login  # GitHub uses "login" as the attribute name for the username

logging:
  level:
    root: DEBUG
    org.springframework.security: DEBUG

management:
  health:
    probes:
      enabled: true
  endpoints:
    web:
      exposure:
        include:
          - health
          - metrics
          - prometheus
  metrics:
    distribution:
      percentiles-histogram:
        http:
          server:
            requests: true
          client:
            requests: true

springdoc:
  swagger-ui:
    docExpansion: list
    operationsSorter: alpha
    supportedSubmitMethods:
      - get

org:
  jobrunr:
    job-scheduler:
      enabled: true
    background-job-server:
      enabled: true
      worker-count: 2
    dashboard:
      enabled: false
    database:
      type: sql
    miscellaneous:
      allow-anonymous-data-usage: false

bucket4j:
  enabled: false
  filters:
    - cache-name: buckets
      url: '/api/-/(namespace/create|publish)'
      http-response-headers:
        Access-Control-Allow-Origin: '*'
        Access-Control-Expose-Headers: X-Rate-Limit-Retry-After-Seconds, X-Rate-Limit-Remaining
      rate-limits:
        - expression: getParameter("token")
          bandwidths:
            - capacity: 15
              time: 1
              unit: seconds
    - cache-name: buckets
      url: '/vscode/asset/.*/.*/.*/Microsoft.VisualStudio.Services.Icons.Default'
      http-response-headers:
        Access-Control-Allow-Origin: '*'
        Access-Control-Expose-Headers: X-Rate-Limit-Retry-After-Seconds, X-Rate-Limit-Remaining
      rate-limits:
        - expression: getRemoteAddr()
          bandwidths:
            - capacity: 75
              time: 1
              unit: seconds
    - cache-name: buckets
      url: '/vscode/(?!asset/.*/.*/.*/Microsoft.VisualStudio.Services.Icons.Default).*|/api/(?!(.*/.*/review(/delete)?)|(-/(namespace/create|publish))).*'
      http-response-headers:
        Access-Control-Allow-Origin: '*'
        Access-Control-Expose-Headers: X-Rate-Limit-Retry-After-Seconds, X-Rate-Limit-Remaining
      rate-limits:
        - expression: getRemoteAddr()
          bandwidths:
            - capacity: 15
              time: 1
              unit: seconds

ovsx:
  webui:
    frontendRoutes: "/extension/**,/namespace/**,/user-settings/**,/admin-dashboard/**,/about,/publisher-agreement-*,/terms-of-use"
    url: <host>
  elasticsearch:
    host: elasticsearch-service:9200
    enabled: true
    ssl: false
    relevance:
      rating: 0.2
      downloads: 1.0
      timestamp: 3.0

This is what I see in the logs:

2023-10-04 14:29:18.353 DEBUG 1 --- [0.0-8080-exec-4] o.a.coyote.http11.Http11InputBuffer      : Received [GET /oauth2/authorization/github HTTP/1.1
.....
2023-10-04 14:29:18.354 DEBUG 1 --- [0.0-8080-exec-4] o.apache.catalina.valves.RemoteIpValve   : Skip RemoteIpValve for request /oauth2/authorization/github with originalRemoteAddr '<ip>'
2023-10-04 14:29:18.354 DEBUG 1 --- [0.0-8080-exec-4] o.a.c.authenticator.AuthenticatorBase    : Security checking request GET /oauth2/authorization/github
2023-10-04 14:29:18.354 DEBUG 1 --- [0.0-8080-exec-4] org.apache.catalina.realm.RealmBase      :   No applicable constraints defined
2023-10-04 14:29:18.354 DEBUG 1 --- [0.0-8080-exec-4] o.a.c.authenticator.AuthenticatorBase    : Not subject to any constraint
2023-10-04 14:29:18.354 DEBUG 1 --- [0.0-8080-exec-4] o.s.security.web.FilterChainProxy        : Securing GET /oauth2/authorization/github
2023-10-04 14:29:18.354 DEBUG 1 --- [0.0-8080-exec-4] o.s.s.w.h.S.SESSION_LOGGER               : No session found by id: Caching result for getSession(false) for this HttpServletRequest.
2023-10-04 14:29:18.354 DEBUG 1 --- [0.0-8080-exec-4] s.s.w.c.SecurityContextPersistenceFilter : Set SecurityContextHolder to empty SecurityContext
2023-10-04 14:29:18.355 DEBUG 1 --- [0.0-8080-exec-4] o.s.w.s.handler.SimpleUrlHandlerMapping  : Mapped to ResourceHttpRequestHandler [classpath [META-INF/resources/], classpath [resources/], classpath [static/], classpath [public/], ServletContext [/]]
2023-10-04 14:29:18.356 DEBUG 1 --- [0.0-8080-exec-4] o.s.s.w.h.S.SESSION_LOGGER               : No session found by id: Caching result for getSession(false) for this HttpServletRequest.
2023-10-04 14:29:18.356 DEBUG 1 --- [0.0-8080-exec-4] org.apache.tomcat.util.http.Parameters   : Set encoding to UTF-8
2023-10-04 14:29:18.356 DEBUG 1 --- [0.0-8080-exec-4] o.s.s.w.h.S.SESSION_LOGGER               : No session found by id: Caching result for getSession(false) for this HttpServletRequest.
2023-10-04 14:29:18.357 DEBUG 1 --- [0.0-8080-exec-4] o.s.s.w.h.S.SESSION_LOGGER               : A new session was created. To help you troubleshoot where the session was created we provided a StackTrace (this is not an error). You can prevent this from appearing by disabling DEBUG logging for org.springframework.session.web.http.SessionRepositoryFilter.SESSION_LOGGER

java.lang.RuntimeException: For debugging purposes only (not an error)
    at org.springframework.session.web.http.SessionRepositoryFilter$SessionRepositoryRequestWrapper.getSession(SessionRepositoryFilter.java:320) ~[spring-session-core-2.7.0.jar:2.7.0]
    at org.springframework.session.web.http.SessionRepositoryFilter$SessionRepositoryRequestWrapper.getSession(SessionRepositoryFilter.java:332) ~[spring-session-core-2.7.0.jar:2.7.0]
    at org.springframework.session.web.http.SessionRepositoryFilter$SessionRepositoryRequestWrapper.getSession(SessionRepositoryFilter.java:193) ~[spring-session-core-2.7.0.jar:2.7.0]
    at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:253) ~[tomcat-embed-core-9.0.64.jar:4.0.FR]
    at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:253) ~[tomcat-embed-core-9.0.64.jar:4.0.FR]
    at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:253) ~[tomcat-embed-core-9.0.64.jar:4.0.FR]
    at org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizationRequestRepository.saveAuthorizationRequest(HttpSessionOAuth2AuthorizationRequestRepository.java:79) ~[spring-security-oauth2-client-5.7.2.jar:5.7.2]
    at org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter.sendRedirectForAuthorization(OAuth2AuthorizationRequestRedirectFilter.java:216) ~[spring-security-oauth2-client-5.7.2.jar:5.7.2]
    at org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter.doFilterInternal(OAuth2AuthorizationRequestRedirectFilter.java:169) ~[spring-security-oauth2-client-5.7.2.jar:5.7.2]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.21.jar:5.3.21]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:103) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:89) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:117) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.21.jar:5.3.21]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.web.filter.CorsFilter.doFilterInternal(CorsFilter.java:91) ~[spring-web-5.3.21.jar:5.3.21]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.21.jar:5.3.21]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.21.jar:5.3.21]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:112) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:82) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:55) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.21.jar:5.3.21]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.web.session.DisableEncodeUrlFilter.doFilterInternal(DisableEncodeUrlFilter.java:42) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.21.jar:5.3.21]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:211) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:183) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:354) ~[spring-web-5.3.21.jar:5.3.21]
    at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:267) ~[spring-web-5.3.21.jar:5.3.21]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) ~[spring-web-5.3.21.jar:5.3.21]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.21.jar:5.3.21]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93) ~[spring-web-5.3.21.jar:5.3.21]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.21.jar:5.3.21]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.springframework.session.web.http.SessionRepositoryFilter.doFilterInternal(SessionRepositoryFilter.java:142) ~[spring-session-core-2.7.0.jar:2.7.0]
    at org.springframework.session.web.http.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:82) ~[spring-session-core-2.7.0.jar:2.7.0]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.springframework.boot.actuate.metrics.web.servlet.WebMvcMetricsFilter.doFilterInternal(WebMvcMetricsFilter.java:96) ~[spring-boot-actuator-2.7.1.jar:2.7.1]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.21.jar:5.3.21]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) ~[spring-web-5.3.21.jar:5.3.21]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.21.jar:5.3.21]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:197) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:769) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:360) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:399) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:890) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1787) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at java.base/java.lang.Thread.run(Thread.java:834) ~[na:na]

2023-10-04 14:29:18.430 DEBUG 1 --- [0.0-8080-exec-4] o.s.s.web.DefaultRedirectStrategy        : Redirecting to https://<internally hosted github>...
2023-10-04 14:29:18.430 DEBUG 1 --- [0.0-8080-exec-4] w.c.HttpSessionSecurityContextRepository : Did not store empty SecurityContext
2023-10-04 14:29:18.430 DEBUG 1 --- [0.0-8080-exec-4] o.s.orm.jpa.JpaTransactionManager        : Creating new transaction with name [null]: PROPAGATION_REQUIRES_NEW,ISOLATION_DEFAULT
2023-10-04 14:29:18.431 DEBUG 1 --- [0.0-8080-exec-4] o.s.orm.jpa.JpaTransactionManager        : Opened new EntityManager [SessionImpl(123337078<open>)] for JPA transaction
2023-10-04 14:29:18.431 DEBUG 1 --- [0.0-8080-exec-4] o.h.e.t.internal.TransactionImpl         : On TransactionImpl creation, JpaCompliance#isJpaTransactionComplianceEnabled == false
2023-10-04 14:29:18.431 DEBUG 1 --- [0.0-8080-exec-4] o.h.e.t.internal.TransactionImpl         : begin
2023-10-04 14:29:18.431 DEBUG 1 --- [0.0-8080-exec-4] org.postgresql.jdbc.PgConnection         :   setAutoCommit = false
2023-10-04 14:29:18.431 DEBUG 1 --- [0.0-8080-exec-4] o.s.orm.jpa.JpaTransactionManager        : Exposing JPA transaction as JDBC [org.springframework.orm.jpa.vendor.HibernateJpaDialect$HibernateConnectionHandle@1efa288a]
2023-10-04 14:29:18.431 DEBUG 1 --- [0.0-8080-exec-4] o.s.jdbc.core.JdbcTemplate               : Executing prepared SQL update
2023-10-04 14:29:18.431 DEBUG 1 --- [0.0-8080-exec-4] o.s.jdbc.core.JdbcTemplate               : Executing prepared SQL statement [INSERT INTO SPRING_SESSION (PRIMARY_ID, SESSION_ID, CREATION_TIME, LAST_ACCESS_TIME, MAX_INACTIVE_INTERVAL, EXPIRY_TIME, PRINCIPAL_NAME) VALUES (?, ?, ?, ?, ?, ?, ?)]
2023-10-04 14:29:18.432 DEBUG 1 --- [0.0-8080-exec-4] o.s.jdbc.core.JdbcTemplate               : Executing prepared SQL update
2023-10-04 14:29:18.432 DEBUG 1 --- [0.0-8080-exec-4] o.s.jdbc.core.JdbcTemplate               : Executing prepared SQL statement [INSERT INTO SPRING_SESSION_ATTRIBUTES (SESSION_PRIMARY_ID, ATTRIBUTE_NAME, ATTRIBUTE_BYTES) VALUES (?, ?, ?)]
2023-10-04 14:29:18.432 DEBUG 1 --- [0.0-8080-exec-4] o.s.jdbc.support.lob.DefaultLobHandler   : Set bytes for BLOB with length 1674
2023-10-04 14:29:18.434 DEBUG 1 --- [0.0-8080-exec-4] o.s.orm.jpa.JpaTransactionManager        : Initiating transaction commit
2023-10-04 14:29:18.434 DEBUG 1 --- [0.0-8080-exec-4] o.s.orm.jpa.JpaTransactionManager        : Committing JPA transaction on EntityManager [SessionImpl(123337078<open>)]
2023-10-04 14:29:18.434 DEBUG 1 --- [0.0-8080-exec-4] o.h.e.t.internal.TransactionImpl         : committing
2023-10-04 14:29:18.435 DEBUG 1 --- [0.0-8080-exec-4] org.postgresql.jdbc.PgConnection         :   setAutoCommit = true
2023-10-04 14:29:18.435 DEBUG 1 --- [0.0-8080-exec-4] o.s.orm.jpa.JpaTransactionManager        : Closing JPA EntityManager [SessionImpl(123337078<open>)] after transaction
2023-10-04 14:29:18.436 DEBUG 1 --- [0.0-8080-exec-4] w.c.HttpSessionSecurityContextRepository : Did not store empty SecurityContext
2023-10-04 14:29:18.436 DEBUG 1 --- [0.0-8080-exec-4] s.s.w.c.SecurityContextPersistenceFilter : Cleared SecurityContextHolder to complete request
2023-10-04 14:29:18.436 DEBUG 1 --- [0.0-8080-exec-4] o.s.orm.jpa.JpaTransactionManager        : Creating new transaction with name [null]: PROPAGATION_REQUIRES_NEW,ISOLATION_DEFAULT
2023-10-04 14:29:18.436 DEBUG 1 --- [0.0-8080-exec-4] o.s.orm.jpa.JpaTransactionManager        : Opened new EntityManager [SessionImpl(1260092634<open>)] for JPA transaction
2023-10-04 14:29:18.436 DEBUG 1 --- [0.0-8080-exec-4] o.h.e.t.internal.TransactionImpl         : On TransactionImpl creation, JpaCompliance#isJpaTransactionComplianceEnabled == false
2023-10-04 14:29:18.436 DEBUG 1 --- [0.0-8080-exec-4] o.h.e.t.internal.TransactionImpl         : begin
2023-10-04 14:29:18.436 DEBUG 1 --- [0.0-8080-exec-4] org.postgresql.jdbc.PgConnection         :   setAutoCommit = false
2023-10-04 14:29:18.436 DEBUG 1 --- [0.0-8080-exec-4] o.s.orm.jpa.JpaTransactionManager        : Exposing JPA transaction as JDBC [org.springframework.orm.jpa.vendor.HibernateJpaDialect$HibernateConnectionHandle@2ba5008b]
2023-10-04 14:29:18.436 DEBUG 1 --- [0.0-8080-exec-4] o.s.orm.jpa.JpaTransactionManager        : Initiating transaction commit
2023-10-04 14:29:18.436 DEBUG 1 --- [0.0-8080-exec-4] o.s.orm.jpa.JpaTransactionManager        : Committing JPA transaction on EntityManager [SessionImpl(1260092634<open>)]
2023-10-04 14:29:18.436 DEBUG 1 --- [0.0-8080-exec-4] o.h.e.t.internal.TransactionImpl         : committing
2023-10-04 14:29:18.436 DEBUG 1 --- [0.0-8080-exec-4] org.postgresql.jdbc.PgConnection         :   setAutoCommit = true
2023-10-04 14:29:18.436 DEBUG 1 --- [0.0-8080-exec-4] o.s.orm.jpa.JpaTransactionManager        : Closing JPA EntityManager [SessionImpl(1260092634<open>)] after transaction
2023-10-04 14:29:18.437 DEBUG 1 --- [0.0-8080-exec-4] o.a.coyote.http11.Http11InputBuffer      : Before fill(): parsingHeader: [true], parsingRequestLine: [true], parsingRequestLinePhase: [0], parsingRequestLineStart: [0], byteBuffer.position(): [0], byteBuffer.limit(): [0], end: [755]
2023-10-04 14:29:18.437 DEBUG 1 --- [0.0-8080-exec-4] o.a.tomcat.util.net.SocketWrapperBase    : Socket: [org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper@793717fa:org.apache.tomcat.util.net.NioChannel@5eb36ebd:java.nio.channels.SocketChannel[connected local=/<ip>:8080 remote=/<ip>:<port>]], Read from buffer: [0]
2023-10-04 14:29:18.437 DEBUG 1 --- [0.0-8080-exec-4] org.apache.tomcat.util.net.NioEndpoint   : Socket: [org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper@793717fa:org.apache.tomcat.util.net.NioChannel@5eb36ebd:java.nio.channels.SocketChannel[connected local=/<ip>:8080 remote=/<ip>:<port>]], Read direct from socket: [0]
2023-10-04 14:29:18.437 DEBUG 1 --- [0.0-8080-exec-4] o.a.coyote.http11.Http11InputBuffer      : Received []
2023-10-04 14:29:18.437 DEBUG 1 --- [0.0-8080-exec-4] o.apache.coyote.http11.Http11Processor   : Socket: [org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper@793717fa:org.apache.tomcat.util.net.NioChannel@5eb36ebd:java.nio.channels.SocketChannel[connected local=/<ip>:8080 remote=/<ip>:<port>]], Status in: [OPEN_READ], State out: [OPEN]
2023-10-04 14:29:18.437 DEBUG 1 --- [0.0-8080-exec-4] org.apache.tomcat.util.net.NioEndpoint   : Registered read interest for [org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper@793717fa:org.apache.tomcat.util.net.NioChannel@5eb36ebd:java.nio.channels.SocketChannel[connected local=/<ip>:8080 remote=/<ip>:<port>]]
2023-10-04 14:29:18.802 DEBUG 1 --- [0.0-8080-exec-5] o.a.coyote.http11.Http11InputBuffer      : Before fill(): parsingHeader: [true], parsingRequestLine: [true], parsingRequestLinePhase: [0], parsingRequestLineStart: [0], byteBuffer.position(): [0], byteBuffer.limit(): [0], end: [755]
2023-10-04 14:29:18.802 DEBUG 1 --- [0.0-8080-exec-5] o.a.tomcat.util.net.SocketWrapperBase    : Socket: [org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper@793717fa:org.apache.tomcat.util.net.NioChannel@5eb36ebd:java.nio.channels.SocketChannel[connected local=/<ip>:8080 remote=/<ip>:<port>]], Read from buffer: [0]
2023-10-04 14:29:18.802 DEBUG 1 --- [0.0-8080-exec-5] org.apache.tomcat.util.net.NioEndpoint   : Socket: [org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper@793717fa:org.apache.tomcat.util.net.NioChannel@5eb36ebd:java.nio.channels.SocketChannel[connected local=/<ip>:8080 remote=/<ip>:<port>]], Read direct from socket: [820]
2023-10-04 14:29:18.802 DEBUG 1 --- [0.0-8080-exec-5] o.a.coyote.http11.Http11InputBuffer      : Received [GET /login/oauth2/code/github?code=<code>&state=YmQgz3twgat9Hq-H9zTJsQ97HrcfDdyjyWgfFV9D60g%3D HTTP/1.1
.....
2023-10-04 14:29:18.802 DEBUG 1 --- [0.0-8080-exec-5] o.apache.catalina.valves.RemoteIpValve   : Skip RemoteIpValve for request /login/oauth2/code/github with originalRemoteAddr '<ip>'
2023-10-04 14:29:18.803 DEBUG 1 --- [0.0-8080-exec-5] o.a.c.authenticator.AuthenticatorBase    : Security checking request GET /login/oauth2/code/github
2023-10-04 14:29:18.803 DEBUG 1 --- [0.0-8080-exec-5] org.apache.catalina.realm.RealmBase      :   No applicable constraints defined
2023-10-04 14:29:18.803 DEBUG 1 --- [0.0-8080-exec-5] o.a.c.authenticator.AuthenticatorBase    : Not subject to any constraint
2023-10-04 14:29:18.803 DEBUG 1 --- [0.0-8080-exec-5] o.s.security.web.FilterChainProxy        : Securing GET /login/oauth2/code/github?code=<code>&state=YmQgz3twgat9Hq-H9zTJsQ97HrcfDdyjyWgfFV9D60g%3D
2023-10-04 14:29:18.803 DEBUG 1 --- [0.0-8080-exec-5] o.s.s.w.h.S.SESSION_LOGGER               : No session found by id: Caching result for getSession(false) for this HttpServletRequest.
2023-10-04 14:29:18.803 DEBUG 1 --- [0.0-8080-exec-5] s.s.w.c.SecurityContextPersistenceFilter : Set SecurityContextHolder to empty SecurityContext
2023-10-04 14:29:18.804 DEBUG 1 --- [0.0-8080-exec-5] o.s.w.s.handler.SimpleUrlHandlerMapping  : Mapped to ResourceHttpRequestHandler [classpath [META-INF/resources/], classpath [resources/], classpath [static/], classpath [public/], ServletContext [/]]
2023-10-04 14:29:18.804 DEBUG 1 --- [0.0-8080-exec-5] o.s.s.w.h.S.SESSION_LOGGER               : No session found by id: Caching result for getSession(false) for this HttpServletRequest.
2023-10-04 14:29:18.805 DEBUG 1 --- [0.0-8080-exec-5] org.apache.tomcat.util.http.Parameters   : Set encoding to UTF-8
2023-10-04 14:29:18.805 DEBUG 1 --- [0.0-8080-exec-5] org.apache.tomcat.util.http.Parameters   : Decoding query null UTF-8
2023-10-04 14:29:18.805 DEBUG 1 --- [0.0-8080-exec-5] org.apache.tomcat.util.http.Parameters   : Start processing with input [code=<code>&state=YmQgz3twgat9Hq-H9zTJsQ97HrcfDdyjyWgfFV9D60g%3D]
2023-10-04 14:29:18.805 DEBUG 1 --- [0.0-8080-exec-5] o.s.s.w.h.S.SESSION_LOGGER               : No session found by id: Caching result for getSession(false) for this HttpServletRequest.
2023-10-04 14:29:18.805 DEBUG 1 --- [0.0-8080-exec-5] o.s.s.w.h.S.SESSION_LOGGER               : No session found by id: Caching result for getSession(false) for this HttpServletRequest.
2023-10-04 14:29:18.806 DEBUG 1 --- [0.0-8080-exec-5] o.s.s.w.h.S.SESSION_LOGGER               : A new session was created. To help you troubleshoot where the session was created we provided a StackTrace (this is not an error). You can prevent this from appearing by disabling DEBUG logging for org.springframework.session.web.http.SessionRepositoryFilter.SESSION_LOGGER

java.lang.RuntimeException: For debugging purposes only (not an error)
    at org.springframework.session.web.http.SessionRepositoryFilter$SessionRepositoryRequestWrapper.getSession(SessionRepositoryFilter.java:320) ~[spring-session-core-2.7.0.jar:2.7.0]
    at org.springframework.session.web.http.SessionRepositoryFilter$SessionRepositoryRequestWrapper.getSession(SessionRepositoryFilter.java:332) ~[spring-session-core-2.7.0.jar:2.7.0]
    at org.springframework.session.web.http.SessionRepositoryFilter$SessionRepositoryRequestWrapper.getSession(SessionRepositoryFilter.java:193) ~[spring-session-core-2.7.0.jar:2.7.0]
    at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:253) ~[tomcat-embed-core-9.0.64.jar:4.0.FR]
    at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:253) ~[tomcat-embed-core-9.0.64.jar:4.0.FR]
    at javax.servlet.http.HttpServletRequestWrapper.getSession(HttpServletRequestWrapper.java:253) ~[tomcat-embed-core-9.0.64.jar:4.0.FR]
    at org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizationRequestRepository.removeAuthorizationRequest(HttpSessionOAuth2AuthorizationRequestRepository.java:93) ~[spring-security-oauth2-client-5.7.2.jar:5.7.2]
    at org.springframework.security.oauth2.client.web.HttpSessionOAuth2AuthorizationRequestRepository.removeAuthorizationRequest(HttpSessionOAuth2AuthorizationRequestRepository.java:109) ~[spring-security-oauth2-client-5.7.2.jar:5.7.2]
    at org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter.attemptAuthentication(OAuth2LoginAuthenticationFilter.java:170) ~[spring-security-oauth2-client-5.7.2.jar:5.7.2]
    at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:227) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:217) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter.doFilterInternal(OAuth2AuthorizationRequestRedirectFilter.java:178) ~[spring-security-oauth2-client-5.7.2.jar:5.7.2]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.21.jar:5.3.21]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:103) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:89) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.web.csrf.CsrfFilter.doFilterInternal(CsrfFilter.java:117) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.21.jar:5.3.21]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.web.filter.CorsFilter.doFilterInternal(CorsFilter.java:91) ~[spring-web-5.3.21.jar:5.3.21]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.21.jar:5.3.21]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.web.header.HeaderWriterFilter.doHeadersAfter(HeaderWriterFilter.java:90) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.web.header.HeaderWriterFilter.doFilterInternal(HeaderWriterFilter.java:75) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.21.jar:5.3.21]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:112) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:82) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:55) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.21.jar:5.3.21]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.web.session.DisableEncodeUrlFilter.doFilterInternal(DisableEncodeUrlFilter.java:42) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.21.jar:5.3.21]
    at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:336) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:211) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:183) ~[spring-security-web-5.7.2.jar:5.7.2]
    at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:354) ~[spring-web-5.3.21.jar:5.3.21]
    at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:267) ~[spring-web-5.3.21.jar:5.3.21]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:100) ~[spring-web-5.3.21.jar:5.3.21]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.21.jar:5.3.21]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:93) ~[spring-web-5.3.21.jar:5.3.21]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.21.jar:5.3.21]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.springframework.session.web.http.SessionRepositoryFilter.doFilterInternal(SessionRepositoryFilter.java:142) ~[spring-session-core-2.7.0.jar:2.7.0]
    at org.springframework.session.web.http.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:82) ~[spring-session-core-2.7.0.jar:2.7.0]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.springframework.boot.actuate.metrics.web.servlet.WebMvcMetricsFilter.doFilterInternal(WebMvcMetricsFilter.java:96) ~[spring-boot-actuator-2.7.1.jar:2.7.1]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.21.jar:5.3.21]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:201) ~[spring-web-5.3.21.jar:5.3.21]
    at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:117) ~[spring-web-5.3.21.jar:5.3.21]
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:197) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.catalina.valves.RemoteIpValve.invoke(RemoteIpValve.java:769) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:360) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:399) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:890) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1787) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) ~[tomcat-embed-core-9.0.64.jar:9.0.64]
    at java.base/java.lang.Thread.run(Thread.java:834) ~[na:na]

2023-10-04 14:29:18.830 DEBUG 1 --- [0.0-8080-exec-5] o.s.s.web.DefaultRedirectStrategy        : Redirecting to http://<host>?auth-error
2023-10-04 14:29:18.830 DEBUG 1 --- [0.0-8080-exec-5] w.c.HttpSessionSecurityContextRepository : Did not store empty SecurityContext
2023-10-04 14:29:18.830 DEBUG 1 --- [0.0-8080-exec-5] o.s.orm.jpa.JpaTransactionManager        : Creating new transaction with name [null]: PROPAGATION_REQUIRES_NEW,ISOLATION_DEFAULT
2023-10-04 14:29:18.830 DEBUG 1 --- [0.0-8080-exec-5] o.s.orm.jpa.JpaTransactionManager        : Opened new EntityManager [SessionImpl(1702181702<open>)] for JPA transaction
2023-10-04 14:29:18.830 DEBUG 1 --- [0.0-8080-exec-5] o.h.e.t.internal.TransactionImpl         : On TransactionImpl creation, JpaCompliance#isJpaTransactionComplianceEnabled == false
2023-10-04 14:29:18.831 DEBUG 1 --- [0.0-8080-exec-5] o.h.e.t.internal.TransactionImpl         : begin
2023-10-04 14:29:18.831 DEBUG 1 --- [0.0-8080-exec-5] org.postgresql.jdbc.PgConnection         :   setAutoCommit = false
2023-10-04 14:29:18.831 DEBUG 1 --- [0.0-8080-exec-5] o.s.orm.jpa.JpaTransactionManager        : Exposing JPA transaction as JDBC [org.springframework.orm.jpa.vendor.HibernateJpaDialect$HibernateConnectionHandle@242fb6df]
2023-10-04 14:29:18.831 DEBUG 1 --- [0.0-8080-exec-5] o.s.jdbc.core.JdbcTemplate               : Executing prepared SQL update
2023-10-04 14:29:18.831 DEBUG 1 --- [0.0-8080-exec-5] o.s.jdbc.core.JdbcTemplate               : Executing prepared SQL statement [INSERT INTO SPRING_SESSION (PRIMARY_ID, SESSION_ID, CREATION_TIME, LAST_ACCESS_TIME, MAX_INACTIVE_INTERVAL, EXPIRY_TIME, PRINCIPAL_NAME) VALUES (?, ?, ?, ?, ?, ?, ?)]
2023-10-04 14:29:18.831 DEBUG 1 --- [0.0-8080-exec-5] o.s.jdbc.core.JdbcTemplate               : Executing prepared SQL update
2023-10-04 14:29:18.831 DEBUG 1 --- [0.0-8080-exec-5] o.s.jdbc.core.JdbcTemplate               : Executing prepared SQL statement [INSERT INTO SPRING_SESSION_ATTRIBUTES (SESSION_PRIMARY_ID, ATTRIBUTE_NAME, ATTRIBUTE_BYTES) VALUES (?, ?, ?)]
2023-10-04 14:29:18.832 DEBUG 1 --- [0.0-8080-exec-5] o.s.jdbc.support.lob.DefaultLobHandler   : Set bytes for BLOB with length 6224
2023-10-04 14:29:18.930 DEBUG 1 --- [0.0-8080-exec-5] o.s.orm.jpa.JpaTransactionManager        : Initiating transaction commit
2023-10-04 14:29:18.930 DEBUG 1 --- [0.0-8080-exec-5] o.s.orm.jpa.JpaTransactionManager        : Committing JPA transaction on EntityManager [SessionImpl(1702181702<open>)]
2023-10-04 14:29:18.930 DEBUG 1 --- [0.0-8080-exec-5] o.h.e.t.internal.TransactionImpl         : committing
2023-10-04 14:29:18.931 DEBUG 1 --- [0.0-8080-exec-5] org.postgresql.jdbc.PgConnection         :   setAutoCommit = true
2023-10-04 14:29:18.931 DEBUG 1 --- [0.0-8080-exec-5] o.s.orm.jpa.JpaTransactionManager        : Closing JPA EntityManager [SessionImpl(1702181702<open>)] after transaction
2023-10-04 14:29:18.932 DEBUG 1 --- [0.0-8080-exec-5] w.c.HttpSessionSecurityContextRepository : Did not store empty SecurityContext
2023-10-04 14:29:18.932 DEBUG 1 --- [0.0-8080-exec-5] s.s.w.c.SecurityContextPersistenceFilter : Cleared SecurityContextHolder to complete request
2023-10-04 14:29:18.932 DEBUG 1 --- [0.0-8080-exec-5] o.s.orm.jpa.JpaTransactionManager        : Creating new transaction with name [null]: PROPAGATION_REQUIRES_NEW,ISOLATION_DEFAULT
2023-10-04 14:29:18.932 DEBUG 1 --- [0.0-8080-exec-5] o.s.orm.jpa.JpaTransactionManager        : Opened new EntityManager [SessionImpl(721477653<open>)] for JPA transaction
2023-10-04 14:29:18.932 DEBUG 1 --- [0.0-8080-exec-5] o.h.e.t.internal.TransactionImpl         : On TransactionImpl creation, JpaCompliance#isJpaTransactionComplianceEnabled == false
2023-10-04 14:29:18.932 DEBUG 1 --- [0.0-8080-exec-5] o.h.e.t.internal.TransactionImpl         : begin
2023-10-04 14:29:18.932 DEBUG 1 --- [0.0-8080-exec-5] org.postgresql.jdbc.PgConnection         :   setAutoCommit = false
2023-10-04 14:29:18.932 DEBUG 1 --- [0.0-8080-exec-5] o.s.orm.jpa.JpaTransactionManager        : Exposing JPA transaction as JDBC [org.springframework.orm.jpa.vendor.HibernateJpaDialect$HibernateConnectionHandle@69c63c2]
2023-10-04 14:29:18.932 DEBUG 1 --- [0.0-8080-exec-5] o.s.orm.jpa.JpaTransactionManager        : Initiating transaction commit
2023-10-04 14:29:18.932 DEBUG 1 --- [0.0-8080-exec-5] o.s.orm.jpa.JpaTransactionManager        : Committing JPA transaction on EntityManager [SessionImpl(721477653<open>)]
2023-10-04 14:29:18.932 DEBUG 1 --- [0.0-8080-exec-5] o.h.e.t.internal.TransactionImpl         : committing
2023-10-04 14:29:18.932 DEBUG 1 --- [0.0-8080-exec-5] org.postgresql.jdbc.PgConnection         :   setAutoCommit = true
2023-10-04 14:29:18.932 DEBUG 1 --- [0.0-8080-exec-5] o.s.orm.jpa.JpaTransactionManager        : Closing JPA EntityManager [SessionImpl(721477653<open>)] after transaction
2023-10-04 14:29:19.031 DEBUG 1 --- [0.0-8080-exec-5] o.a.coyote.http11.Http11InputBuffer      : Before fill(): parsingHeader: [true], parsingRequestLine: [true], parsingRequestLinePhase: [0], parsingRequestLineStart: [0], byteBuffer.position(): [0], byteBuffer.limit(): [0], end: [820]
2023-10-04 14:29:19.031 DEBUG 1 --- [0.0-8080-exec-5] o.a.tomcat.util.net.SocketWrapperBase    : Socket: [org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper@793717fa:org.apache.tomcat.util.net.NioChannel@5eb36ebd:java.nio.channels.SocketChannel[connected local=/<ip>:8080 remote=/<ip>:<port>]], Read from buffer: [0]
2023-10-04 14:29:19.031 DEBUG 1 --- [0.0-8080-exec-5] org.apache.tomcat.util.net.NioEndpoint   : Socket: [org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper@793717fa:org.apache.tomcat.util.net.NioChannel@5eb36ebd:java.nio.channels.SocketChannel[connected local=/<ip>:8080 remote=/<ip>:<port>]], Read direct from socket: [0]
2023-10-04 14:29:19.031 DEBUG 1 --- [0.0-8080-exec-5] o.a.coyote.http11.Http11InputBuffer      : Received []
2023-10-04 14:29:19.031 DEBUG 1 --- [0.0-8080-exec-5] o.apache.coyote.http11.Http11Processor   : Socket: [org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper@793717fa:org.apache.tomcat.util.net.NioChannel@5eb36ebd:java.nio.channels.SocketChannel[connected local=/<ip>:8080 remote=/<ip>:<port>]], Status in: [OPEN_READ], State out: [OPEN]
2023-10-04 14:29:19.031 DEBUG 1 --- [0.0-8080-exec-5] org.apache.tomcat.util.net.NioEndpoint   : Registered read interest for [org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper@793717fa:org.apache.tomcat.util.net.NioChannel@5eb36ebd:java.nio.channels.SocketChannel[connected local=/<ip>:8080 remote=/<ip>:<port>]]
2023-10-04 14:29:19.273 DEBUG 1 --- [0.0-8080-exec-7] o.a.coyote.http11.Http11InputBuffer      : Before fill(): parsingHeader: [true], parsingRequestLine: [true], parsingRequestLinePhase: [0], parsingRequestLineStart: [0], byteBuffer.position(): [0], byteBuffer.limit(): [0], end: [820]
2023-10-04 14:29:19.274 DEBUG 1 --- [0.0-8080-exec-7] o.a.tomcat.util.net.SocketWrapperBase    : Socket: [org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper@793717fa:org.apache.tomcat.util.net.NioChannel@5eb36ebd:java.nio.channels.SocketChannel[connected local=/<ip>:8080 remote=/<ip>:<port>]], Read from buffer: [0]
2023-10-04 14:29:19.274 DEBUG 1 --- [0.0-8080-exec-7] org.apache.tomcat.util.net.NioEndpoint   : Socket: [org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper@793717fa:org.apache.tomcat.util.net.NioChannel@5eb36ebd:java.nio.channels.SocketChannel[connected local=/<ip>:8080 remote=/<ip>:<port>]], Read direct from socket: [594]
2023-10-04 14:29:19.274 DEBUG 1 --- [0.0-8080-exec-7] o.a.coyote.http11.Http11InputBuffer      : Received [GET /user/auth-error HTTP/1.1
...
2023-10-04 14:29:19.274 DEBUG 1 --- [0.0-8080-exec-7] o.apache.catalina.valves.RemoteIpValve   : Skip RemoteIpValve for request /user/auth-error with originalRemoteAddr '<ip>'
2023-10-04 14:29:19.274 DEBUG 1 --- [0.0-8080-exec-7] o.a.c.authenticator.AuthenticatorBase    : Security checking request GET /user/auth-error
2023-10-04 14:29:19.274 DEBUG 1 --- [0.0-8080-exec-7] org.apache.catalina.realm.RealmBase      :   No applicable constraints defined
2023-10-04 14:29:19.274 DEBUG 1 --- [0.0-8080-exec-7] o.a.c.authenticator.AuthenticatorBase    : Not subject to any constraint
2023-10-04 14:29:19.274 DEBUG 1 --- [0.0-8080-exec-7] o.s.security.web.FilterChainProxy        : Securing GET /user/auth-error
2023-10-04 14:29:19.275 DEBUG 1 --- [0.0-8080-exec-7] o.s.s.w.h.S.SESSION_LOGGER               : No session found by id: Caching result for getSession(false) for this HttpServletRequest.
2023-10-04 14:29:19.275 DEBUG 1 --- [0.0-8080-exec-7] s.s.w.c.SecurityContextPersistenceFilter : Set SecurityContextHolder to empty SecurityContext
2023-10-04 14:29:19.279 DEBUG 1 --- [0-8080-Acceptor] o.apache.tomcat.util.threads.LimitLatch  : Counting up[http-nio-0.0.0.0-8080-Acceptor] latch=2
2023-10-04 14:29:19.279 DEBUG 1 --- [0.0-8080-exec-6] o.a.coyote.http11.Http11InputBuffer      : Before fill(): parsingHeader: [true], parsingRequestLine: [true], parsingRequestLinePhase: [0], parsingRequestLineStart: [0], byteBuffer.position(): [0], byteBuffer.limit(): [0], end: [583]
2023-10-04 14:29:19.279 DEBUG 1 --- [0.0-8080-exec-6] o.a.tomcat.util.net.SocketWrapperBase    : Socket: [org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper@17275ce0:org.apache.tomcat.util.net.NioChannel@1cc7d0a9:java.nio.channels.SocketChannel[connected local=/<ip>:8080 remote=/<ip>:<port>]], Read from buffer: [0]
2023-10-04 14:29:19.280 DEBUG 1 --- [0.0-8080-exec-6] org.apache.tomcat.util.net.NioEndpoint   : Socket: [org.apache.tomcat.util.net.NioEndpoint$NioSocketWrapper@17275ce0:org.apache.tomcat.util.net.NioChannel@1cc7d0a9:java.nio.channels.SocketChannel[connected local=/<ip>:8080 remote=/<ip>:<port>]], Read direct from socket: [583]
2023-10-04 14:29:19.280 DEBUG 1 --- [0.0-8080-exec-6] o.a.coyote.http11.Http11InputBuffer      : Received [GET /user HTTP/1.1
.....

[amvanbaren]

Hi @skopcsa, For the registration.github section only configure client-id and client-secret and delete the provider.github section in the application.yml file. Hope that helps.

[skopcsa]

Hello Aart,

Thank you so much for the fast reply. The issue is, I am trying to use the locally hosted (on premise) github instance for the authentication.

If I remove those lines, open vsx will try to authorize via github.com (publicly hosted). The premise github host name does not match the public one (e.g. our own is gh.< company >.com

Is this supported?

Thank you! Sergiu

[amvanbaren]

Hi Sergiu,

What is the response when you get /user/auth-error after trying to log in?

The Open VSX server uses Spring Authorization Server: https://docs.spring.io/spring-authorization-server/docs/current/reference/html/guides/how-to-social-login.html#register-social-login-provider. You could ask the Spring project whether on-premises Github is supported.

[skopcsa]

Hello Aart,

Thank you for your response!

I've made a small spring application and use the same configuration (as the one for open vsx) and I could authenticate/retrieve data from our on-premise github instance. The open vsx applications (e.g. backend, frontend, etc) are running in kubernetes (each with individual pod/host) and the application I made I've lunched it from my virtual machine.

Could there be some open vsx dependency? Maybe some additional configuration/variables? Or any idea what else should I be checking? :(

Thanks a lot! Sergiu

[Sergiu-Kopcsa]

I was looking at the server's source code and way this File: https://github.com/eclipse/openvsx/blob/e231e575c3d02c0f5c4c12b4b9314532f4542cf7/server/src/main/java/org/eclipse/openvsx/security/SecurityConfig.java#L54C28-L54C28 Line 67: configurer.failureUrl(redirectUrl + "?auth-error");

I understand if there is an error during authentication, the user (frontend) gets redirected to < host >?auth-error? Is there a way to extract more details about what went wrong? :(

[amvanbaren]

There's a couple things you can do:

• Call the /user/auth-error server (not frontend) endpoint to get the last authentication error.
• Turn on debug logging for Spring OAuth or Spring security. Add this to the application.yml file:

  logging:
  level:
  org
    springframework
      security
        oauth2: DEBUG

• Look for differences between your own authentication and Open VSX authentication. org.eclipse.openvsx.security.OAuth2UserServices.java is a good starting point.

[amvanbaren]

@skopcsa I'm closing this issue for now. Feel free to re-open it if you still have this issue.