search

frankframework / frankframework

The Frank!Framework is an easy-to-use, stateless integration framework which allows (transactional) messages to be modified and exchanged between different systems.
https://frankframework.org
Apache License 2.0
130 stars 78 forks source link

HttpSender token sharing mechanism doesn't seem to work #8025

Open bonnoiaf opened 3 days ago

bonnoiaf commented 3 days ago

Current Behavior

HTTPSenders in a config are doing thousands of token requests an hour, which is causing the receiving system to lock out the user. TokenExpiry is set to 10000. All senders in the config are using the same user/secret. Seems that for every individual call the https sender is doing a token request.

This problem occured in version 8.1.1 since last week, before that version 8.0.2 was used where the problem did not occur.

according to Tim, this change might be related: https://github.com/frankframework/frankframework/commit/cafc2bbad3ecb4d94fc7e342e0bfbe9c64b80655

Expected Behavior

token results should be (globally) shared between calls

Environment Information

FF! 8.1.1: ibis4salesforce_opportunity Running on ibis4salesforce-opportunity-app-prd using Apache Tomcat/9.0.83 Java Version: OpenJDK Runtime Environment (17.0.13+11-LTS) Heap size: 745M, total JVM memory: 1001M Free disk space: 11GB, total disk space: 15GB Up since: 2024-11-29 13:16:06 (1h)

Steps To Reproduce

No response

Configuration

example configuration of the httpsender:
<SenderPipe name="CallSalesForceGetOpportunity" storeResultInSessionKey="GetOpportunityResult">
                <HttpSender truststore="ibis4salesforce_truststore.jks" truststoreAuthAlias="salesforce_truststore" allowSelfSignedCertificates="true" tokenEndpoint="${salesforce.url.base}/${salesforce.url.oauth_service}" clientAlias="salesforce_client" authAlias="salesforce" headersParams="Accept" urlParam="GetOpportunityUrl" methodType="Get" timeout="${salesforce.timeout}" resultStatusCodeSessionKey="ResultCode" maxExecuteRetries="3" />
                <Param name="GetOpportunityUrl" sessionKey="GetOpportunityUrl" />
                <Param name="Accept" value="application/xml" />
                <Param name="Content-Type" value="application/xml" />
                <Forward name="timeout" path="Timeout" />
                <Forward name="success" path="logRecordId" />
                <Forward name="e

Input

No response

What database are you using?

No response

What browsers are you seeing the problem on?

No response

Relevant Log Output

2024-11-29 13:18:05,294 ERROR [http-nio-8080-exec-16] {cid=synthetic-message-id-0abadca1--5158c1dc_19377dac77f_-7ff1, adapter=GetOpportunityBackEndAdapter, pipe=CallSalesForceGetOpportunity} auth.HttpAuthenticator - OAUTH2 [complete=false] authentication error: timeout of [20000] ms exceeded2024-11-29 13:18:05,308 WARN  [http-nio-8080-exec-16] {cid=synthetic-message-id-0abadca1--5158c1dc_19377dac77f_-7ff1, adapter=GetOpportunityBackEndAdapter, pipe=CallSalesForceGetOpportunity} pipes.SenderPipe - timeout occurred2024-11-29 13:18:05,324 WARN  [http-nio-8080-exec-16] {cid=synthetic-message-id-0abadca1--5158c1dc_19377dac77f_-7ff1, adapter=GetOpportunityBackEndAdapter, pipe=CallGetOpportunity} processors.TransactionAttributePipeLineProcessor - Pipeline result state [ERROR] for messageId [synthetic-message-id-0abadca1--5158c1dc_19377dac77f_-7fd6] is not equal to [SUCCESS], transaction (when present and active) will be rolled back2024-11-29 13:18:05,327 ERROR [http-nio-8080-exec-16] {cid=synthetic-message-id-0abadca1--5158c1dc_19377dac77f_-7ff1, adapter=GetOpportunityBackEndAdapter, pipe=CallGetOpportunity} receivers.Receiver - Receiver [GetOpportunityReceiver] Receiver [GetOpportunityReceiver] message with messageId [synthetic-message-id-0abadca1--5158c1dc_19377dac77f_-7fd6] has already been received [1] times; maxRetries=[1]; error in procesing: [exitState [ERROR], result [<errorMessage timestamp="Fri Nov 29 13:18:05 CET 2024" originator="IAF 8.1.1" message="SenderPipe [CallSalesForceGetOpportunity] msgId [synthetic-message-id-0abadca1--5158c1dc_19377dac77f_-7fd6]: HttpSender [CallSalesForceGetOpportunity-sender] timeout of [20000] ms exceeded">  <location class="org.frankframework.pipes.SenderPipe" name="CallSalesForceGetOpportunity"/>  <details>org.frankframework.core.TimeoutException: HttpSender [CallSalesForceGetOpportunity-sender] timeout of [20000] ms exceeded  at org.frankframework.http.HttpSenderBase.sendMessage(HttpSenderBase.java:454)  at org.frankframework.http.HttpSenderBase$$FastClassBySpringCGLIB$$db3ca69c.invoke(&lt;generated&gt;)  at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:218)  at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:792)    at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocat], exitcode [504]], will continue retrieving messages in [100] seconds
{mid=ID:abc.456:1229, cid=123, adapter=fdsa, pipe=asdf} auth.HttpAuthenticator - OAUTH2-REFRESHED [complete=false] authentication error: Could not retrieve token: (400) Bad Request: {"error":"invalid_grant","error_description":"authentication failure"}

Anything else?

No response

nielsm5 commented 4 hours ago

I might have broken this in #6580