search

galasa-dev / projectmanagement

Project Management repo for Issues and ZenHub
7 stars 4 forks source link

Wrong JWT passed to REST API causes 500 internal server error #1846

Closed techcobweb closed 4 months ago

techcobweb commented 5 months ago

Bug

Get a valid JWT for prod1, then send it on a REST call to ecosystem1. You get 500 Internal Server Error back, rather than unauthorized.

24/04/2024 10:22:50.838 DEBUG qtp1883971879-199 org.eclipse.jetty.server.HttpChannel.handle - handle http://prod1-galasa-dev.cicsk8s.hursley.ibm.com/cps/framework/properties HttpChannelOverHttp@6fd2714d{s=HttpChannelState@4131ba28{s=IDLE rs=BLOCKING os=OPEN is=IDLE awp=false se=false i=true al=0},r=51,c=false/false,a=IDLE,uri=http://prod1-galasa-dev.cicsk8s.hursley.ibm.com/cps/framework/properties,age=1} 
24/04/2024 10:22:50.838 DEBUG qtp1883971879-199 org.eclipse.jetty.server.HttpChannelState.handling - handling HttpChannelState@4131ba28{s=IDLE rs=BLOCKING os=OPEN is=IDLE awp=false se=false i=true al=0}
24/04/2024 10:22:50.838 DEBUG qtp1883971879-199 org.eclipse.jetty.server.HttpChannel.handle - action DISPATCH HttpChannelOverHttp@6fd2714d{s=HttpChannelState@4131ba28{s=HANDLING rs=BLOCKING os=OPEN is=IDLE awp=false se=false i=true al=0},r=51,c=false/false,a=HANDLING,uri=http://prod1-galasa-dev.cicsk8s.hursley.ibm.com/cps/framework/properties,age=1}
24/04/2024 10:22:50.838 DEBUG qtp1883971879-199 org.eclipse.jetty.server.Server.handle - REQUEST GET /cps/framework/properties ?null on HttpChannelOverHttp@6fd2714d{s=HttpChannelState@4131ba28{s=HANDLING rs=BLOCKING os=OPEN is=IDLE awp=false se=false i=true al=0},r=51,c=false/false,a=HANDLING,uri=http://prod1-galasa-dev.cicsk8s.hursley.ibm.com/cps/framework/properties,age=1}
24/04/2024 10:22:50.838 DEBUG qtp1883971879-199 org.eclipse.jetty.server.handler.ContextHandler.doScope - scope null||/cps/framework/properties @ o.e.j.s.ServletContextHandler@74cf8b28{/,null,AVAILABLE}
24/04/2024 10:22:50.838 DEBUG qtp1883971879-199 org.eclipse.jetty.server.handler.ContextHandler.doScope - context=||/cps/framework/properties @ o.e.j.s.ServletContextHandler@74cf8b28{/,null,AVAILABLE}
24/04/2024 10:22:50.838 DEBUG qtp1883971879-199 org.eclipse.jetty.server.session.SessionHandler.doScope - Entering scope org.eclipse.jetty.server.session.SessionHandler565079667==dftMaxIdleSec=0, dispatch=REQUEST asyncstarted=false
24/04/2024 10:22:50.838 DEBUG qtp1883971879-199 org.eclipse.jetty.server.session.SessionHandler.doScope - sessionHandler=org.eclipse.jetty.server.session.SessionHandler565079667==dftMaxIdleSec=0 session=null
24/04/2024 10:22:50.838 DEBUG qtp1883971879-199 org.eclipse.jetty.servlet.ServletHandler.doScope - servlet ||/cps/framework/properties|ServletPathMapping{matchValue=, pattern=/*, servletName=org.apache.felix.http.base.internal.dispatch.DispatcherServlet-48e7b3d2, mappingMatch=PATH, servletPath=, pathInfo=/cps/framework/properties} -> org.apache.felix.http.base.internal.dispatch.DispatcherServlet-48e7b3d2==org.apache.felix.http.base.internal.dispatch.DispatcherServlet@bce33d26{jsp=null,order=-1,inst=true,async=true,src=EMBEDDED:null,STARTED}
24/04/2024 10:22:50.838 DEBUG qtp1883971879-199 org.eclipse.jetty.servlet.ServletHandler.doHandle - chain=null
24/04/2024 10:22:50.843 ERROR qtp1883971879-199 dev.galasa.framework.api.authentication.internal.OidcProvider.getRSAPublicKeyFromIssuer - Error: No matching JSON Web Key was found with key ID 'c71ef1796734fb621762b67f99da171f919a47e6'.
24/04/2024 10:22:50.844 ERROR qtp1883971879-199 dev.galasa.framework.api.authentication.JwtAuthFilter.doFilter - {"error_code":5000,"error_message":"GAL5000E: Error occured when trying to access the endpoint. Report the problem to your Galasa Ecosystem owner."}
java.lang.IllegalArgumentException: Both provided Keys cannot be null.
    at com.auth0.jwt.algorithms.RSAAlgorithm.providerForKeys(RSAAlgorithm.java:93) ~[?:?]
    at com.auth0.jwt.algorithms.Algorithm.RSA256(Algorithm.java:42) ~[?:?]
    at dev.galasa.framework.api.authentication.internal.OidcProvider.isJwtValid(OidcProvider.java:239) ~[?:?]
    at dev.galasa.framework.api.authentication.JwtAuthFilter.doFilter(JwtAuthFilter.java:86) ~[?:?]
    at org.apache.felix.http.base.internal.jakartawrappers.FilterWrapper.doFilter(FilterWrapper.java:58) ~[-1713888509303:?]
    at org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:145) ~[-1713888509303:?]
    at org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:81) ~[-1713888509303:?]
    at org.apache.felix.http.base.internal.dispatch.Dispatcher$1.doFilter(Dispatcher.java:153) ~[-1713888509303:?]
    at org.apache.felix.http.base.internal.whiteboard.WhiteboardManager.invokePreprocessors(WhiteboardManager.java:930) ~[-1713888509303:?]
    at org.apache.felix.http.base.internal.dispatch.Dispatcher.dispatch(Dispatcher.java:95) ~[-1713888509303:?]
    at org.apache.felix.http.base.internal.dispatch.DispatcherServlet.service(DispatcherServlet.java:49) ~[-1713888509303:?]
    at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:587) ~[-1713888509285:?]
    at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:764) ~[-1713888509303:?]
    at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:529) ~[-1713888509303:?]
    at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:221) ~[-1713888509303:?]
    at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1570) ~[-1713888509303:?]
    at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:221) ~[-1713888509303:?]
    at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1380) ~[-1713888509303:?]
    at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:176) ~[-1713888509303:?]
    at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:484) ~[-1713888509303:?]
    at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1543) ~[-1713888509303:?]
    at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:174) ~[-1713888509303:?]
    at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1302) ~[-1713888509303:?]
    at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:129) ~[-1713888509303:?]
    at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:149) ~[-1713888509303:?]
    at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:122) ~[-1713888509303:?]
    at org.eclipse.jetty.server.Server.handle(Server.java:563) ~[-1713888509303:?]
    at org.eclipse.jetty.server.HttpChannel.lambda$handle$0(HttpChannel.java:505) ~[-1713888509303:?]
    at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:762) ~[-1713888509303:?]
    at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:497) ~[-1713888509303:?]
    at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:282) ~[-1713888509303:?]
    at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:314) ~[-1713888509303:?]
    at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100) ~[-1713888509303:?]
    at org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableChannelEndPoint.java:53) ~[-1713888509303:?]
    at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.runTask(AdaptiveExecutionStrategy.java:416) ~[-1713888509303:?]
    at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.consumeTask(AdaptiveExecutionStrategy.java:385) ~[-1713888509303:?]
    at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.tryProduce(AdaptiveExecutionStrategy.java:272) ~[-1713888509303:?]
    at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.lambda$new$0(AdaptiveExecutionStrategy.java:140) ~[-1713888509303:?]
    at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:411) [-1713888509303:?]
    at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:934) [-1713888509303:?]
    at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1078) [-1713888509303:?]
    at java.lang.Thread.run(Thread.java:829) [?:?]
24/04/2024 10:22:50.845 DEBUG qtp1883971879-199 org.eclipse.jetty.server.HttpOutput.write - write(array HeapByteBuffer@46e099c[p=0,l=148,c=512,r=148]={<<<{"error_code":5000,"error...lasa Ecosystem owner."}>>>\x00\x00\x00\x00\x00\x00\x00\x00\x00...\x00\x00\x00\x00\x00\x00\x00})
24/04/2024 10:22:50.845 DEBUG qtp1883971879-199 org.eclipse.jetty.server.HttpOutput.write - write(array) s=OPEN,api=BLOCKING,sc=false,e=null aggregated !flush DirectByteBuffer@665ffde1[p=0,l=148,c=32768,r=148]={<<<{"error_code":5000,"error...lasa Ecosystem owner."}>>>: "7c5284...dev.gal}
24/04/2024 10:22:50.845 DEBUG qtp1883971879-199 org.eclipse.jetty.server.HttpChannel.sendResponse - sendResponse info=null content=DirectByteBuffer@665ffde1[p=0,l=148,c=32768,r=148]={<<<{"error_code":5000,"error...lasa Ecosystem owner."}>>>: "7c5284...dev.gal} complete=false committing=true callback=Blocker@583b28b8{null}
techcobweb commented 4 months ago

This is still happening.

07/05/2024 12:51:16.911 INFO  qtp1883971879-368 dev.galasa.framework.api.authentication.internal.DexGrpcClient.getClient - Retrieving Dex client with ID: unhoptaxqjxrakzqcn45x4vwn
07/05/2024 12:51:16.918 ERROR qtp1883971879-368 dev.galasa.framework.api.authentication.AuthenticationServlet.processRequest - {"error_code":5000,"error_message":"GAL5000E: Error occured when trying to access the endpoint. Report the problem to your Galasa Ecosystem owner."}
io.grpc.StatusRuntimeException: UNKNOWN: not found
        at io.grpc.stub.ClientCalls.toStatusRuntimeException(ClientCalls.java:268) ~[?:?]
        at io.grpc.stub.ClientCalls.getUnchecked(ClientCalls.java:249) ~[?:?]
        at io.grpc.stub.ClientCalls.blockingUnaryCall(ClientCalls.java:167) ~[?:?]
        at com.coreos.dex.api.DexGrpc$DexBlockingStub.getClient(DexGrpc.java:758) ~[?:?]
        at dev.galasa.framework.api.authentication.internal.DexGrpcClient.sendGetClientRequest(DexGrpcClient.java:121) ~[?:?]
        at dev.galasa.framework.api.authentication.internal.DexGrpcClient.getClient(DexGrpcClient.java:81) ~[?:?]
        at dev.galasa.framework.api.authentication.internal.routes.AuthRoute.sendTokenPost(AuthRoute.java:158) ~[?:?]
        at dev.galasa.framework.api.authentication.internal.routes.AuthRoute.handlePostRequest(AuthRoute.java:107) ~[?:?]
        at dev.galasa.framework.api.common.BaseServlet.processRoutes(BaseServlet.java:117) ~[?:?]
        at dev.galasa.framework.api.common.BaseServlet.processRequest(BaseServlet.java:77) ~[?:?]
        at dev.galasa.framework.api.common.BaseServlet.doPost(BaseServlet.java:57) ~[?:?]
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:681) ~[-1714730102997:?]
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:764) ~[-1714730102997:?]
        at org.apache.felix.http.base.internal.jakartawrappers.ServletWrapper.service(ServletWrapper.java:74) ~[-1714730103067:?]
        at org.apache.felix.http.base.internal.handler.ServletHandler.handle(ServletHandler.java:127) ~[-1714730103067:?]
        at org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:86) ~[-1714730103067:?]
        at org.apache.felix.http.base.internal.javaxwrappers.FilterChainWrapper.doFilter(FilterChainWrapper.java:45) ~[-1714730103067:?]
        at dev.galasa.framework.api.authentication.JwtAuthFilter.doFilter(JwtAuthFilter.java:104) ~[?:?]
        at org.apache.felix.http.base.internal.jakartawrappers.FilterWrapper.doFilter(FilterWrapper.java:58) ~[-1714730103067:?]
        at org.apache.felix.http.base.internal.handler.FilterHandler.handle(FilterHandler.java:145) ~[-1714730103067:?]
        at org.apache.felix.http.base.internal.dispatch.InvocationChain.doFilter(InvocationChain.java:81) ~[-1714730103067:?]
        at org.apache.felix.http.base.internal.dispatch.Dispatcher$1.doFilter(Dispatcher.java:153) ~[-1714730103067:?]
        at org.apache.felix.http.base.internal.whiteboard.WhiteboardManager.invokePreprocessors(WhiteboardManager.java:930) ~[-1714730103067:?]
        at org.apache.felix.http.base.internal.dispatch.Dispatcher.dispatch(Dispatcher.java:95) ~[-1714730103067:?]
        at org.apache.felix.http.base.internal.dispatch.DispatcherServlet.service(DispatcherServlet.java:49) ~[-1714730103067:?]
        at jakarta.servlet.http.HttpServlet.service(HttpServlet.java:587) ~[-1714730102997:?]
        at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:764) ~[-1714730103067:?]
        at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:529) ~[-1714730103067:?]
        at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:221) ~[-1714730103067:?]
        at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1570) ~[-1714730103067:?]
        at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:221) ~[-1714730103067:?]
        at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1380) ~[-1714730103067:?]
        at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:176) ~[-1714730103067:?]
        at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:484) ~[-1714730103067:?]
        at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1543) ~[-1714730103067:?]
        at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:174) ~[-1714730103067:?]
        at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1302) ~[-1714730103067:?]
        at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:129) ~[-1714730103067:?]
        at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:149) ~[-1714730103067:?]
        at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:122) ~[-1714730103067:?]
        at org.eclipse.jetty.server.Server.handle(Server.java:563) ~[-1714730103067:?]
        at org.eclipse.jetty.server.HttpChannel.lambda$handle$0(HttpChannel.java:505) ~[-1714730103067:?]
        at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:762) ~[-1714730103067:?]
        at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:497) ~[-1714730103067:?]
        at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:282) ~[-1714730103067:?]
        at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:314) ~[-1714730103067:?]
        at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100) ~[-1714730103067:?]
        at org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableChannelEndPoint.java:53) ~[-1714730103067:?]
        at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.runTask(AdaptiveExecutionStrategy.java:416) ~[-1714730103067:?]
        at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.consumeTask(AdaptiveExecutionStrategy.java:385) ~[-1714730103067:?]
        at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.tryProduce(AdaptiveExecutionStrategy.java:272) ~[-1714730103067:?]
        at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.lambda$new$0(AdaptiveExecutionStrategy.java:140) ~[-1714730103067:?]
        at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:411) [-1714730103067:?]
        at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:934) [-1714730103067:?]
        at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1078) [-1714730103067:?]
        at java.lang.Thread.run(Thread.java:829) [?:?]
07/05/2024 12:51:16.919 DEBUG qtp1883971879-368 org.eclipse.jetty.server.HttpOutput.write - write(array HeapByteBuffer@55c30303[p=0,l=148,c=512,r=148]={<<<{"error_code":5000,"error...lasa Ecosystem owner."}>>>\x00\x00\x00\x00\x00\x00\x00\x00\x00...\x00\x00\x00\x00\x00\x00\x00})
07/05/2024 12:51:16.919 DEBUG qtp1883971879-368 org.eclipse.jetty.server.HttpOutput.write - write(array) s=OPEN,api=BLOCKING,sc=false,e=null aggregated !flush DirectByteBuffer@32260212[p=0,l=148,c=32768,r=148]={<<<{"error_code":5000,"error...lasa Ecosystem owner."}>>>galasa.cp...\x00\x00\x00\x00\x00\x00\x00}
07/05/2024 12:51:16.919 DEBUG qtp1883971879-368 org.eclipse.jetty.server.HttpChannel.sendResponse - sendResponse info=null content=DirectByteBuffer@32260212[p=0,l=148,c=32768,r=148]={<<<{"error_code":5000,"error...lasa Ecosystem owner."}>>>galasa.cp...\x00\x00\x00\x00\x00\x00\x00} complete=false committing=true callback=Blocker@54a98441{null}
07/05/2024 12:51:16.919 DEBUG qtp1883971879-368 org.eclipse.jetty.server.HttpChannel.commit - COMMIT for /auth on HttpChannelOverHttp@645f4657{s=HttpChannelState@7656b26c{s=HANDLING rs=BLOCKING os=COMMITTED is=IDLE awp=false se=false i=true al=0},r=2,c=false/false,a=HANDLING,uri=http://prod1-galasa-dev.cicsk8s.hursley.ibm.com/auth,age=18}
500 null HTTP/1.1
Date: Tue, 07 May 2024 12:51:16 GMT
Content-Type: application/json
Access-Control-Allow-Origin: *

07/05/2024 12:51:16.920 DEBUG qtp1883971879-368 org.eclipse.jetty.server.HttpConnection.process - generate: NEED_HEADER for SendCallback@1e79d918[PROCESSING][i=HTTP/1.1{s=500,h=3,cl=-1},cb=org.eclipse.jetty.server.HttpChannel$SendCallback@1156e32d] (null,[p=0,l=148,c=32768,r=148],false)@START
07/05/2024 12:51:16.920 DEBUG qtp1883971879-368 org.eclipse.jetty.http.HttpGenerator.generateHeaders - generateHeaders HTTP/1.1{s=500,h=3,cl=-1} last=false content=DirectByteBuffer@32260212[p=0,l=148,c=32768,r=148]={<<<{"error_code":5000,"error...lasa Ecosystem owner."}>>>galasa.cp...\x00\x00\x00\x00\x00\x00\x00}
07/05/2024 12:51:16.920 DEBUG qtp1883971879-368 org.eclipse.jetty.http.HttpGenerator.generateHeaders - Date: Tue, 07 May 2024 12:51:16 GMT
Content-Type: application/json
Access-Control-Allow-Origin: *

cc: @eamansour