JWT remote mode acl route issue

[alessandroperetti]

Hi,

I am using JWT remote mode with user, superuser and acl route checks. Right now I am using only the acl route for checking the permissions. The permission is provided by a remote service so it takes sometimes (depending on the network traffic or parallel requests). The problem is that if the acl route not responds before 5 seconds I got read ECONNRESET from mqtt client. otherwise everything works as expected. I tried it mocking the remote permission services with a timeout and I can confirm that if the timeout is less then 5000 ms everything is ok otherwise I got the error above. Likely, I think it is a timeout problem but I can't find any general configuration options to enlarge it or a workaround to solve it.

Opening the container where Mosquitto resides I see:

context deadline exceeded (Client.Timeout exceeded while awaiting headers)

Thanks AP

[iegomez]

You're absolutely right, for some reason I made the option available in the HTTP backend but not in the JWT that's hardcoding it to 5 seconds here: https://github.com/iegomez/mosquitto-go-auth/blob/master/backends/jwt_remote.go#L155

I'll try to add the option soon.

[alessandroperetti]

I opened the PR for adding a custom parameter jwt_http_timeout. If not provided in the config the fallback is 5 seconds (as before the PR).

The PR is in https://github.com/iegomez/mosquitto-go-auth/pull/285.

[iegomez]

Thanks for opening a PR. There are a few issues and I need to check why tests are not running on external PRs, probably some misconfigured setting on my side.

[alessandroperetti]

I ll fix them. Tks

[alessandroperetti]

let me know the test file where you expect the test.

[alessandroperetti]

Sry for the issues but I am not very skilled in go. Now should be better.

[iegomez]

Addressed by https://github.com/iegomez/mosquitto-go-auth/pull/285.