search

instipod / DuoUniversalKeycloakAuthenticator

Keycloak Authenticator for Duo's new Universal Prompt
GNU General Public License v3.0
50 stars 16 forks source link

Tried out on Keycloak.X 17. ALMOST working #3

Closed joeknock90 closed 2 years ago

joeknock90 commented 2 years ago

The plugin seemed to get me as far as approving the DUO push, but Keycloak dumps me back to "An Internal Error has occured"

Here's the output at the log for the error. 


keycloak_1    | WARNING: Illegal reflective access by retrofit2.Platform (file:/opt/keycloak/lib/../providers/DuoUniversalKeycloakAuthenticator.jar) to constructor java.lang.invoke.MethodHandles$Lookup(java.lang.Class,int)
keycloak_1    | WARNING: Please consider reporting this to the maintainers of retrofit2.Platform
keycloak_1    | WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
keycloak_1    | WARNING: All illegal access operations will be denied in a future release
keycloak_1    | 2022-02-13 15:44:53,914 ERROR [org.keycloak.services.error.KeycloakErrorHandler] (executor-thread-23) Uncaught server error: java.lang.NoSuchMethodError: 'org.jboss.resteasy.spi.ResteasyUriInfo org.jboss.resteasy.spi.HttpRequest.getUri()'
keycloak_1    |         at com.instipod.duouniversal.DuoUniversalAuthenticator.authenticate(DuoUniversalAuthenticator.java:140)
keycloak_1    |         at org.keycloak.authentication.DefaultAuthenticationFlow.processSingleFlowExecutionModel(DefaultAuthenticationFlow.java:453)
keycloak_1    |         at org.keycloak.authentication.DefaultAuthenticationFlow.processFlow(DefaultAuthenticationFlow.java:257)
keycloak_1    |         at org.keycloak.authentication.DefaultAuthenticationFlow.processSingleFlowExecutionModel(DefaultAuthenticationFlow.java:396)
keycloak_1    |         at org.keycloak.authentication.DefaultAuthenticationFlow.processFlow(DefaultAuthenticationFlow.java:280)
keycloak_1    |         at org.keycloak.authentication.AuthenticationProcessor.authenticateOnly(AuthenticationProcessor.java:1042)
keycloak_1    |         at org.keycloak.authentication.AuthenticationProcessor.authenticate(AuthenticationProcessor.java:904)
keycloak_1    |         at org.keycloak.services.resources.LoginActionsService.processFlow(LoginActionsService.java:323)
keycloak_1    |         at org.keycloak.services.resources.LoginActionsService.processAuthentication(LoginActionsService.java:292)
keycloak_1    |         at org.keycloak.services.resources.LoginActionsService.authenticate(LoginActionsService.java:276)
keycloak_1    |         at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
keycloak_1    |         at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
keycloak_1    |         at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
keycloak_1    |         at java.base/java.lang.reflect.Method.invoke(Method.java:566)
keycloak_1    |         at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:170)
keycloak_1    |         at org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:130)
keycloak_1    |         at org.jboss.resteasy.core.ResourceMethodInvoker.internalInvokeOnTarget(ResourceMethodInvoker.java:660)
keycloak_1    |         at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTargetAfterFilter(ResourceMethodInvoker.java:524)
keycloak_1    |         at org.jboss.resteasy.core.ResourceMethodInvoker.lambda$invokeOnTarget$2(ResourceMethodInvoker.java:474)
keycloak_1    |         at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:364)
keycloak_1    |         at org.jboss.resteasy.core.ResourceMethodInvoker.invokeOnTarget(ResourceMethodInvoker.java:476)
keycloak_1    |         at org.jboss.resteasy.core.ResourceMethodInvoker.invoke(ResourceMethodInvoker.java:434)
keycloak_1    |         at org.jboss.resteasy.core.ResourceLocatorInvoker.invokeOnTargetObject(ResourceLocatorInvoker.java:192)
keycloak_1    |         at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:141)
keycloak_1    |         at org.jboss.resteasy.core.ResourceLocatorInvoker.invoke(ResourceLocatorInvoker.java:32)
keycloak_1    |         at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:492)
keycloak_1    |         at org.jboss.resteasy.core.SynchronousDispatcher.lambda$invoke$4(SynchronousDispatcher.java:261)
keycloak_1    |         at org.jboss.resteasy.core.SynchronousDispatcher.lambda$preprocess$0(SynchronousDispatcher.java:161)
keycloak_1    |         at org.jboss.resteasy.core.interception.jaxrs.PreMatchContainerRequestContext.filter(PreMatchContainerRequestContext.java:364)
keycloak_1    |         at org.jboss.resteasy.core.SynchronousDispatcher.preprocess(SynchronousDispatcher.java:164)
keycloak_1    |         at org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher.java:247)
keycloak_1    |         at io.quarkus.resteasy.runtime.standalone.RequestDispatcher.service(RequestDispatcher.java:73)
keycloak_1    |         at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.dispatch(VertxRequestHandler.java:151)
keycloak_1    |         at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.handle(VertxRequestHandler.java:82)
keycloak_1    |         at io.quarkus.resteasy.runtime.standalone.VertxRequestHandler.handle(VertxRequestHandler.java:42)
keycloak_1    |         at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1212)
keycloak_1    |         at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:163)
keycloak_1    |         at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:141)
keycloak_1    |         at io.quarkus.vertx.http.runtime.StaticResourcesRecorder$2.handle(StaticResourcesRecorder.java:67)
keycloak_1    |         at io.quarkus.vertx.http.runtime.StaticResourcesRecorder$2.handle(StaticResourcesRecorder.java:55)
keycloak_1    |         at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1212)
keycloak_1    |         at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:163)
keycloak_1    |         at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:141)
keycloak_1    |         at io.quarkus.vertx.http.runtime.VertxHttpRecorder$5.handle(VertxHttpRecorder.java:362)
keycloak_1    |         at io.quarkus.vertx.http.runtime.VertxHttpRecorder$5.handle(VertxHttpRecorder.java:340)
keycloak_1    |         at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1212)
keycloak_1    |         at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:163)
keycloak_1    |         at io.vertx.ext.web.impl.RoutingContextImpl.next(RoutingContextImpl.java:141)
keycloak_1    |         at org.keycloak.quarkus.runtime.integration.web.QuarkusRequestFilter.lambda$createBlockingHandler$1(QuarkusRequestFilter.java:66)
keycloak_1    |         at io.vertx.core.impl.ContextImpl.lambda$null$0(ContextImpl.java:159)
keycloak_1    |         at io.vertx.core.impl.AbstractContext.dispatch(AbstractContext.java:100)
keycloak_1    |         at io.vertx.core.impl.ContextImpl.lambda$executeBlocking$1(ContextImpl.java:157)
keycloak_1    |         at io.quarkus.vertx.core.runtime.VertxCoreRecorder$13.runWith(VertxCoreRecorder.java:543)
keycloak_1    |         at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2449)
keycloak_1    |         at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1478)
keycloak_1    |         at org.jboss.threads.DelegatingRunnable.run(DelegatingRunnable.java:29)
keycloak_1    |         at org.jboss.threads.ThreadLocalResettingRunnable.run(ThreadLocalResettingRunnable.java:29)
keycloak_1    |         at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
keycloak_1    |         at java.base/java.lang.Thread.run(Thread.java:829)
keycloak_1    | 
keycloak_1    | 2022-02-13 15:44:54,307 WARN  [io.agroal.pool] (executor-thread-23) Datasource '<default>': JDBC resources leaked: 1 ResultSet(s) and 1 Statement(s)````

Let me know if there's anything I can provide to help out!
instipod commented 2 years ago

What kind of server configuration are you using to serve Keycloak? Are you using a pre-built JAR or did you compile a copy yourself?

I tested the quay.io/keycloak/keycloak:17.0.0 docker image with the latest code and was able to perform Duo authentications without an error.

I will package up a new build and publish it as a release for you to try. I think this issue is related to pull #2 which was accepted but I did not publish a new release at the time.

joeknock90 commented 2 years ago

That's the same version I'm running in Docker on RockyLinux 8.5. I used the pre-built jar from the releases page because I'm lazy.

It's also entirely possible that I have screwed something up, my setup is jank and I'm just not all that smart.

I'll try out the new release! #2 looks like it might be it, but I haven't really dug into it all that much.

Thanks!

joeknock90 commented 2 years ago

Works perfectly with the new release on the releases page.

Thanks a bunch.