search

jgraph / docker-drawio

Dockerized draw.io based on whichever is the most secure image at the time.
GNU General Public License v3.0
1.49k stars 361 forks source link

Integrating Google Drive breaks upon callback #48

Closed routerino closed 2 years ago

routerino commented 2 years ago

Attempting to enable the google drive integration does not appear to function, even to the point of getting the integration started.

When adding the DRAW_IO_GOOGLE environment variables we get the option to save to google drive, but immediately fails. After some troubleshooting it appears there is a dependency problem in the docker image itself.

A fresh start of the docker image gets this when accessing the <domain/google>: image

Any refresh or future attempt provides a 404 error instead, until the container is restarted.

Logging at the logs in the container, this pops up:

07-Dec-2021 02:16:58.724 INFO [https-openssl-nio-8443-exec-3] org.apache.catalina.core.ApplicationContext.log Marking servlet [GoogleAuthServlet] as unavailable
07-Dec-2021 02:16:58.725 SEVERE [https-openssl-nio-8443-exec-3] org.apache.catalina.core.StandardWrapperValve.invoke Allocate exception for servlet [GoogleAuthServlet]
        java.lang.IncompatibleClassChangeError: class org.ehcache.jsr107.Eh107CacheManager can not implement javax.cache.CacheManager, because it is not an interface (javax.cache.CacheManager is in unnamed module of loader org.apache.catalina.loader.ParallelWebappClassLoader @336f1079)
                at java.base/java.lang.ClassLoader.defineClass1(Native Method)
                at java.base/java.lang.ClassLoader.defineClass(ClassLoader.java:1016)
                at java.base/java.security.SecureClassLoader.defineClass(SecureClassLoader.java:174)
                at org.apache.catalina.loader.WebappClassLoaderBase.findClassInternal(WebappClassLoaderBase.java:2415)
                at org.apache.catalina.loader.WebappClassLoaderBase.findClass(WebappClassLoaderBase.java:863)
                at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1332)
                at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1186)
                at java.base/java.lang.Class.getDeclaredConstructors0(Native Method)
                at java.base/java.lang.Class.privateGetDeclaredConstructors(Class.java:3137)
                at java.base/java.lang.Class.getConstructor0(Class.java:3342)
                at java.base/java.lang.Class.getConstructor(Class.java:2151)
                at java.base/java.util.ServiceLoader$1.run(ServiceLoader.java:659)
                at java.base/java.util.ServiceLoader$1.run(ServiceLoader.java:656)
                at java.base/java.security.AccessController.doPrivileged(Native Method)
                at java.base/java.util.ServiceLoader.getConstructor(ServiceLoader.java:667)
                at java.base/java.util.ServiceLoader$LazyClassPathLookupIterator.hasNextService(ServiceLoader.java:1232)
                at java.base/java.util.ServiceLoader$LazyClassPathLookupIterator.hasNext(ServiceLoader.java:1264)
                at java.base/java.util.ServiceLoader$2.hasNext(ServiceLoader.java:1299)
                at java.base/java.util.ServiceLoader$3.hasNext(ServiceLoader.java:1384)
                at javax.cache.Caching$CachingProviderRegistry$1.run(Caching.java:448)
                at javax.cache.Caching$CachingProviderRegistry$1.run(Caching.java:442)
                at java.base/java.security.AccessController.doPrivileged(Native Method)
                at javax.cache.Caching$CachingProviderRegistry.getCachingProviders(Caching.java:442)
                at javax.cache.Caching$CachingProviderRegistry.getCachingProvider(Caching.java:529)
                at javax.cache.Caching$CachingProviderRegistry.getCachingProvider(Caching.java:476)
                at javax.cache.Caching.getCachingProvider(Caching.java:226)
                at com.mxgraph.online.CacheFacade.createCache(CacheFacade.java:43)
                at com.mxgraph.online.CacheFacade.createCache(CacheFacade.java:23)
                at com.mxgraph.online.AbsAuthServlet.<clinit>(Unknown Source)
                at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
                at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
                at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
                at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:490)
                at org.apache.catalina.core.DefaultInstanceManager.newInstance(DefaultInstanceManager.java:151)
                at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1030)
                at org.apache.catalina.core.StandardWrapper.allocate(StandardWrapper.java:761)
                at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:134)
                at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
                at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490)
                at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
                at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
                at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:678)
                at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
                at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
                at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:408)
                at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66)
                at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:836)
                at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1839)
                at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
                at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
                at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
                at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
                at java.base/java.lang.Thread.run(Thread.java:834)

As far as I can decipher, the image doesn't appear to include the libraries necessary to do the google authentication? Am I misinterpreting that?

davidjgraph commented 2 years ago

What version are you running? What environment are you running on?

routerino commented 2 years ago

What version are you running? What environment are you running on?

Using official docker image on a fedora host running latest docker (well, moby for fedora). Reverse proxy via caddy. Version 15.9.1 (though I did test a couple previous versions to make sure it wasn't a problem with the latest docker image). Docker compose file below:

services:
  drawio:
    image: jgraph/drawio
    container_name: drawio
    restart: always
    environment:
      - PUBLIC_DNS=draw.gurucomputing.com.au
      - CITY=Canberra
      - STATE=ACT
      - COUNTRY_CODE=AU
      - KEYSTORE_PASS=${KEYSTORE_PASS}
      - DRAWIO_SELF_CONTAINED=1
      - DRAWIO_BASE_URL=https://draw.gurucomputing.com.au
      - DRAWIO_GOOGLE_CLIENT_ID=${DRAWIO_GOOGLE_CLIENT_ID}
      - DRAWIO_GOOGLE_CLIENT_SECRET=${DRAWIO_GOOGLE_CLIENT_SECRET}
      - DRAWIO_GOOGLE_APP_ID=${DRAWIO_GOOGLE_APP_ID}
      - DRAWIO_GOOGLE_VIEWER_CLIENT_ID=${DRAWIO_GOOGLE_VIEWER_CLIENT_ID}
      - DRAWIO_GOOGLE_VIEWER_CLIENT_SECRET=${DRAWIO_GOOGLE_CLIENT_SECRET}
      - DRAWIO_GOOGLE_VIEWER_APP_ID=${DRAWIO_GOOGLE_VIEWER_APP_ID}
    # ports:
    #   - 8080:8080
    #   - 8443:8443
    networks:
      - reverseproxy-nw

networks:
  reverseproxy-nw:
    external: true

You can also test yourself by going to https://draw.gurucomputing.com.au as I haven't put any authentication in front as of yet.

davidjgraph commented 2 years ago

Try the 15.9.3 build, we added some libs back in.

routerino commented 2 years ago

Try the 15.9.3 build, we added some libs back in.

Just tried with 15.9.3 and 15.9.4, still no joy. Same error with the cache manager not being an interface. Have you been able to reproduce the error on your end?

davidjgraph commented 2 years ago

I can't repeat this on a clean 15.9.4

routerino commented 2 years ago

I can't repeat this on a clean 15.9.4

Bizarre. The whole point of docker is to be able to create reproducible issues.

I'll have to assume it's something to do with either my configuration or environment. The google drive integration is something I can live without, so I'll just drop the issue unless other people start experiencing this.

BelCo94 commented 2 years ago

Hello. I have the same issue, but with gitlab integration. When I click on "Create New Diagram" or "Open Existing Diagram" button in gitlab storage dialog I get this error: image

In localhost_access_log.2021-12-21.txt I see that first request provides error 500 and any next requests provides error 404:

172.19.0.1 - - [21/Dec/2021:06:18:51 +0000] "GET /gitlab?getState=1 HTTP/1.1" 500 8751
172.19.0.1 - - [21/Dec/2021:06:19:52 +0000] "GET /gitlab?getState=1 HTTP/1.1" 404 682
172.19.0.1 - - [21/Dec/2021:06:23:56 +0000] "GET /gitlab?getState=1 HTTP/1.1" 404 682

In logs/localhost.2021-12-21.log:

21-Dec-2021 06:18:51.043 INFO [http-nio-8080-exec-5] org.apache.catalina.core.ApplicationContext.log Marking servlet [GitlabAuthServlet] as unavailable
21-Dec-2021 06:18:51.046 SEVERE [http-nio-8080-exec-5] org.apache.catalina.core.StandardWrapperValve.invoke Allocate exception for servlet [GitlabAuthServlet]
    java.lang.IncompatibleClassChangeError: class org.ehcache.jsr107.Eh107CacheManager can not implement javax.cache.CacheManager, because it is not an interface (javax.cache.CacheManager is in unnamed module of loader org.apache.catalina.loader.ParallelWebappClassLoader @4758820d)
        at java.base/java.lang.ClassLoader.defineClass1(Native Method)
        at java.base/java.lang.ClassLoader.defineClass(Unknown Source)
        at java.base/java.security.SecureClassLoader.defineClass(Unknown Source)
        at org.apache.catalina.loader.WebappClassLoaderBase.findClassInternal(WebappClassLoaderBase.java:2478)
        at org.apache.catalina.loader.WebappClassLoaderBase.findClass(WebappClassLoaderBase.java:870)
        at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1371)
        at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1215)
        at java.base/java.lang.Class.getDeclaredConstructors0(Native Method)
        at java.base/java.lang.Class.privateGetDeclaredConstructors(Unknown Source)
        at java.base/java.lang.Class.getConstructor0(Unknown Source)
        at java.base/java.lang.Class.getConstructor(Unknown Source)
        at java.base/java.util.ServiceLoader$1.run(Unknown Source)
        at java.base/java.util.ServiceLoader$1.run(Unknown Source)
        at java.base/java.security.AccessController.doPrivileged(Native Method)
        at java.base/java.util.ServiceLoader.getConstructor(Unknown Source)
        at java.base/java.util.ServiceLoader$LazyClassPathLookupIterator.hasNextService(Unknown Source)
        at java.base/java.util.ServiceLoader$LazyClassPathLookupIterator.hasNext(Unknown Source)
        at java.base/java.util.ServiceLoader$2.hasNext(Unknown Source)
        at java.base/java.util.ServiceLoader$3.hasNext(Unknown Source)
        at javax.cache.Caching$CachingProviderRegistry$1.run(Caching.java:448)
        at javax.cache.Caching$CachingProviderRegistry$1.run(Caching.java:442)
        at java.base/java.security.AccessController.doPrivileged(Native Method)
        at javax.cache.Caching$CachingProviderRegistry.getCachingProviders(Caching.java:442)
        at javax.cache.Caching$CachingProviderRegistry.getCachingProvider(Caching.java:529)
        at javax.cache.Caching$CachingProviderRegistry.getCachingProvider(Caching.java:476)
        at javax.cache.Caching.getCachingProvider(Caching.java:226)
        at com.mxgraph.online.CacheFacade.createCache(CacheFacade.java:43)
        at com.mxgraph.online.CacheFacade.createCache(CacheFacade.java:23)
        at com.mxgraph.online.AbsAuthServlet.<clinit>(Unknown Source)
        at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
        at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
        at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
        at java.base/java.lang.reflect.Constructor.newInstance(Unknown Source)
        at org.apache.catalina.core.DefaultInstanceManager.newInstance(DefaultInstanceManager.java:150)
        at org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1070)
        at org.apache.catalina.core.StandardWrapper.allocate(StandardWrapper.java:788)
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:128)
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:540)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
        at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:687)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:357)
        at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:382)
        at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
        at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:895)
        at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1732)
        at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
        at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
        at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
        at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
        at java.base/java.lang.Thread.run(Unknown Source)

I tried several versions of image: 15.9.1, 15.9.3, 15.9.4, 15.9.6, 16.0.0 docker version 20.10.7 docker-compose 1.29.2 host OS - ubuntu 20.04 (tried on 2 different machines)

example of docker-compose.yml:

services:
  drawio:
    image: jgraph/drawio:16.0.0
    networks:
      internal_net:
    ports:
      - 8080:8080
      - 8443:8443
    environment:
      - DRAWIO_SELF_CONTAINED=1
      - DRAWIO_BASE_URL=https://drawio.test.mydomain
      - DRAWIO_GITLAB_ID=${DRAWIO_GITLAB_ID}
      - DRAWIO_GITLAB_URL=https://gitlab.test.mydomain
      - DRAWIO_GITLAB_SECRET=${DRAWIO_GITLAB_SECRET}

networks:
  internal_net:
m-mohamedin commented 2 years ago

Will be fixed in the next release. Currently, only version 15.7.4 downward works

davidjgraph commented 2 years ago

In 16.1.0