jhipster / jhipster-kotlin

Kotlin based JHipster
https://khipster.dev
Apache License 2.0
455 stars 95 forks source link

Authenticated requests always return invalid_token exception #254

Closed kevin-madhu closed 4 years ago

kevin-madhu commented 4 years ago
Overview of the issue

After addition of a new dependency (axon-spring-boot-starter for axon framework) into the project, the project always returns invalid_token for authenticated requests when it's being provided with a valid token. I'm using JHipster with UAA.

Motivation for or Use Case

I'm not able to access any authenticated endpoints with valid tokens received from the UAA server after this dependency has been added to the project. Axon Framework is something essential for the project.

Reproduce the error

1) A new jhipster kotlin project was created with the following answers to the questions.

? Which *type* of application would you like to create? Microservice application
? [Beta] Do you want to make it reactive with Spring WebFlux? No
? What is the base name of your application? test
     info Using blueprint generator-jhipster-kotlin for server subgenerator
? As you are running in a microservice architecture, on which port would like your server to run? It should be unique to avoid port conflicts. 8081
? What is your default Java package name? org.testit
? Which service discovery server do you want to use? JHipster Registry (uses Eureka, provides Spring Cloud Config support and monitoring dashboards)
? Which *type* of authentication would you like to use? Authentication with JHipster UAA server (the server must be generated separately)
? What is the folder path of your UAA application? ../uaa
? Which *type* of database would you like to use? SQL (H2, MySQL, MariaDB, PostgreSQL, Oracle, MSSQL)
? Which *production* database would you like to use? PostgreSQL
? Which *development* database would you like to use? H2 with disk-based persistence
? Do you want to use the Spring cache abstraction? Yes, with the Hazelcast implementation (distributed cache, for multiple nodes, supports rate-limiti
ng for gateway applications)
? Do you want to use Hibernate 2nd level cache? Yes
? Would you like to use Maven or Gradle for building the backend? Gradle
? Which other technologies would you like to use? 
? Would you like to enable internationalization support? Yes
? Please choose the native language of the application English
? Please choose additional languages to install 
? Besides JUnit and Jest, which testing frameworks would you like to use? 
? Would you like to install other generators from the JHipster Marketplace? No

2) Added axon-spring-boot-starter dependency
`    implementation "org.axonframework:axon-spring-boot-starter:4.3.5"`
3) Try to access any secured endpoint in the application with a valid token received. And the application will nevertheless always respond with invalid_token exception.
Suggest a Fix

I'm not aware of how the security of a jhipster project is setup. Maybe something gets overridden with configurations provided by axon framework.

JHipster Version(s)
customer@0.0.0 /home/kevin/Projects/finscale/customer
├── generator-jhipster@6.10.1 
└─┬ generator-jhipster-kotlin@1.9.0
  └── generator-jhipster@6.10.1  deduped
JHipster configuration, a .yo-rc.json file generated in the root folder
.yo-rc.json file
{
  "generator-jhipster": {
    "promptValues": {
      "packageName": "org.muellners.finscale.customer",
      "nativeLanguage": "en"
    },
    "jhipsterVersion": "6.10.1",
    "applicationType": "microservice",
    "baseName": "customer",
    "packageName": "org.muellners.finscale.customer",
    "packageFolder": "org/muellners/finscale/customer",
    "serverPort": "9011",
    "authenticationType": "uaa",
    "uaaBaseName": "identity",
    "cacheProvider": "hazelcast",
    "enableHibernateCache": true,
    "websocket": false,
    "databaseType": "sql",
    "devDatabaseType": "h2Disk",
    "prodDatabaseType": "postgresql",
    "searchEngine": false,
    "messageBroker": false,
    "serviceDiscoveryType": "eureka",
    "buildTool": "gradle",
    "enableSwaggerCodegen": false,
    "jwtSecretKey": "YourJWTSecretKeyWasReplacedByThisMeaninglessTextByTheJHipsterInfoCommandForObviousSecurityReasons",
    "embeddableLaunchScript": false,
    "creationTimestamp": 1595761839091,
    "testFrameworks": [],
    "jhiPrefix": "jhi",
    "entitySuffix": "",
    "dtoSuffix": "DTO",
    "otherModules": [
      {
        "name": "generator-jhipster-kotlin",
        "version": "1.9.0"
      }
    ],
    "enableTranslation": true,
    "clientPackageManager": "npm",
    "nativeLanguage": "en",
    "languages": ["en"],
    "blueprints": [
      {
        "name": "generator-jhipster-kotlin",
        "version": "1.9.0"
      }
    ],
    "skipClient": true,
    "skipUserManagement": true
  }
}

JDL for the Entity configuration(s) entityName.json files generated in the .jhipster directory
JDL entity definitions

Environment and Tools

java version "1.8.0_201" Java(TM) SE Runtime Environment (build 1.8.0_201-b09) Java HotSpot(TM) 64-Bit Server VM (build 25.201-b09, mixed mode)

git version 2.17.1

node: v12.18.0

npm: 6.14.4

yeoman: 3.1.1

Docker version 19.03.5, build 633a0ea838

docker-compose version 1.17.1, build unknown

pascalgrimaud commented 4 years ago

I transfert the issue to jhiipster-kotlin project, as it seems related to this one, not in main generator-jhipster

sendilkumarn commented 4 years ago

Thanks for the great explanation from @smcvb

It looks like a configuration issue. Closing the issue but please feel free to reopen if you think it is because of JHipster.

cc: @xetys the application is using UAA. :)