search

kivra / oauth2_client

Erlang OAuth2 Client
MIT License
73 stars 38 forks source link

Version 1.4.3 crashes when fetching an access token #31

Open ollien opened 8 months ago

ollien commented 8 months ago

There was a silent change in jsx version 3.0.0 which always adds return_maps to the decode options, unless return_maps is explicitly specified (see: https://github.com/talentdeficit/jsx/commit/fab436e1d54c25bc499b78a66a363bc593574b0f#diff-442484fd845d07345ff2c60c11cb7f83288e6f11299be9b536594b66d3b09d85L75). The README of jsx does seem to confirm this is the default behavior. As a result, most requests for authorization tokens fail with the following, since oauth2c still expects a proplist for access token information.

 =CRASH REPORT==== 27-Mar-2024::18:42:34.779110 ===
   crasher:
     initial call: my_project_conn:init/1
     pid: <0.1107.0>
     registered_name: my_project_conn
     exception error: no function clause matching 
                      proplists:get_value(<<"access_token">>,
                                          #{<<"access_token">> =>
                                                <<"redacted">>,
                                            <<"expires_in">> => 3599,
                                            <<"token_type">> => <<"Bearer">>},
                                          undefined) (proplists.erl, line 215)
       in function  oauth2c:do_retrieve_access_token/2 (/my_project/_build/default/lib/oauth2_client/src/oauth2c.erl, line 229)
       in call from oauth2c:get_access_token/2 (/my_project/_build/default/lib/oauth2_client/src/oauth2c.erl, line 381)
       in call from oauth2c:ensure_client_has_access_token/2 (/my_project/_build/default/lib/oauth2_client/src/oauth2c.erl, line 215)
       in call from oauth2c:request/8 (/my_project/_build/default/lib/oauth2_client/src/oauth2c.erl, line 201)
       in call from my_project_conn:handle_call/3 (/my_project/src/my_project_conn.erl, line 26)
       in call from gen_server:try_handle_call/4 (gen_server.erl, line 661)
       in call from gen_server:handle_msg/6 (gen_server.erl, line 690)
     ancestors: [my_project_sup,<0.1086.0>]
     message_queue_len: 0
     messages: []
     links: [<0.1087.0>]
     dictionary: []
     trap_exit: false
     status: running
     heap_size: 17731
     stack_size: 27
     reductions: 73174
   neighbours:

Version 1.4.2 still works fine, as this uses a 2.x release of jsx (or more accurately, the version of restclient that 1.4.2 depends on uses a 2.x release).

For the sake of providing some reproducing code, here's a lightly edited version of the code I used to reproduce this (though I would be surprised if it weren't reproducible with most flows),

  OAuthClient = oauth2c:from_service_account_file(Path, <<"my-scope">>),
  Res = oauth2c:request(
    post,
    json,
    <<"https://myapi/resource">>,
    [],
    [],
    {}},
    OAuthClient
  ),

I think that this patch would solve the issue, or at the very least put you closer to solving the issue https://github.com/kivra/oauth2_client/pull/29

ollien commented 8 months ago

Hm, on a whim I tried a fresh project with a more modern version of OTP (the above was using 21, my test project used 26), and this didn't seem to be a problem. I'll have to dig into this more, maybe this is just a non-issue