klg71
commented
3 years ago Hey harald :) Thank you for contributing again. I like the change of adding a safety duration to the tokenHolder.
Closed haraldsegliens closed 3 years ago
klg71
commented
3 years ago Hey harald :) Thank you for contributing again. I like the change of adding a safety duration to the tokenHolder.
Hi.
Found a bug that appears rarely (once a day).
[ERROR] 2021-07-15 12:58:58.226 [main] KeycloakMigration - Error occurred while migrating: status 401 reading KeycloakClient#searchByUsername(String,String) feign.FeignException: status 401 reading KeycloakClient#searchByUsername(String,String) at feign.FeignException.errorStatus(FeignException.java:78) ~[keycloakmigration.jar:?] at feign.codec.ErrorDecoder$Default.decode(ErrorDecoder.java:93) ~[keycloakmigration.jar:?] at feign.SynchronousMethodHandler.executeAndDecode(SynchronousMethodHandler.java:149) ~[keycloakmigration.jar:?] at feign.SynchronousMethodHandler.invoke(SynchronousMethodHandler.java:78) ~[keycloakmigration.jar:?] at feign.ReflectiveFeign$FeignInvocationHandler.invoke(ReflectiveFeign.java:103) ~[keycloakmigration.jar:?] at com.sun.proxy.$Proxy27.searchByUsername(Unknown Source) ~[?:?] at de.klg71.keycloakmigration.keycloakapi.KeycloakClientHelperKt.userByName(KeycloakClientHelper.kt:25) ~I think that this error happens when TokenHolder doesn't refresh the token and sends an expired token to keycloak, and it is possible for TokenHolder not to refresh token near the expiration time where keycloak receives the message after the expiration time.
Therefore created test that somehow proves that there is the problem - TokenFlakinessTest, but, to see the 401 problem, need to comment out code related to safetyDurationMs in TokenHolder. Test execution time can also be 30 minutes.
Furthermore the only necessary change is in TokenHolder where safetyDurationMs is declared and used. Other lines are used only to make the test work. If the fix is only necessary then let me know, I will remove the test and make the code cleaner.