search

pelle / clauth

Authentication library for Clojure and Ring based on OAuth2
http://pelle.github.com/clauth
118 stars 33 forks source link

ClassCastException in csrf-protect #11

Open nnarhinen opened 10 years ago

nnarhinen commented 10 years ago

When using the clauth login-handler I sometimes get this exception. Mostly when I open with a fresh browser a protected route that redirects to login.

Exception:

java.lang.ClassCastException

java.lang.String cannot be cast to clojure.lang.Associative
RT.java:702 clojure.lang.RT.assoc
core.clj:187    clojure.core/assoc
middleware.clj:17   clauth.middleware/assoc-session
middleware.clj:135  clauth.middleware/csrf-protect![fn]
routes.clj:68   myapp.routes/fn
core.clj:93 compojure.core/make-route[fn]
core.clj:39 compojure.core/if-route[fn]
core.clj:24 compojure.core/if-method[fn]
core.clj:106    compojure.core/routing[fn]
core.clj:2443   clojure.core/some
core.clj:106    compojure.core/routing
RestFn.java:139 clojure.lang.RestFn.applyTo
core.clj:619    clojure.core/apply
core.clj:111    compojure.core/routes[fn]
keyword_params.clj:27   ring.middleware.keyword-params/wrap-keyword-params[fn]
nested_params.clj:65    ring.middleware.nested-params/wrap-nested-params[fn]
params.clj:55   ring.middleware.params/wrap-params[fn]
multipart_params.clj:103    ring.middleware.multipart-params/wrap-multipart-params[fn]
flash.clj:14    ring.middleware.flash/wrap-flash[fn]
session.clj:43  ring.middleware.session/wrap-session[fn]
cookies.clj:160 ring.middleware.cookies/wrap-cookies[fn]
middleware.clj:12   hiccup.middleware/wrap-base-url[fn]
keyword_params.clj:27   ring.middleware.keyword-params/wrap-keyword-params[fn]
json.clj:42 ring.middleware.json/wrap-json-response[fn]
Var.java:415    clojure.lang.Var.invoke
reload.clj:18   ring.middleware.reload/wrap-reload[fn]
stacktrace.clj:17   ring.middleware.stacktrace/wrap-stacktrace-log[fn]
stacktrace.clj:80   ring.middleware.stacktrace/wrap-stacktrace-web[fn]
jetty.clj:18    ring.adapter.jetty/proxy-handler[fn]
(Unknown Source)    ring.adapter.jetty.proxy$org.eclipse.jetty.server.handler.AbstractHandler$0.handle
HandlerWrapper.java:116 org.eclipse.jetty.server.handler.HandlerWrapper.handle
Server.java:363 org.eclipse.jetty.server.Server.handle
AbstractHttpConnection.java:483 org.eclipse.jetty.server.AbstractHttpConnection.handleRequest
AbstractHttpConnection.java:920 org.eclipse.jetty.server.AbstractHttpConnection.headerComplete
AbstractHttpConnection.java:982 org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.headerComplete
HttpParser.java:635 org.eclipse.jetty.http.HttpParser.parseNext
HttpParser.java:235 org.eclipse.jetty.http.HttpParser.parseAvailable
AsyncHttpConnection.java:82 org.eclipse.jetty.server.AsyncHttpConnection.handle
SelectChannelEndPoint.java:628  org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle
SelectChannelEndPoint.java:52   org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run
QueuedThreadPool.java:608   org.eclipse.jetty.util.thread.QueuedThreadPool.runJob
QueuedThreadPool.java:543   org.eclipse.jetty.util.thread.QueuedThreadPool$3.run
Thread.java:724 java.lang.Thread.run

Code:


(defroutes main-routes
  (GET "/" request ((clmw/wrap-bearer-token index-page) request))
  (ANY "/oauth2/token" request ((clep/token-handler) request))
  (GET "/oauth2/authorization" request ((clep/authorization-handler) request))
  (ANY "/login" {client :client, :as request} ((clep/login-handler {:login-form login-page, :client client}) request)))

(def app
  (do
    (reset! token-store (create-couchdb-store "clauth_token"))
    (reset! auth-code-store (create-couchdb-store "clauth_authcode"))
    (reset! client-store (create-couchdb-store "clauth_client"))
    (reset! user-store (create-couchdb-store "clauth_user"))
    (println "Starting application..")
    (let [client (or (first (clients))
                     (register-client "MyApp" "http://localhost:3000"))
          user (or (first (clauth.user/users))
                   (clauth.user/register-user "demo" "password"))]
      (-> (handler/site main-routes {:session {:store (redis-store redis-pool redis-spec {:prefix "myapp.session"})}, :client client })
          (wrap-base-url)
          (wrap-keyword-params)
          ;(wrap-params)
          (wrap-json-response)))))
nnarhinen commented 10 years ago

Is this a problem with compojure and the way I'm initializing clauth? If so, how should one use with compojure?