Closed un-stantane closed 1 year ago
github-actions[bot]
commented
1 year ago Hello there un-stantane! 👋
Thank you and congratulations 🎉 for opening your very first issue in this project! 💖
In case you want to claim this issue, please comment down below! We will try to get back to you as soon as we can. 👀
mindman21
commented
1 year ago Same problem here
AUTH_TYPE: OAUTH2
AUTH_OAUTH2_CLIENT_REGISTRATION_AUTH0_CLIENTID:
AUTH_OAUTH2_CLIENT_REGISTRATION_AUTH0_CLIENTSECRET:
AUTH_OAUTH2_CLIENT_REGISTRATION_AUTH0_SCOPE:
AUTH_OAUTH2_CLIENT_PROVIDER_AUTH0_ISSUER_URI:Not sure that should change this from
SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_AUTH0_CLIENTID: SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_AUTH0_CLIENTSECRET SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_AUTH0_SCOPE SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_AUTH0_ISSUER_URI
Anyway both doesn't work.
Haarolean
commented
1 year ago Hey, here's a template with param names.
Please note that you have to keep the dashes (-) instead of replacing them with underscores.
auth:
type: OAUTH2
oauth2:
client:
cognito:
clientId:
clientSecret:
scope:
client-name:
provider:
redirect-uri:
authorization-grant-type:
issuer-uri:
jwk-set-uri:
user-name-attribute:
custom-params:
type:
logoutUrl: @un-stantane you have issues with dashes (like, you have to replace AUTH_OAUTH2_CLIENT_OKTA_AUTHORIZATION_URI with AUTH_OAUTH2_CLIENT_OKTA_AUTHORIZATION-URI)
@mindman21 you have to remove _registration and _provider.
Also PTAL at changelog's breaking changes block:
srikanthprathipati
commented
1 year ago Hi Team - Do you have sample configurations for Okta? I am trying to follow - https://github.com/provectus/kafka-ui/wiki/OAuth-Configuration but it does not work. Below are my Docker Compose environment variables.
AUTH_OAUTH2_CLIENT_OKTA_AUTHORIZATION-URI: https://trial-7162957.okta.com/oauth2/v1/authorize
AUTH_OAUTH2_CLIENT_OKTA_TOKEN-URI: https://trial-7162957.okta.com/oauth2/v1/token
AUTH_OAUTH2_CLIENT_OKTA_USER_INFO-URI: https://trial-7162957.okta.com/oauth2/v1/userinfo
AUTH_OAUTH2_CLIENT_OKTA_JWK_SET-URI: https://trial-7162957.okta.com/oauth2/v1/keys
SERVER_FORWARDHEADERSSTRATEGY: NATIVE
AUTH_OAUTH2_CLIENT_OKTA_SCOPES: openid profile email groups
AUTH_OAUTH2_CLIENT_OKTA_CLIENTID: ***
AUTH_OAUTH2_CLIENT_OKTA_CLIENTSECRET: **********
AUTH_OAUTH2_CLIENT_OKTA_PROVIDER: okta
AUTH_OAUTH2_CLIENT_OKTA_CUSTOM_PARAMS_TYPE: okta
AUTH_OAUTH2_CLIENT_OKTA_CUSTOM_PARAMS_LOGOUTURL: http://localhost:8080/logout
un-stantane
commented
1 year ago Hi Team - Do you have sample configurations for Okta? I am trying to follow - https://github.com/provectus/kafka-ui/wiki/OAuth-Configuration but it does not work. Below are my Docker Compose environment variables.
AUTH_OAUTH2_CLIENT_OKTA_AUTHORIZATION-URI: https://trial-7162957.okta.com/oauth2/v1/authorize AUTH_OAUTH2_CLIENT_OKTA_TOKEN-URI: https://trial-7162957.okta.com/oauth2/v1/token AUTH_OAUTH2_CLIENT_OKTA_USER_INFO-URI: https://trial-7162957.okta.com/oauth2/v1/userinfo AUTH_OAUTH2_CLIENT_OKTA_JWK_SET-URI: https://trial-7162957.okta.com/oauth2/v1/keys SERVER_FORWARDHEADERSSTRATEGY: NATIVE AUTH_OAUTH2_CLIENT_OKTA_SCOPES: openid profile email groups AUTH_OAUTH2_CLIENT_OKTA_CLIENTID: *** AUTH_OAUTH2_CLIENT_OKTA_CLIENTSECRET: ********** AUTH_OAUTH2_CLIENT_OKTA_PROVIDER: okta AUTH_OAUTH2_CLIENT_OKTA_CUSTOM_PARAMS_TYPE: okta AUTH_OAUTH2_CLIENT_OKTA_CUSTOM_PARAMS_LOGOUTURL: http://localhost:8080/logout
Hi @srikanthprathipati ,
The ENV vars I've posted in the Issue description works fine with 0.4.0 but I haven't tested 0.5.0 using dashes as recommended by @Haarolean yet ...
srikanthprathipati
commented
1 year ago I got it working with volumes with below configutations in applicaiton.yml
auth: type: OAUTH2 oauth2: client: cognito: clientId: clientSecret: ** scope: openid client-name: Sri provider: cognito redirect-uri: http://localhost:8080/login/oauth2/code/cognito authorization-grant-type: authorization_code issuer-uri: https://trial-7162957.okta.com jwk-set-uri: https://trial-7162957.okta.com/oauth2/v1/keys?client_id=0oa3ybsax8i9aTQ9J697 user-name-attribute: sub custom-params: type: cognito logoutUrl: http://localhost:8080/logout
Haarolean
commented
1 year ago Yep, a good solution. We're going to get rid of compose-like configuration in our examples anyway.
linberg
commented
1 year ago No matter which oauth2 provider I use, I get the error Invalid Credentials after authenticating. I have tried with self-hosted oauth2 app, gitlab and google. These are my helm chart values, is there anything I am missing?
AUTH_OAUTH2_CLIENT_GITLAB_CLIENT-ID: REDACTED
AUTH_OAUTH2_CLIENT_GITLAB_CLIENT-SECRET: REDACTED
AUTH_OAUTH2_CLIENT_GITLAB_SCOPE: email
AUTH_OAUTH2_CLIENT_GITLAB_USER-NAME-ATTRIBUTE: username
AUTH_OAUTH2_CLIENT_GITLAB_CUSTOM-PARAMS_TYPE: gitlab
AUTH_OAUTH2_CLIENT_GITLAB_AUTHORIZATION-URI: https://HOSTNAME/oauth2/authorize
AUTH_OAUTH2_CLIENT_GITLAB_TOKEN-URI: https://HOSTNAME/oauth/token
AUTH_OAUTH2_CLIENT_GITLAB_REDIRECT-URI: https://KAFKA_HOSTNAME/login/oauth2/code/gitlab
AUTH_OAUTH2_CLIENT_GITLAB_AUTHORIZATION-GRANT-TYPE: authorization_code
AUTH_OAUTH2_CLIENT_GITLAB_JWK-SET-URI: "https://HOSTNAME/oauth/discovery/keys"
AUTH_OAUTH2_CLIENT_GITLAB_ISSUER-URI: "https://HOSTNAME"i managed to solve the issue using these vars (i am using Kafka-ui in k8s behind ALB)
- env:
- name: AUTH_OAUTH2_CLIENT_OKTA_CLIENTID
value: oktaClientId
- name: AUTH_OAUTH2_CLIENT_OKTA_CLIENTSECRET
value: oktaSecretId
- name: KAFKA_CLUSTERS_0_NAME
value: YOUR_NAME
- name: KAFKA_CLUSTERS_0_BOOTSTRAPSERVERS
value: <your_kafka>:9092
- name: AUTH_TYPE
value: OAUTH2
- name: AUTH_OAUTH2_CLIENT_OKTA_AUTHORIZATION_URI
value: https://<your_name>.okta.com/oauth2/v1/authorize
- name: AUTH_OAUTH2_CLIENT_OKTA_TOKEN_URI
value: https://<your_name>.okta.com/oauth2/v1/token
- name: AUTH_OAUTH2_CLIENT_OKTA_USER_INFO_URI
value: https://<your_name>.okta.com/oauth2/v1/userinfo
- name: AUTH_OAUTH2_CLIENT_OKTA_JWK_SET_URI
value: https://<your_name>.okta.com/oauth2/v1/keys
- name: SERVER_FORWARDHEADERSSTRATEGY
value: NATIVE
- name: AUTH_OAUTH2_CLIENT_OKTA_SCOPES
value: openid profile email groups
- name: AUTH_OAUTH2_CLIENT_OKTA_PROVIDER
value: okta
- name: AUTH_OAUTH2_CLIENT_OKTA_REDIRECT_URI
value: https://<your_kafka_ui_url>/login/oauth2/code/oktaAUTH_OAUTH2_CLIENT_GITLAB_CLIENT-ID: REDACTED AUTH_OAUTH2_CLIENT_GITLAB_CLIENT-SECRET: REDACTED
@linberg you should not use dashes in var names
linberg
commented
1 year ago @un-stantane thanks I will try with your syntax! which version of the helm chart are you using?
Hi there!
I am trying to update our current working kafka-ui
v0.4.0tov0.5.0, but I am facing an issue with the oauth2 configuration.I am running kafka-ui in docker using environment variables to setup the configuration
As recommended, I've updated env vars
from
``` - name: KAFKA_CLUSTERS_0_NAME value: MSK - name: KAFKA_CLUSTERS_0_BOOTSTRAPSERVERS value: "kafka-consumer:9092" - name: KAFKA_CLUSTERS_0_READONLY value: "true" - name: KAFKA_CLUSTERS_0_SCHEMAREGISTRY value: "https://schema-registry.xxx" - name: AUTH_TYPE value: "OAUTH2" - name: SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OKTA_AUTHORIZATION_URI value: "https://xxxx.okta.com/oauth2/v1/authorize" - name: SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OKTA_TOKEN_URI value: "https://xxxx.okta.com/oauth2/v1/token" - name: SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OKTA_USER_INFO_URI value: "https://xxxx.okta.com/oauth2/v1/userinfo" - name: SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_OKTA_JWK_SET_URI value: "https://xxxx.okta.com/oauth2/v1/keys" - name: SERVER_FORWARDHEADERSSTRATEGY value: NATIVE - name: SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_OKTA_SCOPES value: "openid profile email groups" - name: SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_OKTA_CLIENTID value: oktaClientId - name: SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_OKTA_CLIENTSECRET value: oktaSecretId ```to
``` - name: KAFKA_CLUSTERS_0_NAME value: MSK - name: KAFKA_CLUSTERS_0_BOOTSTRAPSERVERS value: kafka-consumer:9092 - name: KAFKA_CLUSTERS_0_READONLY value: "true" - name: KAFKA_CLUSTERS_0_SCHEMAREGISTRY value: https://schema-registry.xxx - name: AUTH_TYPE value: OAUTH2 - name: AUTH_OAUTH2_CLIENT_OKTA_AUTHORIZATION_URI value: https://xxx.okta.com/oauth2/v1/authorize - name: AUTH_OAUTH2_CLIENT_OKTA_TOKEN_URI value: https://xxx.okta.com/oauth2/v1/token - name: AUTH_OAUTH2_CLIENT_OKTA_USER_INFO_URI value: https://xxx.okta.com/oauth2/v1/userinfo - name: AUTH_OAUTH2_CLIENT_OKTA_JWK_SET_URI value: https://xxx.okta.com/oauth2/v1/keys - name: SERVER_FORWARDHEADERSSTRATEGY value: NATIVE - name: AUTH_OAUTH2_CLIENT_OKTA_SCOPES value: openid profile email groups - name: AUTH_OAUTH2_CLIENT_OKTA_CLIENTID value: oktaClientId - name: AUTH_OAUTH2_CLIENT_OKTA_CLIENTSECRET value: oktaSecretId - name: AUTH_OAUTH2_CLIENT_OKTA_PROVIDER value: okta - name: AUTH_OAUTH2_CLIENT_OKTA_CUSTOM_PARAMS_TYPE value: okta - name: AUTH_OAUTH2_CLIENT_OKTA_CUSTOM_PARAMS_LOGOUTURL value: https://kafka-ui.xxx.com/logout ```But unfortunately, the app cannot start and fails with following error:
Full trace
``` 2023-01-23 15:13:41,626 ERROR [main] o.s.b.SpringApplication: Application run failed org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'OAuthLogoutSuccessHandler' defined in URL [jar:file:/kafka-ui-api.jar!/BOOT-INF/classes!/com/provectus/kafka/ui/config/auth/logout/OAuthLogoutSuccessHandler.class]: Unsatisfied dependency expressed through constructor parameter 2; nested exception is org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'defaultOidcLogoutHandler' defined in class path resource [com/provectus/kafka/ui/config/auth/OAuthSecurityConfig.class]: Unsatisfied dependency expressed through method 'defaultOidcLogoutHandler' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'clientRegistrationRepository' defined in class path resource [com/provectus/kafka/ui/config/auth/OAuthSecurityConfig.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository]: Factory method 'clientRegistrationRepository' threw exception; nested exception is java.lang.NullPointerException: Cannot invoke "java.util.Map.get(Object)" because the return value of "com.provectus.kafka.ui.config.auth.OAuthProperties$OAuth2Provider.getCustomParams()" is null at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:800) at org.springframework.beans.factory.support.ConstructorResolver.autowireConstructor(ConstructorResolver.java:229) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.autowireConstructor(AbstractAutowireCapableBeanFactory.java:1372) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1222) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:582) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542) at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335) at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234) at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208) at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:955) at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:918) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:583) at org.springframework.boot.web.reactive.context.ReactiveWebServerApplicationContext.refresh(ReactiveWebServerApplicationContext.java:66) at org.springframework.boot.SpringApplication.refresh(SpringApplication.java:734) at org.springframework.boot.SpringApplication.refreshContext(SpringApplication.java:408) at org.springframework.boot.SpringApplication.run(SpringApplication.java:308) at org.springframework.boot.SpringApplication.run(SpringApplication.java:1306) at org.springframework.boot.SpringApplication.run(SpringApplication.java:1295) at com.provectus.kafka.ui.KafkaUiApplication.main(KafkaUiApplication.java:15) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:568) at org.springframework.boot.loader.MainMethodRunner.run(MainMethodRunner.java:49) at org.springframework.boot.loader.Launcher.launch(Launcher.java:108) at org.springframework.boot.loader.Launcher.launch(Launcher.java:58) at org.springframework.boot.loader.JarLauncher.main(JarLauncher.java:65) Caused by: org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'defaultOidcLogoutHandler' defined in class path resource [com/provectus/kafka/ui/config/auth/OAuthSecurityConfig.class]: Unsatisfied dependency expressed through method 'defaultOidcLogoutHandler' parameter 0; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'clientRegistrationRepository' defined in class path resource [com/provectus/kafka/ui/config/auth/OAuthSecurityConfig.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository]: Factory method 'clientRegistrationRepository' threw exception; nested exception is java.lang.NullPointerException: Cannot invoke "java.util.Map.get(Object)" because the return value of "com.provectus.kafka.ui.config.auth.OAuthProperties$OAuth2Provider.getCustomParams()" is null at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:800) at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:541) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1352) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1195) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:582) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542) at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335) at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234) at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208) at org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:276) at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1391) at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1311) at org.springframework.beans.factory.support.ConstructorResolver.resolveAutowiredArgument(ConstructorResolver.java:887) at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:791) ... 27 common frames omitted Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'clientRegistrationRepository' defined in class path resource [com/provectus/kafka/ui/config/auth/OAuthSecurityConfig.class]: Bean instantiation via factory method failed; nested exception is org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository]: Factory method 'clientRegistrationRepository' threw exception; nested exception is java.lang.NullPointerException: Cannot invoke "java.util.Map.get(Object)" because the return value of "com.provectus.kafka.ui.config.auth.OAuthProperties$OAuth2Provider.getCustomParams()" is null at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:658) at org.springframework.beans.factory.support.ConstructorResolver.instantiateUsingFactoryMethod(ConstructorResolver.java:486) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.instantiateUsingFactoryMethod(AbstractAutowireCapableBeanFactory.java:1352) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBeanInstance(AbstractAutowireCapableBeanFactory.java:1195) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:582) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:542) at org.springframework.beans.factory.support.AbstractBeanFactory.lambda$doGetBean$0(AbstractBeanFactory.java:335) at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:234) at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:333) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:208) at org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:276) at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1391) at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1311) at org.springframework.beans.factory.support.ConstructorResolver.resolveAutowiredArgument(ConstructorResolver.java:887) at org.springframework.beans.factory.support.ConstructorResolver.createArgumentArray(ConstructorResolver.java:791) ... 41 common frames omitted Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [org.springframework.security.oauth2.client.registration.InMemoryReactiveClientRegistrationRepository]: Factory method 'clientRegistrationRepository' threw exception; nested exception is java.lang.NullPointerException: Cannot invoke "java.util.Map.get(Object)" because the return value of "com.provectus.kafka.ui.config.auth.OAuthProperties$OAuth2Provider.getCustomParams()" is null at org.springframework.beans.factory.support.SimpleInstantiationStrategy.instantiate(SimpleInstantiationStrategy.java:185) at org.springframework.beans.factory.support.ConstructorResolver.instantiate(ConstructorResolver.java:653) ... 55 common frames omitted Caused by: java.lang.NullPointerException: Cannot invoke "java.util.Map.get(Object)" because the return value of "com.provectus.kafka.ui.config.auth.OAuthProperties$OAuth2Provider.getCustomParams()" is null at com.provectus.kafka.ui.config.auth.OAuthPropertiesConverter.isGoogle(OAuthPropertiesConverter.java:65) at com.provectus.kafka.ui.config.auth.OAuthPropertiesConverter.applyGoogleTransformations(OAuthPropertiesConverter.java:51) at com.provectus.kafka.ui.config.auth.OAuthPropertiesConverter.applyCustomTransformations(OAuthPropertiesConverter.java:47) at com.provectus.kafka.ui.config.auth.OAuthPropertiesConverter.lambda$convertProperties$0(OAuthPropertiesConverter.java:32) at java.base/java.util.HashMap.forEach(HashMap.java:1421) at com.provectus.kafka.ui.config.auth.OAuthPropertiesConverter.convertProperties(OAuthPropertiesConverter.java:20) at com.provectus.kafka.ui.config.auth.OAuthSecurityConfig.clientRegistrationRepository(OAuthSecurityConfig.java:104) at com.provectus.kafka.ui.config.auth.OAuthSecurityConfig$$EnhancerBySpringCGLIB$$bb379693.CGLIB$clientRegistrationRepository$0(