search

slackapi / java-slack-sdk

Slack Developer Kit (including Bolt for Java) for any JVM language
https://slack.dev/java-slack-sdk/
MIT License
570 stars 209 forks source link

auth.test API timeout with SSLException in develop environment but works fine in local #1263

Closed zhanghedr closed 7 months ago

zhanghedr commented 7 months ago

I am using Slack Java SDK to build Slack bot. I am using both web API to post message and event socket mode to do custom logic. It works fine in local but failed in our develop pods. I think the core failure is auth.test API timeout (SSLException).

The Slack SDK version

implementation("com.slack.api:bolt-socket-mode:1.36.1") implementation("javax.websocket:javax.websocket-api:1.1") implementation("org.glassfish.tyrus.bundles:tyrus-standalone-client:1.19")

Java Runtime version

openjdk version "1.8.0_292" OpenJDK Runtime Environment (build 1.8.0_292-8u292-b10-0ubuntu1~18.04-b10) OpenJDK 64-Bit Server VM (build 25.292-b10, mixed mode)

OS info

Linux 5.10.186-179.751.amzn2.x86_64 #1 SMP Tue Aug 1 20:51:38 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux

Steps to reproduce:

image

Expected result:

Make socket connection with slack server when SpringBoot starts. Call web API and receive event correctly. Also curl auth.test without issue.

Actual result:

auth.test error: ERROR 2024-01-05 19:09:23.212 [http-nio-8080-exec-7] c.slack.api.methods.impl.TeamIdCache - Failed to call auth.test API (error: Read timed out) javax.net.ssl.SSLException: Read timed out at sun.security.ssl.Alert.createSSLException(Alert.java:127) at sun.security.ssl.TransportContext.fatal(TransportContext.java:324) at sun.security.ssl.TransportContext.fatal(TransportContext.java:267) at sun.security.ssl.TransportContext.fatal(TransportContext.java:262) at sun.security.ssl.SSLTransport.decode(SSLTransport.java:138) at sun.security.ssl.SSLSocketImpl.decode(SSLSocketImpl.java:1383) at sun.security.ssl.SSLSocketImpl.readHandshakeRecord(SSLSocketImpl.java:1291) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:435) at okhttp3.internal.connection.RealConnection.connectTls(RealConnection.kt:379) at okhttp3.internal.connection.RealConnection.establishProtocol(RealConnection.kt:337) at okhttp3.internal.connection.RealConnection.connect(RealConnection.kt:209) at okhttp3.internal.connection.ExchangeFinder.findConnection(ExchangeFinder.kt:226) at okhttp3.internal.connection.ExchangeFinder.findHealthyConnection(ExchangeFinder.kt:106) at okhttp3.internal.connection.ExchangeFinder.find(ExchangeFinder.kt:74) at okhttp3.internal.connection.RealCall.initExchange$okhttp(RealCall.kt:255) at okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.kt:32) at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109) at okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.kt:95) at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109) at okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.kt:83) at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109) at okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.kt:76) at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109) at com.slack.api.util.http.UserAgentInterceptor.intercept(UserAgentInterceptor.java:43) at okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109) at okhttp3.internal.connection.RealCall.getResponseWithInterceptorChain$okhttp(RealCall.kt:201) at okhttp3.internal.connection.RealCall.execute(RealCall.kt:154) at com.slack.api.util.http.SlackHttpClient.postFormWithAuthorizationHeader(SlackHttpClient.java:187) at com.slack.api.util.http.SlackHttpClient.postFormWithBearerHeader(SlackHttpClient.java:174) at com.slack.api.methods.impl.MethodsClientImpl.runPostFormWithToken(MethodsClientImpl.java:3350) at com.slack.api.methods.impl.TeamIdCache.lambda$lookupOrResolve$0(TeamIdCache.java:43) at java.util.concurrent.ConcurrentHashMap.computeIfAbsent(ConcurrentHashMap.java:1660) at com.slack.api.methods.impl.TeamIdCache.lookupOrResolve(TeamIdCache.java:67) at com.slack.api.methods.impl.TeamIdCache.lookupOrResolve(TeamIdCache.java:40) at com.slack.api.methods.impl.MethodsClientImpl.postFormWithTokenAndParseResponse(MethodsClientImpl.java:3488) at com.slack.api.methods.impl.MethodsClientImpl.chatPostMessage(MethodsClientImpl.java:1760)

Socket Mode server connection error: ERROR 2024-01-05 12:33:12.952 [socket-mode-session-monitor-worker-36] c.s.api.socket_mode.SocketModeClient - Failed to reconnect to Socket Mode server: javax.websocket.DeploymentException: Connection to 'wss://wss-primary.slack.com/link/?ticket=eaf6cd9f-37c5-4868-9a9b-12a2a8df7d87&app_id=080c5f750b3d0bd4da30ef8791870508d1ff78aef8cc31eb265eb4961f7c0e8c' failed. java.io.IOException: javax.websocket.DeploymentException: Connection to 'wss://wss-primary.slack.com/link/?ticket=eaf6cd9f-37c5-4868-9a9b-12a2a8df7d87&app_id=080c5f750b3d0bd4da30ef8791870508d1ff78aef8cc31eb265eb4961f7c0e8c' failed. at com.slack.api.socket_mode.impl.SocketModeClientTyrusImpl.connect(SocketModeClientTyrusImpl.java:173) at com.slack.api.socket_mode.SocketModeClient.connectToNewEndpoint(SocketModeClient.java:66) at com.slack.api.socket_mode.impl.SocketModeClientTyrusImpl.maintainCurrentSession(SocketModeClientTyrusImpl.java:137) at com.slack.api.socket_mode.SocketModeClient.lambda$initializeSessionMonitorExecutor$1(SocketModeClient.java:184) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:308) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:180) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:294) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748) Caused by: javax.websocket.DeploymentException: Connection to 'wss://wss-primary.slack.com/link/?ticket=eaf6cd9f-37c5-4868-9a9b-12a2a8df7d87&app_id=080c5f750b3d0bd4da30ef8791870508d1ff78aef8cc31eb265eb4961f7c0e8c' failed. at org.glassfish.tyrus.container.grizzly.client.GrizzlyClientSocket._connect(GrizzlyClientSocket.java:384) at org.glassfish.tyrus.container.grizzly.client.GrizzlyClientSocket.access$000(GrizzlyClientSocket.java:81) at org.glassfish.tyrus.container.grizzly.client.GrizzlyClientSocket$1.call(GrizzlyClientSocket.java:212) at org.glassfish.tyrus.container.grizzly.client.GrizzlyClientSocket$1.call(GrizzlyClientSocket.java:208) at org.glassfish.tyrus.container.grizzly.client.GrizzlyClientSocket.connect(GrizzlyClientSocket.java:226) at org.glassfish.tyrus.container.grizzly.client.GrizzlyClientContainer.openClientSocket(GrizzlyClientContainer.java:72) at org.glassfish.tyrus.client.ClientManager$3$1.run(ClientManager.java:647) at org.glassfish.tyrus.client.ClientManager$3.run(ClientManager.java:696) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) at java.util.concurrent.FutureTask.run(FutureTask.java:266) at org.glassfish.tyrus.client.ClientManager$SameThreadExecutorService.execute(ClientManager.java:849) at java.util.concurrent.AbstractExecutorService.submit(AbstractExecutorService.java:112) at org.glassfish.tyrus.client.ClientManager.connectToServer(ClientManager.java:493) at org.glassfish.tyrus.client.ClientManager.connectToServer(ClientManager.java:355) at com.slack.api.socket_mode.impl.SocketModeClientTyrusImpl.connect(SocketModeClientTyrusImpl.java:170)

When I try to curl like this: curl --request POST -H 'Authorization: Bearer xoxb-xx' -H 'Content-Type:application/json' --data '{"token":"xx","challenge":"xx","type":"url_verification"}' https://slack.com/api/auth.test

I got right response in local. But error in develop environment: curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection to slack.com:443

filmaj commented 7 months ago

It seems to me that this is not a problem with this SDK but rather with the environment you are deploying in. Since it works locally for you when curling the slack.com/api/auth.test endpoint, that production endpoint works as expected (otherwise, we would probably get hundreds of issues filed from the thousands of Bolt apps that rely on this endpoint constantly!)

My guess is there is some kind of proxy or other network infrastructure at play in your deployment environment that causes an issue during the TLS handshake.

filmaj commented 7 months ago

Try curling the endpoint in your development environment with the -v flag to see where during the HTTP request the failure happens. Seems like it is an SSL issue, so during the TLS handshake, so pretty early on in the request lifecycle.

filmaj commented 7 months ago

If you search StackOverflow for the curl error you reported, most reports state that a network proxy is used in that causes TLS handshake issues.

I will close this issue down as this is not a problem with the java-slack-sdk but rather it is an issue specific to your environment.