Query SET autocommit=0
Query select token_id, token from oauth_access_token where authentication_id = 'c15f3618159c9dd19cd195e565012eac'
Query select token_id, authentication from oauth_access_token where token_id = 'e756ac9f17eb30b6931917af9e6961f1'
Query delete from oauth_access_token where token_id = 'e756ac9f17eb30b6931917af9e6961f1'
Query rollback
Query SET autocommit=1
Stacktrace
[http-nio-8060-exec-1] WARN org.springframework.security.oauth2.provider.token.store.JdbcTokenStore - Failed to deserialize authentication for b79711ed-87f5-4a21-bc96-5c677a44116b
java.lang.IllegalArgumentException: java.io.InvalidClassException: org.springframework.security.core.authority.SimpleGrantedAuthority; local class incompatible: stream classdesc serialVersionUID = 400, local class serialVersionUID = 410
at org.springframework.security.oauth2.common.util.SerializationUtils.deserialize(SerializationUtils.java:40)
at org.springframework.security.oauth2.provider.token.store.JdbcTokenStore.deserializeAuthentication(JdbcTokenStore.java:405)
at org.springframework.security.oauth2.provider.token.store.JdbcTokenStore$3.mapRow(JdbcTokenStore.java:198)
at org.springframework.security.oauth2.provider.token.store.JdbcTokenStore$3.mapRow(JdbcTokenStore.java:1)
at org.springframework.jdbc.core.RowMapperResultSetExtractor.extractData(RowMapperResultSetExtractor.java:93)
at org.springframework.jdbc.core.RowMapperResultSetExtractor.extractData(RowMapperResultSetExtractor.java:60)
at org.springframework.jdbc.core.JdbcTemplate$1.doInPreparedStatement(JdbcTemplate.java:697)
at org.springframework.jdbc.core.JdbcTemplate.execute(JdbcTemplate.java:633)
at org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:684)
at org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:716)
at org.springframework.jdbc.core.JdbcTemplate.query(JdbcTemplate.java:726)
at org.springframework.jdbc.core.JdbcTemplate.queryForObject(JdbcTemplate.java:800)
at org.springframework.security.oauth2.provider.token.store.JdbcTokenStore.readAuthentication(JdbcTokenStore.java:195)
at org.springframework.security.oauth2.provider.token.store.JdbcTokenStore.getAccessToken(JdbcTokenStore.java:129)
at org.springframework.security.oauth2.provider.token.DefaultTokenServices.createAccessToken(DefaultTokenServices.java:84)
This happened after the Spring upgrade.
Method "public OAuth2Authentication readAuthentication(String token)" https://github.com/spring-projects/spring-security-oauth/blob/master/spring-security-oauth2/src/main/java/org/springframework/security/oauth2/provider/token/store/JdbcTokenStore.java#L191-191 returns null. Then it passed to "public String extractKey(OAuth2Authentication authentication)" https://github.com/spring-projects/spring-security-oauth/blob/master/spring-security-oauth2/src/main/java/org/springframework/security/oauth2/provider/token/DefaultAuthenticationKeyGenerator.java#L42-42 Where it caused NPE. That itself caused transaction rollback:
Stacktrace