Uploaded image for project: 'Infinispan'
  1. Infinispan
  2. ISPN-13173

oauth2-introspection is unable to parse client-ssl-context

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • Major
    • Resolution: Done
    • 12.1.5.Final, 13.0.0.Dev02
    • 13.0.0.C2
    • None
    • None

    Description

      There are a couple of issues with <oauth2-introspection> configuration:

      In org.infinispan.server.configuration.security.OAuth2Configuration, the attribute set does not contains CLIENT_SSL_CONTEXT and it has the wrong class file.

      See:

         static AttributeSet attributeDefinitionSet() {
            return new AttributeSet(KeyStoreConfiguration.class, CLIENT_ID, CLIENT_SECRET, INTROSPECTION_URL, HOST_VERIFICATION_POLICY);
         }
      

      It prevents the attribute to parsed:

      2021-07-13 19:09:51,178 FATAL (main) [org.infinispan.SERVER] ISPN080028: Infinispan Server failed to start java.lang.IllegalArgumentException: ISPN000915: No such attribute 'clientSslContext' in attribute set 'KeyStoreConfiguration'
              at org.infinispan.commons.configuration.attributes.AttributeSet.attribute(AttributeSet.java:108)
              at org.infinispan.server.configuration.security.OAuth2ConfigurationBuilder.clientSSLContext(OAuth2ConfigurationBuilder.java:54)
              at org.infinispan.server.configuration.ServerConfigurationParser.parseOauth2Introspection(ServerConfigurationParser.java:559)
              at org.infinispan.server.configuration.ServerConfigurationParser.parseTokenRealm(ServerConfigurationParser.java:501)
      

      After adding the missing attribute, I'm still getting an NPE. It looks like realms is null

      2021-07-13 19:15:41,119 FATAL (main) [org.infinispan.SERVER] ISPN080028: Infinispan Server failed to start java.lang.NullPointerException
      	at org.infinispan.server.configuration.security.OAuth2ConfigurationBuilder.clientSSLContext(OAuth2ConfigurationBuilder.java:55)
      	at org.infinispan.server.configuration.ServerConfigurationParser.parseOauth2Introspection(ServerConfigurationParser.java:559)
      	at org.infinispan.server.configuration.ServerConfigurationParser.parseTokenRealm(ServerConfigurationParser.java:501)
      

      Attachments

        Activity

          People

            ttarrant@redhat.com Tristan Tarrant
            pruivo@redhat.com Pedro Ruivo
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: