These are chat archives for spring-cloud/spring-cloud

26th
Jan 2017
Mike Liu
@mikexliu
Jan 26 2017 00:09
@dsyer
that's odd, when i debug through the server's client, i don't see it going through the basic auth filter, but i see it in my other services. (and when i breakpoint it, it doesn't go through the filter logic on Batch update failure with HTTP status code 401; discarding 2 replication tasks
i'm resisting adding the basic auth to the url because i'd prefer to not have it in the properties
Spencer Gibb
@spencergibb
Jan 26 2017 01:13
@joshfix there might be a race condition of some kind there. It's a bit odd that your controller is everything, controller, properties and listener.
Josh Fix
@joshfix
Jan 26 2017 08:54
I built the listener and properties as a small proof of concept for executing some code when Consul pushes updates. After I saw the odd behavior I added the controller to fetch the value after the first update to verify it is actually getting updated, but only after the event.
I'll break it out into separate classes and if I still see it, I'll write up a small sample app
Josh Fix
@joshfix
Jan 26 2017 14:07
@spencergibb i went ahead and created a small demo app. repeatable steps are listed in the readme
Bryan Perino
@bryantp
Jan 26 2017 18:11
@dsyer Interesting problem. Your filtering worked excellent, got rid of the StackOverflow exception I was having. However, there is a problem whenever I try to authenticate. There is this piece of logic in AccessTokenProviderChain that determines if it is capable of obtaining an access token:
        for (AccessTokenProvider tokenProvider : chain) {
            if (tokenProvider.supportsResource(details)) {
                return tokenProvider.obtainAccessToken(details, request);
            }
        }
tokenProvider.supportsResource is implemented in AuthorizationCodeAccessTokenProvider like so:
    public boolean supportsResource(OAuth2ProtectedResourceDetails resource) {
        return resource instanceof AuthorizationCodeResourceDetails
                && "authorization_code".equals(resource.getGrantType());
    }
The problem is that my request scoped bean OAuth2ProtectedResourceDetails is a proxy and not an instance of OAuth2ProtectedResourceDetails. So it fails and I am unable to retrieve an auth token.
Bryan Perino
@bryantp
Jan 26 2017 18:17
Changing the scope to TargetClass results in No thread-bound request found errors
My full implementation of the BPP:
  @Override
    public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
        if(bean instanceof AuthorizationCodeResourceDetails &&
                !beanName.equals("customerAuthCodeDetails") &&
                !beanName.startsWith("scopedTarget")){
            return coerce();
        }
        return bean;
    }

    private Object coerce(){
        return context.getBean("customerAuthCodeDetails");
    }

    @Bean(name = "customerAuthCodeDetails")
    @Scope(value = "request", proxyMode = ScopedProxyMode.INTERFACES)
    public AuthorizationCodeResourceDetails customerAuthCodeDetails(){
        AuthorizationCodeResourceDetails details = new AuthorizationCodeResourceDetails();
        final String currentAccessTokenUri = "http://coke.uaa.mysite.io:8080/uaa/oauth/token";
        final String userAuthUrl = "http://coke.uaa.mysite.io:8080/uaa/oauth/authorize";
        details.setAccessTokenUri(currentAccessTokenUri);
        details.setUserAuthorizationUri(userAuthUrl);
        return details;
    }
Dave Syer
@dsyer
Jan 26 2017 18:46
I'm pretty sure that bean need to be @Lazy
Nothing to do with the proxy mode
(and only TARGET_CLASS will work for the reason you identified)
Bryan Perino
@bryantp
Jan 26 2017 18:59
I get this error:
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'oauth2RemoteResource': Could not bind properties to AuthorizationCodeResourceDetails (prefix=security.oauth2.client, ignoreInvalidFields=false, ignoreUnknownFields=true, ignoreNestedProperties=false); nested exception is org.springframework.validation.BindException: org.springframework.boot.bind.RelaxedDataBinder$RelaxedBeanPropertyBindingResult: 5 errors
Field error in object 'security.oauth2.client' on field 'accessTokenUri': rejected value [http://uaa.mysitestack.io:8080/uaa/oauth/token]; codes [methodInvocation.security.oauth2.client.accessTokenUri,methodInvocation.accessTokenUri,methodInvocation.java.lang.String,methodInvocation]; arguments [org.springframework.context.support.DefaultMessageSourceResolvable: codes [security.oauth2.client.accessTokenUri,accessTokenUri]; arguments []; default message [accessTokenUri]]; default message [Property 'accessTokenUri' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'scopedTarget.customerAuthCodeDetails': Scope 'request' is not active for the current thread; consider defining a scoped proxy for this bean if you intend to refer to it from a singleton; nested exception is java.lang.IllegalStateException: No thread-bound request found: Are you referring to request attributes outside of an actual web request, or processing a request outside of the originally receiving thread? If you are actually operating within a web request and still receive this message, your code is probably running outside of DispatcherServlet/DispatcherPortlet: In this case, use RequestContextListener or RequestContextFilter to expose the current request.]
Field error in object 'security.oauth2.client' on field 'userAuthorizationUri': rejected value [http://uaa.mysitestack.io:8080/uaa/oauth/authorize]; codes [methodInvocation.security.oauth2.client.userAuthorizationUri,methodInvocation.userAuthorizationUri,methodInvocation.java.lang.String,methodInvocation]; arguments [org.springframework.context.support.DefaultMessageSourceResolvable: codes [security.oauth2.client.userAuthorizationUri,userAuthorizationUri]; arguments []; default message [userAuthorizationUri]]; default message [Property 'userAuthorizationUri' threw exception; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'scopedTarget.customerAuthCodeDetails': Scope 'request' is not active for the current thread; consider defining a scoped proxy for this bean if you intend to refer to it from a singleton; nested exception is java.lang.IllegalStateException: No thread-bound request found: Are you referring to request attributes outside of an actual web request, or processing a request outside of the originally receiving thread? If you are actually operating within a web request and still receive this message, your code is probably running outside of DispatcherServlet/DispatcherPortlet: In this case, use RequestContextListener or RequestContextFilter to expose the current request.]
Field error in object 'security.oauth2.client' on field 'clientId': rejected value [store-ui]; codes [methodInvocation.security.oauth2.client.clientId,methodInvocation.clientId,methodInvocation.java.lang.String,methodInvocation]; arguments [org.springframework.context.support.DefaultMessageSourceResolvable: codes [security.oauth2.client.clientId,clientId]; arguments []; default message [clientId]]; default message
with this bean definition:
    @Bean(name = "customerAuthCodeDetails")
    @Lazy
    @Scope(value = "request", proxyMode = ScopedProxyMode.TARGET_CLASS)
    public AuthorizationCodeResourceDetails customerAuthCodeDetails(){
        AuthorizationCodeResourceDetails details = new AuthorizationCodeResourceDetails();
        final String currentAccessTokenUri = "http://coke.uaa.mysite.io:8080/uaa/oauth/token";
        final String userAuthUrl = "http://coke.uaa.mysite.io:8080/uaa/oauth/authorize";
        details.setAccessTokenUri(currentAccessTokenUri);
        details.setUserAuthorizationUri(userAuthUrl);
        details.setClientSecret("client");
        details.setClientId("client-secret");
        return details;
    }
anixan
@anixan
Jan 26 2017 21:12
Hi All, Anyone here using spring cloud data flow? are there any good examples out there involving https requests?