This repository has been archived by the owner on Oct 12, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 25
WARN okhttp3.OkHttpClient: A connection was leaked #81
Comments
Small app to reproduce the issue. Note that I used version 1.1.2 here since the warning seems to occur sooner/more often compared to 1.2.0 Just run the app and call Application.java package com.jb.azure.keyvault.test;
import com.microsoft.aad.adal4j.AuthenticationContext;
import com.microsoft.aad.adal4j.AuthenticationResult;
import com.microsoft.aad.adal4j.ClientCredential;
import com.microsoft.azure.keyvault.KeyVaultClient;
import com.microsoft.azure.keyvault.authentication.KeyVaultCredentials;
import com.microsoft.azure.keyvault.models.SecretBundle;
import java.net.MalformedURLException;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.Future;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
@SpringBootApplication
@RestController
public class Application {
private static final String SP_USER = "dummy";
private static final String SP_PASS = "dummy";
private static final String VAULT = "https://xxx.vault.azure.net/";
private static final String SECRET = "dummy";
private static final Logger LOG = LoggerFactory.getLogger(Application.class);
private final KeyVaultClient client;
public static void main(String[] args) {
SpringApplication.run(Application.class, args);
}
public Application() {
this.client = new KeyVaultClient(new AzureKeyVaultCredentials(
SP_USER, SP_PASS, Executors.newSingleThreadExecutor()));
}
@GetMapping("/")
public String index() {
SecretBundle bundle = client.getSecret(VAULT, SECRET);
if (bundle == null) {
throw new RuntimeException(String.format("Secret %s not found", SECRET));
}
LOG.info("Found secret");
return "Found secret " + bundle.id();
}
class AzureKeyVaultCredentials extends KeyVaultCredentials {
private final String clientId;
private final String clientKey;
private final ExecutorService executorService;
public AzureKeyVaultCredentials(String clientId, String clientKey, ExecutorService executorService) {
this.clientId = clientId;
this.clientKey = clientKey;
this.executorService = executorService;
}
@Override
public String doAuthenticate(String authorization, String resource, String scope) {
try {
final AuthenticationContext context = new AuthenticationContext(authorization, false, executorService);
final ClientCredential credential = new ClientCredential(this.clientId, this.clientKey);
final Future<AuthenticationResult> future = context.acquireToken(resource, credential, null);
AuthenticationResult result = future.get(60L, TimeUnit.SECONDS);
return result.getAccessToken();
} catch (MalformedURLException | TimeoutException | ExecutionException ex) {
throw new IllegalStateException("Failed to do authentication.", ex);
} catch (InterruptedException ex) {
Thread.currentThread().interrupt();
throw new IllegalStateException("Failed to do authentication.", ex);
}
}
}
} pom.xml <?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.jb</groupId>
<artifactId>azure-keyvault-test</artifactId>
<version>0.0.1-SNAPSHOT</version>
<packaging>jar</packaging>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<maven.compiler.source>10</maven.compiler.source>
<maven.compiler.target>10</maven.compiler.target>
</properties>
<dependencies>
<dependency>
<groupId>com.microsoft.azure</groupId>
<artifactId>azure-client-authentication</artifactId>
<version>1.6.1</version>
</dependency>
<dependency>
<groupId>com.microsoft.azure</groupId>
<artifactId>azure-keyvault</artifactId>
<version>1.1.2</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
</dependencies>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-dependencies</artifactId>
<version>2.0.3.RELEASE</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project> logs
|
Observing the same behaviour, in our case we get a new thread allocated for any getSecret() operation:
|
Seems to fix the issue. |
@FireDrunk Where/when do you call this |
I've just added it after the end of my 'get all relevant info from keyvault' function, I don't know what the minimal amount of eviction's would be. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Hi all,
First off, I'm really glad with the 1.2.0 update. It was a huge improvement in our app performance 馃槂
Having run our app for a while we see lots of random warnings in our logs about a connection leakage.
In a small app based on spring boot with a single rest endpoint calling keyvault I got the same warning.
The warning does not happen for every call to keyvault, it only occurs sometimes (seemingly random).
Note that we encountered this same warning using version 1.1.2 of this library.
Piece of code calling this library
Doing an online search I found more people using retrofit/okhttp have seen this.
square/retrofit#1556
square/retrofit#2675
square/okhttp#2311
Main point is that somewhere something was not closed properly.
Since return value of
KeyVaultClient.getSecret()
is aSecretBundle
I am not able to close anything myself.Please provide a fix for this warning
The text was updated successfully, but these errors were encountered: