Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Problem with cookie-cipher-secret-key #24

Closed
luiscinfo opened this issue Jun 11, 2024 · 8 comments
Closed

Problem with cookie-cipher-secret-key #24

luiscinfo opened this issue Jun 11, 2024 · 8 comments

Comments

@luiscinfo
Copy link

luiscinfo commented Jun 11, 2024
edited
Loading

Im trying to add authentication to Spark using this filter. Im using:

  • Keycloak
  • Spark 3.5.1

Im identifying that there is something strange in terms of the cookie-cipher-secret-key. Im seeing this message (already logged in)

image

To generate the key Im using the comand that is in the documentation: openssl enc -aes-128-cbc -k <PASS PHRASE> -P -md sha1 -pbkdf2. The output is this:

image

Im putting the key value as the value of cookie-cipher-secret-key

It seams that there is an issue encoding and decoding but I don't seem to find the problem. ¿Is it possible that this is due to a wrong key cookie-key definition?
@idirze
Copy link
Contributor

idirze commented Jun 13, 2024

Hello @luiscinfo

Thanks for the issue.
The key seems to be correct and there was no error during decryption.
Can you please remove the spark history okdp Cookie from the browser or use browser incognito mode and try again? The Cookie name starts with OKDP.

@luiscinfo
Copy link
Author

Hi @idirze ,

I've tried in incoginto mode many times, also in different browsers but the issue persists. ¿Have you ever experienced this before?

@idirze
Copy link
Contributor

idirze commented Jun 14, 2024

No, we have not hitted this issue before.
To help reproduce the issue from my side, what is the java base image and version you use to build your spark image?

Alternatively, can you try with this image: ?

  • quay.io/okdp/spark:spark-3.5.1-scala-2.13-java-17 or
  • quay.io/okdp/spark:spark-3.5.1-scala-2.12-java-17

@luiscinfo
Copy link
Author

Im currently using this Spark image: bitnami/spark:3.5.1. I would like to try the images that you mention, ¿is it possible that you can provide me with a configuration example for docker-compose.yml with those images?

idirze added a commit that referenced this issue Jun 14, 2024
@idirze
fix: Fix Base64 Encoding/Decoding issue happening on some jdk distrib…
a26826e 
…utions (bitnami) #24
@idirze
Copy link
Contributor

idirze commented Jun 14, 2024

There is an issue, related to base64 encoding/decoding logic in the filter, with the bitnami jdk which does not happen in other JDKs distributions tested until now.
I have pushed a fix as a pre-release here: https://github.com/OKDP/okdp-spark-auth-filter/releases/tag/v1.2.2
Can you please, test with the jar okdp-spark-auth-filter-1.2.2.jar also included in the Assets

@idirze idirze mentioned this issue Jun 19, 2024
Merged
@luiscinfo
Copy link
Author

Hi @idirze ,

We have tested the change in 1.2.2 with bitnami/spark images (3.5.1 exactly) and it works correctly. We appreciate that you have taken the time to make the changes.

idirze added a commit that referenced this issue Jun 25, 2024
@idirze
fix: Fix Base64 Encoding/Decoding issue happening on some jdk distrib…
fac895c 
…utions (bitnami) #24
@github-actions github-actions bot mentioned this issue Jul 1, 2024
Merged
@idirze
Copy link
Contributor

idirze commented Jul 1, 2024

I close the issue. Fixed by v1.2.2.

1 similar comment
@idirze
Copy link
Contributor

idirze commented Jul 1, 2024

I close the issue. Fixed by v1.2.2.

@idirze idirze closed this as completed Jul 1, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@idirze @luiscinfo