HttpClient not initialized correctly in version 2.11 (regression from 2.10.5)

[dbahatSAP]

Please first read carefully Report an issue section before creating an Issue.

Issue Summary

• A clear and concise description of the issue.
  Initializing a spring boot app using version 2.11 fails to correctly initialize the default http client (worked in 2.10.5)
• Steps to reproduce the problem: 1. 2. 3.

1. Create a spring boot app that uses xsuaaTokenFlows.clientCredentialsTokenFlow(), using the default http client and auto spring config.
2. In the app properties set the xsuaa configuration to use x509 certificate authentication.
3. Start the app (com.sap.cloud.security logs on DEBUG)

• What is the expected result?
  The x509 certificate should get loaded into the http client during init, and following request to fetching a token should work (worked in version 2.10.5)
• What happened instead?
  The certificate doesn't appear to get loaded. mTLS during token generation fails due to missing client certificate.
• Additional information? (attach screenshots if applicable)
  Test app - https://github.wdf.sap.corp/hcp-reporting/metering-demo-app
  Logs:

Version 2.10.5 (worked)

Version 2.11 (the issue)

[liga-oz]

Hi @dbahatSAP,

it seems to choose the non X509 http client because the ClientIdentity class apparently can't find the certificate and key from the XsuaaServiceConfiguration. There is a check that was introduced with 2.11.0 that requires both to be present. Are you using XsuaaServiceConfigurationDefault configuration?

[nenaraab]

@dbahatSAP just released: https://github.com/SAP/cloud-security-xsuaa-integration/releases/tag/2.11.1

Thanks for the report!

[dbahatSAP]

Thanks for the quick fix!