Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Spring Zeebe SDK] Token not refreshed #17799

Closed
nicpuppa opened this issue Apr 25, 2024 · 2 comments · Fixed by #18166
Closed

[Spring Zeebe SDK] Token not refreshed #17799

nicpuppa opened this issue Apr 25, 2024 · 2 comments · Fixed by #18166
Assignees
@ana-vinogradova-camunda
Labels
component/zeebe Related to the Zeebe component/team kind/bug Categorizes an issue or PR as a bug scope/spring-boot-starter-camunda Spring Boot Starter Camunda support Marks an issue as related to a customer support request version:8.5.1 Marks an issue as being completely or in parts released in 8.5.1

Comments

@nicpuppa
Copy link
Contributor

Describe the bug

The Zeebe token is not refreshed after 5 minutes

2024-04-24T17:43:46.401+03:00  WARN 85729 --- [ault-executor-2] io.camunda.zeebe.client.job.poller     : Failed to activate jobs for worker demoService#foo and job type foo

io.grpc.StatusRuntimeException: UNAUTHENTICATED: Failed to parse bearer token, see cause for details
	at io.grpc.Status.asRuntimeException(Status.java:533) ~[grpc-api-1.62.2.jar:1.62.2]
	at io.grpc.stub.ClientCalls$StreamObserverToCallListenerAdapter.onClose(ClientCalls.java:481) ~[grpc-stub-1.62.2.jar:1.62.2]
	at io.grpc.internal.ClientCallImpl.closeObserver(ClientCallImpl.java:574) ~[grpc-core-1.62.2.jar:1.62.2]
	at io.grpc.internal.ClientCallImpl.access$300(ClientCallImpl.java:72) ~[grpc-core-1.62.2.jar:1.62.2]
	at io.grpc.internal.ClientCallImpl$ClientStreamListenerImpl$1StreamClosed.runInternal(ClientCallImpl.java:742) ~[grpc-core-1.62.2.jar:1.62.2]
	at io.grpc.internal.ClientCallImpl$ClientStreamListenerImpl$1StreamClosed.runInContext(ClientCallImpl.java:723) ~[grpc-core-1.62.2.jar:1.62.2]
	at io.grpc.internal.ContextRunnable.run(ContextRunnable.java:37) ~[grpc-core-1.62.2.jar:1.62.2]
	at io.grpc.internal.SerializingExecutor.run(SerializingExecutor.java:133) ~[grpc-core-1.62.2.jar:1.62.2]
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1144) ~[na:na]
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:642) ~[na:na]
	at java.base/java.lang.Thread.run(Thread.java:1583) ~[na:na]

To Reproduce

  • Install camunda platform 8.5 SM
  • Unzip demo-application token_not_refreshed.zip
  • Run application and wait 5 Minutes:
mvn package
java -jar target/token-not-refreshed-0.0.1-SNAPSHOT.jar

Expected behavior

Token is refreshed

Environment:

  • OS:
  • Zeebe Version: 8.5
  • Configuration:
@nicpuppa nicpuppa added kind/bug Categorizes an issue or PR as a bug support Marks an issue as related to a customer support request component/zeebe Related to the Zeebe component/team scope/spring-boot-starter-camunda Spring Boot Starter Camunda labels Apr 25, 2024
@nicpuppa
Copy link
Contributor Author

@megglos had a first look into this bug. It seems that the sdk is using a custom Auth Provider Impl, not the same of the Java Client.

Seems that the logic for refreshing the token is missing in the SDK.

@megglos
Copy link
Contributor

megglos commented Apr 25, 2024

Seems that the logic for refreshing the token is missing in the SDK.

To add on that, refreshing the token in case of a 401. There is some general refresh logic based on the expiry date of the token, however if for some reason that isn't effective or the token became invalid the setup may seem to miss forcing a refresh.

@nicpuppa nicpuppa mentioned this issue May 1, 2024
Closed
Merged
github-merge-queue bot pushed a commit that referenced this issue May 3, 2024
@nicpuppa
Fixing token validity verification that was causing authentication er…
44bf6d6 
…ror (#18166)

Fix for [this issue](#17799)

- Before the fix: token was still considered valid for 30 seconds after
its expiration. That was resulting in `UNAUTHENTICATED` error.
- The fix: method to check for token validity returns false if token
already expired by now.

## Related issues

closes #17799
@backport-action backport-action mentioned this issue May 3, 2024
Merged
github-merge-queue bot pushed a commit that referenced this issue May 7, 2024
@nicpuppa
[Backport stable/8.5] Fixing token validity verification that was cau…
d05d646 
…sing authentication error (#18202)

# Description
Backport of #18166 to `stable/8.5`.

relates to #17799
original author: @ana-vinogradova-camunda
@Zelldon Zelldon added the version:8.5.1 Marks an issue as being completely or in parts released in 8.5.1 label May 7, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ana-vinogradova-camunda ana-vinogradova-camunda

Labels
component/zeebe Related to the Zeebe component/team kind/bug Categorizes an issue or PR as a bug scope/spring-boot-starter-camunda Spring Boot Starter Camunda support Marks an issue as related to a customer support request version:8.5.1 Marks an issue as being completely or in parts released in 8.5.1
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fixing token validity verification that was causing authentication error camunda/camunda
4 participants
@megglos @Zelldon @nicpuppa @ana-vinogradova-camunda