-
-
Notifications
You must be signed in to change notification settings - Fork 598
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
JWT expired in Eclipse Che after upgrading from 2023.10.7 to 2024.2.2 #8834
Comments
Another backtrace of Eclipse Che after our Authentik upgrade to 2024.2.2 HTTP Status 500 – Internal Server Error
Type Exception Report
Message JWT expired at 2024-03-06T14:12:53Z. Current time: 2024-03-06T15:43:45Z, a difference of 5449154 milliseconds. Allowed clock skew: 3000 milliseconds.
Description The server encountered an unexpected condition that prevented it from fulfilling the request.
Exception
io.jsonwebtoken.ExpiredJwtException: JWT expired at 2024-03-06T14:12:53Z. Current time: 2024-03-06T15:43:45Z, a difference of 5449154 milliseconds. Allowed clock skew: 3000 milliseconds.
io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:448)
io.jsonwebtoken.impl.DefaultJwtParser.parse(DefaultJwtParser.java:550)
io.jsonwebtoken.impl.DefaultJwtParser.parseClaimsJws(DefaultJwtParser.java:610)
io.jsonwebtoken.impl.ImmutableJwtParser.parseClaimsJws(ImmutableJwtParser.java:173)
org.eclipse.che.multiuser.oidc.filter.OidcTokenInitializationFilter.processToken(OidcTokenInitializationFilter.java:80)
org.eclipse.che.multiuser.api.authentication.commons.filter.MultiUserEnvironmentInitializationFilter.doFilter(MultiUserEnvironmentInitializationFilter.java:127)
org.eclipse.che.commons.logback.filter.RequestIdLoggerFilter.doFilter(RequestIdLoggerFilter.java:50)
com.google.inject.servlet.ManagedFilterPipeline.dispatch(ManagedFilterPipeline.java:121)
com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:133)
Note The full stack trace of the root cause is available in the server logs.
Apache Tomcat/10.1.6 This is a workaround in Kubernetes for Eclipse Che, otherwise we need to roll Authentik back to version 2023.10.7 until this issue is resolved: eclipse-che/che#22765 |
…(related to issue goauthentik#8834 and pull goauthentik#8435)
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
Hello,
Is it possible that the following modification to authentik/crypto/apps.py will generate a JWT expired exception in Eclipse Che?
Is it possible that there has been a typing error and that one of the TWO not_valid_after_utc should be in fact not_valid_before_utc?
authentik/crypto/apps.py
Related to events: fix SystemTask timestamps and scheduling (https://github.com/goauthentik/authentik/pull/8435)
Eclipse Che Java exceptions after moving from 2023.10.7 to 2024.2.2
Thanks.
Originally posted by @jejbq in #8435 (comment)
The text was updated successfully, but these errors were encountered: