Skip to content

OAuth error using MongoSessionStore #654

New issue
New issue
Closed
Closed
OAuth error using MongoSessionStore#654
Labels
bug
Milestone
1.1.0
@silentcharacter

Description

@silentcharacter
silentcharacter
opened on Feb 17, 2017

Hi! tried to use MongoSessionStore, but an error appeared during authentication with google account.
I believe the cause of the problem is in wrong serialization on saving session parameters.
ClassCastException: org.bson.Document cannot be cast to java.lang.String

Here is the whole stack trace:

[2017-02-17 23:57:32,152]-[netty task-4-60] ERROR org.jooby.Err - execution of: GET/auth resulted in exception
Route:
| Method | Path | Source | Name | Pattern | Consumes | Produces |
|--------|-------|--------------------------|-----------------|---------|----------|----------|
| GET | /auth | org.jooby.pac4j.Auth:635 | /auth(Callback) | /auth | [/] | [/] |

Stacktrace:
org.jooby.Err: Server Error(500)
at org.jooby.internal.HttpHandlerImpl.handleErr(HttpHandlerImpl.java:398)
at org.jooby.internal.HttpHandlerImpl.cleanup(HttpHandlerImpl.java:372)
at org.jooby.internal.HttpHandlerImpl.handle(HttpHandlerImpl.java:314)
at org.jooby.internal.netty.NettyHandler.channelRead0(NettyHandler.java:91)
at io.netty.channel.SimpleChannelInboundHandler.channelRead(SimpleChannelInboundHandler.java:105)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363)
at io.netty.channel.AbstractChannelHandlerContext.access$600(AbstractChannelHandlerContext.java:38)
at io.netty.channel.AbstractChannelHandlerContext$7.run(AbstractChannelHandlerContext.java:354)
at io.netty.util.concurrent.DefaultEventExecutor.run(DefaultEventExecutor.java:66)
at io.netty.util.concurrent.SingleThreadEventExecutor$5.run(SingleThreadEventExecutor.java:858)
at io.netty.util.concurrent.DefaultThreadFactory$DefaultRunnableDecorator.run(DefaultThreadFactory.java:144)
at java.lang.Thread.run(Thread.java:745)
Caused by: org.pac4j.oauth.exception.OAuthCredentialsException: State parameter mismatch: session expired or possible threat of cross-site request forgery
at org.pac4j.oauth.client.BaseOAuth20StateClient.getOAuthCredentials(BaseOAuth20StateClient.java:70)
at org.pac4j.oauth.client.BaseOAuthClient.retrieveCredentials(BaseOAuthClient.java:135)
at org.pac4j.oauth.client.BaseOAuthClient.retrieveCredentials(BaseOAuthClient.java:33)
at org.pac4j.core.client.IndirectClient.getCredentials(IndirectClient.java:106)
at org.jooby.internal.pac4j.AuthCallback.handle(AuthCallback.java:81)
at org.jooby.pac4j.Auth.lambda$configure$5(Auth.java:636)
at org.jooby.internal.RouteImpl.handle(RouteImpl.java:113)
at org.jooby.internal.RouteChain.next(RouteChain.java:70)
at org.jooby.Route$Chain.next(Route.java:2106)
at com.mycompany.App.lambda$new$4(App.java:75)
at org.jooby.internal.RouteImpl.handle(RouteImpl.java:113)
at org.jooby.internal.RouteChain.next(RouteChain.java:70)
at org.jooby.Route$Chain.next(Route.java:2106)
at org.jooby.internal.HttpHandlerImpl.handle(HttpHandlerImpl.java:306)
... 9 common frames omitted
[2017-02-17 23:57:32,157]-[netty task-4-60] ERROR org.jooby.internal.SessionManager - Unable to create/update HTTP session
java.lang.ClassCastException: org.bson.Document cannot be cast to java.lang.String
at java.util.concurrent.ConcurrentHashMap.forEach(ConcurrentHashMap.java:1597)
at java.util.Collections$UnmodifiableMap.forEach(Collections.java:1505)
at org.jooby.mongodb.MongoSessionStore.save(MongoSessionStore.java:175)
at org.jooby.internal.ServerSessionManager.createOrUpdate(ServerSessionManager.java:137)
at org.jooby.internal.ServerSessionManager.requestDone(ServerSessionManager.java:119)
at org.jooby.internal.RequestImpl.lambda$done$15(RequestImpl.java:469)
at java.util.Optional.ifPresent(Optional.java:159)
at org.jooby.internal.RequestImpl.done(RequestImpl.java:469)
at org.jooby.internal.HttpHandlerImpl.done(HttpHandlerImpl.java:326)
at org.jooby.internal.HttpHandlerImpl.cleanup(HttpHandlerImpl.java:375)
at org.jooby.internal.HttpHandlerImpl.handle(HttpHandlerImpl.java:314)
at org.jooby.internal.netty.NettyHandler.channelRead0(NettyHandler.java:91)
at io.netty.channel.SimpleChannelInboundHandler.channelRead(SimpleChannelInboundHandler.java:105)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:363)
at io.netty.channel.AbstractChannelHandlerContext.access$600(AbstractChannelHandlerContext.java:38)
at io.netty.channel.AbstractChannelHandlerContext$7.run(AbstractChannelHandlerContext.java:354)
at io.netty.util.concurrent.DefaultEventExecutor.run(DefaultEventExecutor.java:66)
at io.netty.util.concurrent.SingleThreadEventExecutor$5.run(SingleThreadEventExecutor.java:858)
at io.netty.util.concurrent.DefaultThreadFactory$DefaultRunnableDecorator.run(DefaultThreadFactory.java:144)
at java.lang.Thread.run(Thread.java:745)

Metadata

Metadata

Assignees

No one assigned

    Labels

    bug

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions