Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

StackOverflowError When Eureka and OAuth2/OpenID Configured in Same App #623

Closed
4 tasks done
JasonTypesCodes opened this issue Apr 3, 2021 · 2 comments · Fixed by #631
Closed
4 tasks done

StackOverflowError When Eureka and OAuth2/OpenID Configured in Same App #623

JasonTypesCodes opened this issue Apr 3, 2021 · 2 comments · Fixed by #631
Assignees
@sdelamo
Labels
type: bug Something isn't working
Milestone
2.3.3

Comments

@JasonTypesCodes
Copy link
Contributor

Task List

  • Steps to reproduce provided
  • Stacktrace (if present) provided
  • Example that reproduces the problem uploaded to Github
  • Full description of the issue provided (see below)

Steps to Reproduce

  1. Create a Micronaut Application with Eureka and OAuth2 support
  2. Update config to support OpenID Connect
  3. Try to start application

Expected Behaviour

Application should start

Actual Behaviour

Application fails to start with a StackOverflowError occurring during bean instantiation. The specific errors encountered change from run to run, but the stack overflow is always present:

Caused by: java.lang.StackOverflowError: null
	at java.base/java.lang.ClassLoader.defineClass1(Native Method)
	at java.base/java.lang.ClassLoader.defineClass(ClassLoader.java:1016)
	at java.base/java.security.SecureClassLoader.defineClass(SecureClassLoader.java:174)
	at java.base/jdk.internal.loader.BuiltinClassLoader.defineClass(BuiltinClassLoader.java:802)
	at java.base/jdk.internal.loader.BuiltinClassLoader.findClassOnClassPathOrNull(BuiltinClassLoader.java:700)
	at java.base/jdk.internal.loader.BuiltinClassLoader.loadClassOrNull(BuiltinClassLoader.java:623)
	at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoader.java:581)
	at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:178)
	at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:521)
	at io.micronaut.context.exceptions.BeanInstantiationException.<init>(BeanInstantiationException.java:49)
	at io.micronaut.context.DefaultBeanContext.doCreateBean(DefaultBeanContext.java:1970)
...

Environment Information

  • Operating System: Debian Linux 10.9
  • Micronaut Version: 2.4.2
  • JDK Version: openjdk version "11.0.2" 2019-01-15

Example Application

https://github.com/JasonTypesCodes/mn-eureka-oauth

To find the error:

$ ./gradlew run > out.txt
$ cat out.txt | grep -n "StackOverflowError"

The application will start (even without a Eureka server running) if you do any one of the following:

1 - Set micronaut.security.oauth2.enabled to false
2 - Remove the confugration at micronaut.security.oauth2.clients.default.openid
3 - Remove io.micronaut.security:micronaut-security-jwt from build.gradle
4 - Remove the eureka configuration
@graemerocher graemerocher self-assigned this Apr 14, 2021
@graemerocher
Copy link
Contributor

@JasonTypesCodes @sdelamo The issue appears to be DefaultTokenEndpointClient unsafely creating beans in the constructor. This is an issue because the bean HttpClientConfiguration is extended by EurekaClientConfiguration which injects components related to the http client so when createBean is called these are currently being in the middle of being created but not registered with the context yet.

It is probably best to move this logic here https://github.com/micronaut-projects/micronaut-security/blob/master/security-oauth2/src/main/java/io/micronaut/security/oauth2/endpoint/token/request/DefaultTokenEndpointClient.java#L138-L143

And create the client on demand

@graemerocher graemerocher transferred this issue from micronaut-projects/micronaut-core Apr 14, 2021
@sdelamo sdelamo self-assigned this Apr 15, 2021
@sdelamo
Copy link
Contributor

sdelamo commented Apr 15, 2021

I will do the change @graemerocher Thanks for looking into the root cause.

sdelamo added a commit that referenced this issue Apr 22, 2021
@sdelamo
fix: use a Memoized supplier for DefaultTokenClient
1453f95 
Fix: #623
@sdelamo sdelamo mentioned this issue Apr 22, 2021
Merged
@sdelamo sdelamo added the type: bug Something isn't working label Apr 22, 2021
@sdelamo sdelamo added this to the 2.3.3 milestone Apr 22, 2021
graemerocher pushed a commit that referenced this issue Apr 22, 2021
@sdelamo
fix: use a Memoized supplier for DefaultTokenClient (#631)
15ac965 
Fix: #623
sdelamo added a commit that referenced this issue Apr 22, 2021
@sdelamo
fix: use a Memoized supplier for DefaultTokenClient (#631)
e6702d8 
Fix: #623
@JasonTypesCodes JasonTypesCodes mentioned this issue Apr 28, 2021
Closed
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sdelamo sdelamo

Labels
type: bug Something isn't working
Projects
None yet
Milestone
2.3.3
Development

Successfully merging a pull request may close this issue.

fix: use a Memoized supplier for DefaultTokenClient micronaut-projects/micronaut-security
3 participants
@graemerocher @sdelamo @JasonTypesCodes