New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OIDC/Keycloak Authorization #13838
Comments
/cc @pedroigor, @sberyozkin |
@lalithakulkarni - can you please try the latest Quarkus version ? |
CC @pedroigor |
@sberyozkin I tried with the latest version of Quarkus (1.10.3.Final) and continue to see the same exception. I downloaded the sample from quick starts to see if I can run it and I notice that it works fine. Looks like some configuration issue on my end. I will troubleshoot further and post updates. |
Found the issue. There was an offending property in my configuration quarkus.oidc.enabled=false The moment I removed it, everything is working. Thank you for the quick turnaround. |
Hi @lalithakulkarni Thanks, I've just reopened it to have some useful exception reported instead of NPE |
Describe the bug
I am trying to utilize keycloak-authorization extension using [https://quarkus.io/guides/security-keycloak-authorization#configuration-reference](following reference), and running into a null pointer exception.
Expected behavior
The authorization setup in Keycloak should kick in and decision needs to be made to allow/deny the request.
Actual behavior
I get the following exception. Apparently the policyEnforcer is not getting instantiated, but I don't see any issues with the configuration.
2020-12-11 08:12:57,856 ERROR [io.qua.ver.htt.run.QuarkusErrorHandler] (executor-thread-201) HTTP Request to /useraccounts?email=a@cgmail.com failed, error id: ae6bb5cf-8796-4438-b2e0-3131a5765657-1: java.lang.NullPointerException: Cannot invoke "org.keycloak.adapters.authorization.KeycloakAdapterPolicyEnforcer.authorize(org.keycloak.adapters.OIDCHttpFacade)" because "this.delegate" is null
at io.quarkus.keycloak.pep.runtime.KeycloakPolicyEnforcerAuthorizer.apply(KeycloakPolicyEnforcerAuthorizer.java:45)
at io.quarkus.keycloak.pep.runtime.KeycloakPolicyEnforcerAuthorizer.apply(KeycloakPolicyEnforcerAuthorizer.java:29)
at io.quarkus.vertx.http.runtime.security.HttpAuthorizer$1$1$1.run(HttpAuthorizer.java:72)
at io.quarkus.runtime.CleanableExecutor$CleaningRunnable.run(CleanableExecutor.java:231)
at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:2046)
at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1578)
at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1426)
at org.jboss.threads.DelegatingRunnable.run(DelegatingRunnable.java:29)
at org.jboss.threads.ThreadLocalResettingRunnable.run(ThreadLocalResettingRunnable.java:29)
at java.base/java.lang.Thread.run(Thread.java:832)
at org.jboss.threads.JBossThread.run(JBossThread.java:479)
Configuration
Environment (please complete the following information):
Darwin MacBook-Air.local 20.1.0 Darwin Kernel Version 20.1.0: Sat Oct 31 00:07:10 PDT 2020; root:xnu-7195.50.7~2/RELEASE_ARM64_T8101 arm64
openjdk version "15.0.1" 2020-10-20
OpenJDK Runtime Environment (build 15.0.1+9)
OpenJDK 64-Bit Server VM (build 15.0.1+9, mixed mode, sharing)
Gral VM: Not using
Quarkus: 1.7.1.Final
Apache Maven 3.6.3 (cecedd343002696d0abb50b32b541b8a6ba2883f)
Maven home: /Users/lalithakulkarni/.m2/wrapper/dists/apache-maven-3.6.3-bin/1iopthnavndlasol9gbrbg6bf2/apache-maven-3.6.3
Java version: 15.0.1, vendor: N/A, runtime: /usr/local/Cellar/openjdk/15.0.1/libexec/openjdk.jdk/Contents/Home
Default locale: en_US, platform encoding: UTF-8
OS name: "mac os x", version: "11.0.1", arch: "x86_64", family: "mac"
Additional context
The text was updated successfully, but these errors were encountered: