From 423396879febf962a92fc0c83b9d59233bca2fa3 Mon Sep 17 00:00:00 2001 From: Sergey Beryozkin Date: Tue, 2 Jul 2024 19:14:53 +0100 Subject: [PATCH] Try to recover after OIDC timeout exception --- .../io/quarkus/oidc/runtime/OidcRecorder.java | 53 +++++++++++-------- 1 file changed, 31 insertions(+), 22 deletions(-) diff --git a/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/runtime/OidcRecorder.java b/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/runtime/OidcRecorder.java index bf0273e8c5e575..a07b003bc6a541 100644 --- a/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/runtime/OidcRecorder.java +++ b/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/runtime/OidcRecorder.java @@ -55,6 +55,7 @@ import io.quarkus.tls.TlsConfigurationRegistry; import io.smallrye.jwt.algorithm.KeyEncryptionAlgorithm; import io.smallrye.jwt.util.KeyUtils; +import io.smallrye.mutiny.TimeoutException; import io.smallrye.mutiny.Uni; import io.vertx.core.Vertx; import io.vertx.core.json.JsonObject; @@ -167,29 +168,37 @@ private TenantConfigContext createStaticTenantContext(Vertx vertx, Uni uniContext = createTenantContext(vertx, oidcConfig, checkNamedTenants, tenantId, defaultTlsConfiguration); - return uniContext.onFailure() - .recoverWithItem(new Function() { - @Override - public TenantConfigContext apply(Throwable t) { - if (t instanceof OIDCException) { - LOG.warnf("Tenant '%s': '%s'." - + " OIDC server is not available yet, an attempt to connect will be made during the first request." - + " Access to resources protected by this tenant may fail" - + " if OIDC server will not become available", - tenantId, t.getMessage()); - return new TenantConfigContext(null, oidcConfig, false); - } - logTenantConfigContextFailure(t, tenantId); - if (t instanceof ConfigurationException - && !oidcConfig.authServerUrl.isPresent() && LaunchMode.DEVELOPMENT == LaunchMode.current()) { - // Let it start if it is a DEV mode and auth-server-url has not been configured yet - return new TenantConfigContext(null, oidcConfig, false); + try { + return uniContext.onFailure() + .recoverWithItem(new Function() { + @Override + public TenantConfigContext apply(Throwable t) { + if (t instanceof OIDCException) { + LOG.warnf("Tenant '%s': '%s'." + + " OIDC server is not available yet, an attempt to connect will be made during the first request." + + " Access to resources protected by this tenant may fail" + + " if OIDC server will not become available", + tenantId, t.getMessage()); + return new TenantConfigContext(null, oidcConfig, false); + } + logTenantConfigContextFailure(t, tenantId); + if (t instanceof ConfigurationException + && !oidcConfig.authServerUrl.isPresent() + && LaunchMode.DEVELOPMENT == LaunchMode.current()) { + // Let it start if it is a DEV mode and auth-server-url has not been configured yet + return new TenantConfigContext(null, oidcConfig, false); + } + // fail in all other cases + throw new OIDCException(t); } - // fail in all other cases - throw new OIDCException(t); - } - }) - .await().atMost(oidcConfig.getConnectionTimeout()); + }) + .await().atMost(oidcConfig.getConnectionTimeout()); + } catch (TimeoutException t2) { + LOG.warnf("Tenant '%s': OIDC server is not available after a %d seconds timeout, an attempt to connect will be made" + + " during the first request. Access to resources protected by this tenant may fail if OIDC server" + + " will not become available", tenantId, oidcConfig.getConnectionTimeout().getSeconds()); + return new TenantConfigContext(null, oidcConfig, false); + } } private static Throwable logTenantConfigContextFailure(Throwable t, String tenantId) {