Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Token Persistence Removal] java.lang.ClassCastException when revoking secret #2495

Closed
dushaniw opened this issue Feb 20, 2024 · 0 comments
Closed

[Token Persistence Removal] java.lang.ClassCastException when revoking secret #2495

dushaniw opened this issue Feb 20, 2024 · 0 comments
Labels
4.3.0-M2 4.3.0 Component/APIM TokenPersistenceRemoval bugs for token persistence removal Type/Bug
Milestone
4.3.0-Alpha

Comments

@dushaniw
Copy link
Contributor

dushaniw commented Feb 20, 2024
edited
Loading

Description

Issue observed after merging changes in https://github.com/wso2-extensions/apim-km-wso2is/pull/124/files and wso2/carbon-apimgt#12281 locally.

When revoking consumer secret the event does not propagate to the GW instead following error is thrown in logs.

[2024-02-20 16:06:18,029] ERROR - NativeWorkerPool Uncaught exception
java.lang.ClassCastException: class java.lang.String cannot be cast to class java.lang.Long (java.lang.String and java.lang.Long are in module java.base of loader 'bootstrap')
	at org.wso2.carbon.apimgt.gateway.listeners.GatewayTokenRevocationMessageListener.handleRevokedTokenMessage_aroundBody2(GatewayTokenRevocationMessageListener.java:94) ~[org.wso2.carbon.apimgt.gateway_9.29.35.jar:?]
	at org.wso2.carbon.apimgt.gateway.listeners.GatewayTokenRevocationMessageListener.handleRevokedTokenMessage(GatewayTokenRevocationMessageListener.java:1) ~[org.wso2.carbon.apimgt.gateway_9.29.35.jar:?]
	at org.wso2.carbon.apimgt.gateway.listeners.GatewayTokenRevocationMessageListener.onMessage_aroundBody0(GatewayTokenRevocationMessageListener.java:63) ~[org.wso2.carbon.apimgt.gateway_9.29.35.jar:?]
	at org.wso2.carbon.apimgt.gateway.listeners.GatewayTokenRevocationMessageListener.onMessage(GatewayTokenRevocationMessageListener.java:1) ~[org.wso2.carbon.apimgt.gateway_9.29.35.jar:?]
	at org.wso2.carbon.apimgt.common.jms.JMSTaskManager$MessageListenerTask.handleMessage(JMSTaskManager.java:656) ~[org.wso2.carbon.apimgt.common.jms_9.29.35.jar:?]
	at org.wso2.carbon.apimgt.common.jms.JMSTaskManager$MessageListenerTask.run(JMSTaskManager.java:555) ~[org.wso2.carbon.apimgt.common.jms_9.29.35.jar:?]
	at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172) ~[axis2_1.6.1.wso2v76.jar:?]
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) ~[?:?]
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) ~[?:?]
	at java.lang.Thread.run(Thread.java:829) [?:?]

Steps to Reproduce

Enable token persistence removal with following configs and database additions.

  • Start server with default configs and change token type of consumer apps of system portal to JWT and enable appending tenant domain to the local subject identifier.
  • Shutdown server.
  • Add to deployment.toml.
[oauth.token_persistence]
enable=false

[oauth.revoked_token_headers_in_response]
enable=false

[[oauth.extensions.token_types]]
name = "JWT"
issuer = "org.wso2.is.key.manager.tokenpersistence.issuer.ExtendedJWTTokenIssuer"

[transport.https.properties]
maxHttpHeaderSize = "12288"
  • Create tables in AM_DB.
 CREATE TABLE IF NOT EXISTS IDN_INVALID_TOKENS (
 	UUID VARCHAR(255) NOT NULL,
 	TOKEN_IDENTIFIER VARCHAR(2048) NOT NULL,
 	CONSUMER_KEY VARCHAR(255) NOT NULL,
 	TIME_CREATED TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
 	EXPIRY_TIMESTAMP TIMESTAMP NOT NULL,
 	PRIMARY KEY (UUID)
  ) ENGINE=InnoDB;
 
CREATE TABLE IF NOT EXISTS IDN_APP_REVOKED_EVENT (
	EVENT_ID VARCHAR(255) NOT NULL,
	CONSUMER_KEY VARCHAR(255) NOT NULL,
	TIME_REVOKED TIMESTAMP NOT NULL,
	ORGANIZATION VARCHAR(100),
	PRIMARY KEY (EVENT_ID),
	CONSTRAINT CON_APP_EVT_KEY UNIQUE (CONSUMER_KEY, ORGANIZATION)
)ENGINE=InnoDB;

CREATE TABLE IF NOT EXISTS IDN_SUBJECT_ENTITY_REVOKED_EVENT (
	EVENT_ID VARCHAR(255) NOT NULL,
	ENTITY_ID VARCHAR(255) NOT NULL,
	ENTITY_TYPE VARCHAR(100) NOT NULL,
	TIME_REVOKED TIMESTAMP NOT NULL,
	ORGANIZATION VARCHAR(100),
  • Restart server

Affected Component

APIM

Version

4.3.0 - M2

Environment Details (with versions)

No response

Relevant Log Output

No response

Related Issues

No response

Suggested Labels

No response
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
4.3.0-M2 4.3.0 Component/APIM TokenPersistenceRemoval bugs for token persistence removal Type/Bug
Projects
None yet
Milestone
4.3.0-Alpha
Development

No branches or pull requests
2 participants
@tharikaGitHub @dushaniw