Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Something wrong with elytron-oauth2 bearer token authentication after Quarkus 3.13.3 update #42984

Closed
DempseyRoller opened this issue Sep 3, 2024 · 4 comments
Closed

Something wrong with elytron-oauth2 bearer token authentication after Quarkus 3.13.3 update #42984

DempseyRoller opened this issue Sep 3, 2024 · 4 comments
Labels
area/oidc area/security kind/bug Something isn't working

Comments

@DempseyRoller
Copy link

Describe the bug

RestAssured tests fail with 401 authentication error when the endpoint has OAuth2 activated. The test was setup like the example in the Quarkus guide.

I used Wiremock request listener to get some insight of what's happening. In Quarkus versions pre 3.13.3 there's a http request to the exposed stub. After 3.13.3 there's not. Nothing else is different.

Tested with 3.13.3 and 3.14.1

Expected behavior

When the OAuth2 is activated the endpoint should do a request to the specified introspection url when it's called.

Actual behavior

When the OAuth2 is activated the endpoint seems to not do any request to introspection.

How to Reproduce?

  1. Use Quarkus 3.13.3 or later, resteasy-multipart and elytron-security-oauth2.
  2. Create a small integration test
  3. Test

Output of uname -a or ver

Linux 5.15.153.1-microsoft-standard-WSL2 #1 SMP Fri Mar 29 23:14:13 UTC 2024 x86_64 GNU/Linux

Output of java -version

openjdk version "21.0.1" 2023-10-17 LTS OpenJDK Runtime Environment Temurin-21.0.1+12 (build 21.0.1+12-LTS) OpenJDK 64-Bit Server VM Temurin-21.0.1+12 (build 21.0.1+12-LTS, mixed mode, sharing)

Quarkus version or git rev

3.13.3+

Build tool (ie. output of mvnw --version or gradlew --version)

Apache Maven 3.9.7 (8b094c9513efc1b9ce2d952b3b9c8eaedaf8cbf0)

Additional information

No response
@DempseyRoller DempseyRoller added the kind/bug Something isn't working label Sep 3, 2024
@quarkus-bot quarkus-bot
Copy link

quarkus-bot bot commented Sep 3, 2024

/cc @pedroigor (bearer-token), @sberyozkin (bearer-token)

@gsmet
Copy link
Member

gsmet commented Sep 3, 2024

Can you make sure you use Bearer thetoken and not Bearer: thetoken in your test? I.e. you shouldn't have a colon.

The guide needs a fix.

If it doesn't fix your problem, please provide a reproducer.

@gsmet
Copy link
Member

gsmet commented Sep 3, 2024

It was fixed here: https://github.com/quarkusio/quarkus/pull/42707/files but we unfortunately didn't backport the fix. I will do it for tomorrow's release.

@DempseyRoller
Copy link
Author

Well I'll be damned! Thank you. Tried to shuffle through the changelog but nothing pointed me to this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/oidc area/security kind/bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@gsmet @DempseyRoller