Skip to content

Oauth2 Client_Credentials Grant: java.lang.IllegalArgumentException: serverWebExchange cannot be null #7468

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
juliuskrah opened this issue Sep 24, 2019 · 4 comments
Closed

Oauth2 Client_Credentials Grant: java.lang.IllegalArgumentException: serverWebExchange cannot be null #7468

juliuskrah opened this issue Sep 24, 2019 · 4 comments
Assignees
@jgrandja
Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)

Comments

@juliuskrah
Copy link

juliuskrah commented Sep 24, 2019
edited
Loading

Summary

I recently upgraded to Spring Security 5.2.0.RC1 because Webclient is not 'renewing' tokens for Oauth2 Client_credentials grant type.

I have the folling configuration

spring:
  security:
    oauth2:
      client:
        registration:
          keycloak:
            client-id: <id>
            client-secret: <pass>
            authorization-grant-type: client_credentials
        provider:
          keycloak:
            issuer-uri: http://localhost/auth/realms/<realm-name>
@Bean
fun webClient(clientRegistrations: ReactiveClientRegistrationRepository,
                  authorizedClients: ServerOAuth2AuthorizedClientRepository): WebClient {
    val oauth = ServerOAuth2AuthorizedClientExchangeFilterFunction(clientRegistrations,
                UnAuthenticatedServerOAuth2AuthorizedClientRepository())
    // val oauth = ServerOAuth2AuthorizedClientExchangeFilterFunction(clientRegistrations, authorizedClients)
    return WebClient.builder()
                .filter(oauth)
                .build()
}

and finally, I'm calling Webclient

webClient.post()
                .uri {
                    it.scheme("http")
                            .host("localhost")
                            .port(5000)
                            .path("/path")
                            .path("/{id}")
                            .build(id)
                }
                .contentType(MediaType.APPLICATION_JSON)
                .attributes(clientRegistrationId("keycloak"))
                .body(BodyInserters.fromObject(payload))
                .exchange()
                .subscribe { log.debug("Success with HTTP Status {}", it.statusCode()) }

Actual Behavior

I get an exception

org.springframework.kafka.listener.ListenerExecutionFailedException: Listener method 'public void com.example.Main.method(com.example.Example)' threw exception; nested exception is reactor.core.Exceptions$ErrorCallbackNotImplemented: java.lang.IllegalArgumentException: serverWebExchange cannot be null; nested exception
is reactor.core.Exceptions$ErrorCallbackNotImplemented: java.lang.IllegalArgumentException: serverWebExchange cannot be null
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.decorateException(KafkaMessageListenerContainer.java:1327) ~[spring-kafka-2.2.8.RELEASE.jar:2
.2.8.RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.invokeErrorHandler(KafkaMessageListenerContainer.java:1316) ~[spring-kafka-2.2.8.RELEASE.jar:
2.2.8.RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.doInvokeRecordListener(KafkaMessageListenerContainer.java:1232) ~[spring-kafka-2.2.8.RELEASE.
jar:2.2.8.RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.doInvokeWithRecords(KafkaMessageListenerContainer.java:1203) ~[spring-kafka-2.2.8.RELEASE.jar
:2.2.8.RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.invokeRecordListener(KafkaMessageListenerContainer.java:1123) ~[spring-kafka-2.2.8.RELEASE.ja
r:2.2.8.RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.invokeListener(KafkaMessageListenerContainer.java:938) ~[spring-kafka-2.2.8.RELEASE.jar:2.2.8
.RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.pollAndInvoke(KafkaMessageListenerContainer.java:751) ~[spring-kafka-2.2.8.RELEASE.jar:2.2.8.
RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.run(KafkaMessageListenerContainer.java:700) ~[spring-kafka-2.2.8.RELEASE.jar:2.2.8.RELEASE]
        at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515) ~[na:na]
        at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) ~[na:na]
        at java.base/java.lang.Thread.run(Thread.java:834) ~[na:na]
Caused by: reactor.core.Exceptions$ErrorCallbackNotImplemented: java.lang.IllegalArgumentException: serverWebExchange cannot be null
Caused by: java.lang.IllegalArgumentException: serverWebExchange cannot be null
        at org.springframework.util.Assert.notNull(Assert.java:198) ~[spring-core-5.1.9.RELEASE.jar:5.1.9.RELEASE]
        at org.springframework.security.oauth2.client.web.DefaultReactiveOAuth2AuthorizedClientManager.authorize(DefaultReactiveOAuth2AuthorizedClientManager.java:75) ~[spring-security-o
auth2-client-5.2.0.RC1.jar:5.2.0.RC1]
        at reactor.core.publisher.MonoFlatMap$FlatMapMain.onNext(MonoFlatMap.java:118) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.onNext(FluxOnAssembly.java:345) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxMapFuseable$MapFuseableSubscriber.onNext(FluxMapFuseable.java:121) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.onNext(FluxOnAssembly.java:345) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Operators$MonoSubscriber.complete(Operators.java:1515) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoZip$ZipCoordinator.signal(MonoZip.java:247) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoZip$ZipInner.onNext(MonoZip.java:329) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.onNext(FluxOnAssembly.java:345) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Operators$MonoSubscriber.complete(Operators.java:1515) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxDefaultIfEmpty$DefaultIfEmptySubscriber.onComplete(FluxDefaultIfEmpty.java:100) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.onComplete(FluxOnAssembly.java:355) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxMapFuseable$MapFuseableSubscriber.onComplete(FluxMapFuseable.java:144) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.onComplete(FluxOnAssembly.java:355) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxSwitchIfEmpty$SwitchIfEmptySubscriber.onComplete(FluxSwitchIfEmpty.java:78) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.onComplete(FluxOnAssembly.java:355) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxMapFuseable$MapFuseableSubscriber.onComplete(FluxMapFuseable.java:144) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.onComplete(FluxOnAssembly.java:355) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxFilterFuseable$FilterFuseableSubscriber.onComplete(FluxFilterFuseable.java:166) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.onComplete(FluxOnAssembly.java:355) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Operators$ScalarSubscription.request(Operators.java:2073) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.request(FluxOnAssembly.java:442) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxFilterFuseable$FilterFuseableSubscriber.request(FluxFilterFuseable.java:185) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.request(FluxOnAssembly.java:442) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxMapFuseable$MapFuseableSubscriber.request(FluxMapFuseable.java:162) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.request(FluxOnAssembly.java:442) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Operators$MultiSubscriptionSubscriber.set(Operators.java:1879) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Operators$MultiSubscriptionSubscriber.onSubscribe(Operators.java:1753) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.onSubscribe(FluxOnAssembly.java:426) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxMapFuseable$MapFuseableSubscriber.onSubscribe(FluxMapFuseable.java:90) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.onSubscribe(FluxOnAssembly.java:426) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxFilterFuseable$FilterFuseableSubscriber.onSubscribe(FluxFilterFuseable.java:82) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxOnAssembly$OnAssemblySubscriber.onSubscribe(FluxOnAssembly.java:426) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoCurrentContext.subscribe(MonoCurrentContext.java:35) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:56) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoFilterFuseable.subscribe(MonoFilterFuseable.java:47) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoMapFuseable.subscribe(MonoMapFuseable.java:59) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Mono.subscribe(Mono.java:3858) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxSwitchIfEmpty$SwitchIfEmptySubscriber.onComplete(FluxSwitchIfEmpty.java:75) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Operators.complete(Operators.java:131) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoEmpty.subscribe(MonoEmpty.java:45) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoSwitchIfEmpty.subscribe(MonoSwitchIfEmpty.java:44) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoMapFuseable.subscribe(MonoMapFuseable.java:59) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoDefaultIfEmpty.subscribe(MonoDefaultIfEmpty.java:37) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Mono.subscribe(Mono.java:3858) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoZip.subscribe(MonoZip.java:128) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoMapFuseable.subscribe(MonoMapFuseable.java:59) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoFlatMap.subscribe(MonoFlatMap.java:60) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoDefer.subscribe(MonoDefer.java:52) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Mono.subscribe(Mono.java:3858) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.FluxSwitchIfEmpty$SwitchIfEmptySubscriber.onComplete(FluxSwitchIfEmpty.java:75) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Operators.complete(Operators.java:131) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoEmpty.subscribe(MonoEmpty.java:45) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoSwitchIfEmpty.subscribe(MonoSwitchIfEmpty.java:44) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoFlatMap.subscribe(MonoFlatMap.java:60) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoMapFuseable.subscribe(MonoMapFuseable.java:59) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoFlatMap.subscribe(MonoFlatMap.java:60) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoSwitchIfEmpty.subscribe(MonoSwitchIfEmpty.java:44) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoSwitchIfEmpty.subscribe(MonoSwitchIfEmpty.java:44) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoFlatMap.subscribe(MonoFlatMap.java:60) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.MonoOnAssembly.subscribe(MonoOnAssembly.java:61) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Mono.subscribe(Mono.java:3858) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Mono.subscribeWith(Mono.java:3964) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Mono.subscribe(Mono.java:3852) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Mono.subscribe(Mono.java:3819) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at reactor.core.publisher.Mono.subscribe(Mono.java:3766) ~[reactor-core-3.2.12.RELEASE.jar:3.2.12.RELEASE]
        at com.stlghana.support.service.EmailService.processIncident(EmailService.kt:53) ~[main/:na]
        at jdk.internal.reflect.GeneratedMethodAccessor33.invoke(Unknown Source) ~[na:na]
        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:na]
        at java.base/java.lang.reflect.Method.invoke(Method.java:566) ~[na:na]
        at org.springframework.messaging.handler.invocation.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:171) ~[spring-messaging-5.1.9.RELEASE.jar:5.1.9.RELEASE]
        at org.springframework.messaging.handler.invocation.InvocableHandlerMethod.invoke(InvocableHandlerMethod.java:120) ~[spring-messaging-5.1.9.RELEASE.jar:5.1.9.RELEASE]
        at org.springframework.kafka.listener.adapter.HandlerAdapter.invoke(HandlerAdapter.java:48) ~[spring-kafka-2.2.8.RELEASE.jar:2.2.8.RELEASE]
        at org.springframework.kafka.listener.adapter.MessagingMessageListenerAdapter.invokeHandler(MessagingMessageListenerAdapter.java:283) ~[spring-kafka-2.2.8.RELEASE.jar:2.2.8.RELEA
SE]
        at org.springframework.kafka.listener.adapter.RecordMessagingMessageListenerAdapter.onMessage(RecordMessagingMessageListenerAdapter.java:79) ~[spring-kafka-2.2.8.RELEASE.jar:2.2.
8.RELEASE]
        at org.springframework.kafka.listener.adapter.RecordMessagingMessageListenerAdapter.onMessage(RecordMessagingMessageListenerAdapter.java:50) ~[spring-kafka-2.2.8.RELEASE.jar:2.2.
8.RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.doInvokeOnMessage(KafkaMessageListenerContainer.java:1278) ~[spring-kafka-2.2.8.RELEASE.jar:2
.2.8.RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.invokeOnMessage(KafkaMessageListenerContainer.java:1261) ~[spring-kafka-2.2.8.RELEASE.jar:2.2
.8.RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.doInvokeRecordListener(KafkaMessageListenerContainer.java:1222) ~[spring-kafka-2.2.8.RELEASE.
jar:2.2.8.RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.doInvokeWithRecords(KafkaMessageListenerContainer.java:1203) ~[spring-kafka-2.2.8.RELEASE.jar
:2.2.8.RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.invokeRecordListener(KafkaMessageListenerContainer.java:1123) ~[spring-kafka-2.2.8.RELEASE.ja
r:2.2.8.RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.invokeListener(KafkaMessageListenerContainer.java:938) ~[spring-kafka-2.2.8.RELEASE.jar:2.2.8
.RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.pollAndInvoke(KafkaMessageListenerContainer.java:751) ~[spring-kafka-2.2.8.RELEASE.jar:2.2.8.
RELEASE]
        at org.springframework.kafka.listener.KafkaMessageListenerContainer$ListenerConsumer.run(KafkaMessageListenerContainer.java:700) ~[spring-kafka-2.2.8.RELEASE.jar:2.2.8.RELEASE]
        at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515) ~[na:na]
        at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) ~[na:na]
        at java.base/java.lang.Thread.run(Thread.java:834) ~[na:na]
        Suppressed: reactor.core.publisher.FluxOnAssembly$OnAssemblyException:
Assembly trace from producer [reactor.core.publisher.MonoFlatMap] :
        reactor.core.publisher.Mono.flatMap(Mono.java:2537)
        org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction.lambda$authorizedClient$7(ServerOAuth2AuthorizedClientE
xchangeFilterFunction.java:310)
Error has been observed by the following operator(s):
        |_      Mono.flatMap ? org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction.lambda$authorizedClient$7(Server
OAuth2AuthorizedClientExchangeFilterFunction.java:310)
        |_      Mono.defer ? org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction.authorizedClient(ServerOAuth2Autho
rizedClientExchangeFilterFunction.java:309)
        |_      Mono.switchIfEmpty ? org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction.authorizedClient(ServerOAu
th2AuthorizedClientExchangeFilterFunction.java:309)
        |_      Mono.flatMap ? org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction.authorizedClient(ServerOAuth2Aut
horizedClientExchangeFilterFunction.java:311)
        |_      Mono.map ? org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction.filter(ServerOAuth2AuthorizedClientE
xchangeFilterFunction.java:301)
        |_      Mono.flatMap ? org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction.filter(ServerOAuth2AuthorizedCli
entExchangeFilterFunction.java:302)
        |_      Mono.switchIfEmpty ? org.springframework.security.oauth2.client.web.reactive.function.client.ServerOAuth2AuthorizedClientExchangeFilterFunction.filter(ServerOAuth2Authori
zedClientExchangeFilterFunction.java:303)
        |_      Mono.switchIfEmpty ? org.springframework.web.reactive.function.client.DefaultWebClient$DefaultRequestBodyUriSpec.exchange(DefaultWebClient.java:320)
        |_      Mono.flatMap ? org.springframework.web.reactive.function.client.DefaultWebClient$DefaultResponseSpec.bodyToMono(DefaultWebClient.java:444)

PS: The stacktrace above has some Kafka bits in there.

Expected Behavior

I expect webclient to make the request using the access token. It works fine with Spring Security 5.1.6.RELEASE, the only issue, it does not renew the token after it is expired

Configuration

spring:
  security:
    oauth2:
      client:
        registration:
          keycloak:
            client-id: <id>
            client-secret: <pass>
            authorization-grant-type: client_credentials
        provider:
          keycloak:
            issuer-uri: http://localhost/auth/realms/<realm-name>
@Bean
fun webClient(clientRegistrations: ReactiveClientRegistrationRepository,
                  authorizedClients: ServerOAuth2AuthorizedClientRepository): WebClient {
    val oauth = ServerOAuth2AuthorizedClientExchangeFilterFunction(clientRegistrations,
                UnAuthenticatedServerOAuth2AuthorizedClientRepository())
    // val oauth = ServerOAuth2AuthorizedClientExchangeFilterFunction(clientRegistrations, authorizedClients)
    return WebClient.builder()
                .filter(oauth)
                .build()
}

Version

Spring Boot: 2.1.8.RELEASE
Spring Security: 5.2.0.RC1

Sample

No Sample
@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Sep 24, 2019
@jgrandja
Copy link
Contributor

@juliuskrah Can you please put together a minimal sample that reproduces the issue. I'll be able to effectively troubleshoot the issue at that point.

@jgrandja jgrandja added in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) status: waiting-for-feedback We need additional information before we can continue and removed status: waiting-for-triage An issue we've not yet triaged labels Sep 26, 2019
@jgrandja jgrandja self-assigned this Sep 26, 2019
@jgrandja
Copy link
Contributor

@juliuskrah I just realized what the issue is. In the 5.2.0.RC1 release, DefaultReactiveOAuth2AuthorizedClientManager required ServerWebExchange as one of the inputs. See here.

This has been resolved via #7390 which will be coming in the 5.2.0 GA release this coming Monday.

I'm going to close this issue but we can re-open if you're still having issues with the 5.2.0 GA release.

@jgrandja jgrandja removed the status: waiting-for-feedback We need additional information before we can continue label Sep 26, 2019
@juliuskrah
Copy link
Author

@jgrandja Once 5.2.0 is GA, I will give my feedback. Thanks a lot

@frzme frzme mentioned this issue Oct 18, 2019
Closed
@abhi2495
Copy link

@juliuskrah
You can use the following code : Spring WebFlux Security- Client config - OAuth2.0 Client Credentials Flow

@sharpedavid sharpedavid mentioned this issue Nov 19, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jgrandja jgrandja

Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose)
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@juliuskrah @jgrandja @spring-projects-issues @abhi2495