Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: After enabling oAuth and setting X-API-KEY, API does not work anymore #1704

Closed
1 task done
VincentSC opened this issue Aug 16, 2024 · 3 comments · Fixed by #1708
Closed
1 task done

[Bug]: After enabling oAuth and setting X-API-KEY, API does not work anymore #1704

VincentSC opened this issue Aug 16, 2024 · 3 comments · Fixed by #1708
Labels
Bug Something isn't working

Comments

@VincentSC
Copy link

VincentSC commented Aug 16, 2024
edited
Loading

The Problem

After setting oAuth the API stopped working, as X-API-KEY was missing. Setting this, then gives an error:

nodered_stirling-pdf_1  | 17:10:10.410 [qtp1751850541-172] WARN  o.e.j.ee10.servlet.ServletChannel - /api/v1/general/split-pages
nodered_stirling-pdf_1  | java.lang.IllegalArgumentException: Cannot pass null or empty values to constructor
nodered_stirling-pdf_1  | 	at org.springframework.util.Assert.isTrue(Assert.java:111)
nodered_stirling-pdf_1  | 	at org.springframework.security.core.userdetails.User.<init>(User.java:110)
nodered_stirling-pdf_1  | 	at org.springframework.security.core.userdetails.User.<init>(User.java:87)
nodered_stirling-pdf_1  | 	at stirling.software.SPDF.config.security.UserService.loadUserByApiKey(UserService.java:131)
nodered_stirling-pdf_1  | 	at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
nodered_stirling-pdf_1  | 	at java.base/java.lang.reflect.Method.invoke(Method.java:580)
nodered_stirling-pdf_1  | 	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:354)
nodered_stirling-pdf_1  | 	at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:716)
nodered_stirling-pdf_1  | 	at stirling.software.SPDF.config.security.UserService$$SpringCGLIB$$0.loadUserByApiKey(<generated>)
nodered_stirling-pdf_1  | 	at stirling.software.SPDF.config.security.UserAuthenticationFilter.doFilterInternal(UserAuthenticationFilter.java:57)
...

Version of Stirling-PDF

0.28.1

Page Where the Problem Occurred

/api/v1/general/split-pages

Docker config

  stirling-pdf:
    image: frooodle/s-pdf:latest
    deploy:
      resources:
        limits:
          memory: 4G
    healthcheck:
      test: ["CMD-SHELL", "curl -f http://localhost:8080/api/v1/info/status | grep -q 'UP' && curl -fL http://localhost:8080/ | grep -q 'Please sign in'"]
      interval: 5s
      timeout: 10s
      retries: 16
    restart: unless-stopped
    volumes:
      - ./volumes/trainingData:/usr/share/tessdata #Required for extra OCR languages
      - ./volumes/extraConfigs:/configs
    environment:
      VIRTUAL_HOST: "xxx"
      LETSENCRYPT_HOST: "xxx"
      VIRTUAL_PORT: 8080
      INSTALL_BOOK_AND_ADVANCED_HTML_OPS: "true"
      LANGS: "en_GB"
      SYSTEM_ENABLELOGIN: "true"
      DOCKER_ENABLE_SECURITY: "true"
      SECURITY_ENABLELOGIN: "true"
      SECURITY_LOGINMETHOD: "oauth2"
      SECURITY_OAUTH2_ENABLED: "true"
      SECURITY_OAUTH2_AUTOCREATEUSER: "true" # This is set to true to allow auto-creation of non-existing users in Striling-PDF
      SECURITY_OAUTH2_ISSUER: "xxx"  # Change with any other provider that supports OpenID Connect Discovery (/.well-known/openid-configuration) end-point
      SECURITY_OAUTH2_CLIENTID: "stirling-pdf" # Client ID from your provider
      SECURITY_OAUTH2_CLIENTSECRET: "xxx"  # Client Secret from your provider
      SECURITY_OAUTH2_USEASUSERNAME: "email"
      SECURITY_OAUTH2_SCOPES: "openid, profile, email"
      SECURITY_OAUTH2_PROVIDER: "keycloak"
      PUID: 1002
      PGID: 1002
      UMASK: "022"
      SYSTEM_DEFAULTLOCALE: "en-US"
      UI_APPNAME: "Stirling-PDF"
      UI_HOMEDESCRIPTION: "Stirling-PDF with Security"
      UI_APPNAMENAVBAR: "Stirling-PDF"
      SYSTEM_MAXFILESIZE: "100"
      METRICS_ENABLED: "true"
      SYSTEM_GOOGLEVISIBILITY: "false"

No Duplicate of the Issue

  • I have verified that there are no existing issues raised related to my problem.
@Frooodle Frooodle added the Bug Something isn't working label Aug 16, 2024
@VincentSC
Copy link
Author

I've double checked this yesterday by disabling oauth:

#      SYSTEM_ENABLELOGIN: "true"
#      DOCKER_ENABLE_SECURITY: "true"

Then it all worked. Re-enabling -> same error.

My guess is the problem is at loadUserByApiKey:

user.getPassword(), // you might not need this for API key auth

When oAuth is used, my guess is that this is null.

Currently got no JDK-environment set up on my laptop and my Java is rusty, so can't quickly test. My guess that this would fix it:

Objects.requireNonNullElse(user.getPassword(), "None"), // Default value when using oAuth

If you need the full logs, let me know.

@Ludy87
Copy link
Contributor

Ludy87 commented Aug 17, 2024

I can reproduce

Ludy87 added a commit to Ludy87/Stirling-PDF that referenced this issue Aug 17, 2024
@Ludy87
Fix: Failed authentication Stirling-Tools#1704
7acad65
@Ludy87 Ludy87 mentioned this issue Aug 17, 2024
Merged
4 tasks
Frooodle pushed a commit that referenced this issue Aug 19, 2024
@Ludy87
Fix: Failed authentication #1704 (#1708)
81e2a77 
* Fix: Failed authentication #1704

* Update account.html
@VincentSC
Copy link
Author

Thanks for fixing this!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix: Failed authentication #1704 Ludy87/Stirling-PDF
3 participants
@Ludy87 @VincentSC @Frooodle