Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

OIDC authentication via Google fails on Tomcat #728

Open
tfield opened this issue Jun 1, 2024 · 3 comments
Open

OIDC authentication via Google fails on Tomcat #728

tfield opened this issue Jun 1, 2024 · 3 comments
Labels
info: workaround available A workaround is available for the issue

Comments

@tfield
Copy link

tfield commented Jun 1, 2024

Expected Behavior

When using OIDC authentication with Google and Tomcat, I expect to be able to log in successfully.

The Micronaut Guide SECURE A MICRONAUT APPLICATION WITH GOOGLE was followed, and the server was changed from netty to tomcat, and this fails.

This seems similar to
#239
which includes links to
#256
#275

Actual Behaviour

The callback URL fails with the following exception

ERROR i.m.http.server.RouteExecutor - Unexpected error occurred: Error instantiating bean of type [io.micronaut.security.oauth2.endpoint.authorization.response.DefaultOpenIdAuthorizationResponse]: Error decoding request body: Stream closed

This works fine with Netty.

mn-tomcat-google-error.txt

Steps To Reproduce

  1. download the java/gradle micronaut guide sample from here.
  2. configure google client id/secret per your google console
  3. start and test the app to authenticate
  4. observe success
  5. edit build.gradle and change micronaut.runtime from 'netty' to 'tomcat', and add implementation("io.micronaut.servlet:micronaut-http-server-tomcat")
  6. restart the app and test to authenticate
  7. observe the stack trace

Environment Information

  • macOS Sonoma
  • azul 21 jdk

Example Application

Download the java/gradle micronaut guide sample from here.

Version

4.4.0

@graemerocher
Copy link
Contributor

Seems it doesn't like async being enabled by default, will take a look. You could try and use the latest 4.9.0 version and disable async. See https://micronaut-projects.github.io/micronaut-servlet/latest/guide/configurationreference.html#io.micronaut.servlet.engine.MicronautServletConfiguration

@tfield
Copy link
Author

tfield commented Jun 3, 2024

Thank you - that worked! I set

    implementation 'io.micronaut.servlet:micronaut-servlet-engine:4.9.0'
    implementation 'io.micronaut.servlet:micronaut-http-server-tomcat:4.9.0'

and

micronaut:
  servlet:
    async-supported: false
    test-async-supported: false
    async-file-serving-enabled: false

and this was successful.

@graemerocher graemerocher added the info: workaround available A workaround is available for the issue label Jun 3, 2024
@tfield
Copy link
Author

tfield commented Nov 14, 2024

Update: I have updated my app to 4.6.3 and doing so allows me to remove the servlet 4.9 dependencies, so that's great.
However, when I bump to 4.7.0, OIDC authentication no longer works. Is it possible to track down what has changed that broke this?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
info: workaround available A workaround is available for the issue
Projects
None yet
Development

No branches or pull requests

2 participants