[
https://issues.apache.org/jira/browse/KNOX-3258?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Tamás Marcinkovics updated KNOX-3258:
-------------------------------------
Attachment: keycloak-test-after-fix2.png
> Fix OIDC client login
> ---------------------
>
> Key: KNOX-3258
> URL: https://issues.apache.org/jira/browse/KNOX-3258
> Project: Apache Knox
> Issue Type: Task
> Components: KnoxSSO
> Affects Versions: 2.1.0
> Reporter: Tamás Marcinkovics
> Assignee: Tamás Marcinkovics
> Priority: Major
> Attachments: http500-oidc-client-pac4j-knox-login.png,
> keycloak-test-after-fix1.png, keycloak-test-after-fix2.png
>
>
> When configuring Knox to use OpenID Connect, (setting up pac4j as a
> federation provider in knoxsso and using the client OidcClient or
> AzureAdClient, etc.),
> login fails with a 500 internal server error and the stack trace shows that
> oauth2-oidc-sdk:8.22 used by pac4j:4.5.6 is not compatible with the
> com.nimbusds:nimbus-jose-jwt:10.
> HTTP ERROR 500 javax.servlet.ServletException:
> javax.servlet.ServletException: java.lang.NoSuchMethodError:
> com.nimbusds.jwt.JWTClaimsSet.toJSONObject()Lnet/minidev/json/JSONObject;
> URI: /gateway/knoxsso/api/v1/websso
> STATUS: 500
> MESSAGE: javax.servlet.ServletException: javax.servlet.ServletException:
> java.lang.NoSuchMethodError:
> com.nimbusds.jwt.JWTClaimsSet.toJSONObject()Lnet/minidev/json/JSONObject;
> SERVLET: knoxsso-knox-gateway-servlet
> CAUSED BY: javax.servlet.ServletException: javax.servlet.ServletException:
> java.lang.NoSuchMethodError:
> com.nimbusds.jwt.JWTClaimsSet.toJSONObject()Lnet/minidev/json/JSONObject;
> CAUSED BY: javax.servlet.ServletException: java.lang.NoSuchMethodError:
> com.nimbusds.jwt.JWTClaimsSet.toJSONObject()Lnet/minidev/json/JSONObject;
> CAUSED BY: java.lang.NoSuchMethodError:
> com.nimbusds.jwt.JWTClaimsSet.toJSONObject()Lnet/minidev/json/JSONObject;
> Stack trace:
> ERROR knox.gateway (GatewayServlet.java:service(129)) - Gateway processing
> failed: javax.servlet.ServletException: java.lang.NoSuchMethodError:
> com.nimbusds.jwt.JWTClaimsSet.toJSONObject()Lnet/minidev/json/JSONObject;
> javax.servlet.ServletException: java.lang.NoSuchMethodError:
> com.nimbusds.jwt.JWTClaimsSet.toJSONObject()Lnet/minidev/json/JSONObject;
> at
> org.apache.knox.gateway.filter.AbstractGatewayFilter.doFilter(AbstractGatewayFilter.java:65)
> ~[gateway-spi-2.1.0.jar:2.1.0]
> ...
> Caused by: java.lang.NoSuchMethodError:
> com.nimbusds.jwt.JWTClaimsSet.toJSONObject()Lnet/minidev/json/JSONObject;
> at
> com.nimbusds.openid.connect.sdk.claims.IDTokenClaimsSet.<init>(IDTokenClaimsSet.java:238)
> ~[oauth2-oidc-sdk-8.22.jar:8.22]
> at
> com.nimbusds.openid.connect.sdk.validators.IDTokenValidator.toIDTokenClaimsSet(IDTokenValidator.java:339)
> ~[oauth2-oidc-sdk-8.22.jar:8.22]
> at
> com.nimbusds.openid.connect.sdk.validators.IDTokenValidator.validate(IDTokenValidator.java:289)
> ~[oauth2-oidc-sdk-8.22.jar:8.22]
> at
> com.nimbusds.openid.connect.sdk.validators.IDTokenValidator.validate(IDTokenValidator.java:224)
> ~[oauth2-oidc-sdk-8.22.jar:8.22]
> at
> org.pac4j.oidc.profile.creator.TokenValidator.validate(TokenValidator.java:103)
> ~[pac4j-oidc-4.5.6.jar:?]
> at
> org.pac4j.oidc.profile.creator.OidcProfileCreator.create(OidcProfileCreator.java:93)
> ~[pac4j-oidc-4.5.6.jar:?]
> at
> org.pac4j.oidc.profile.creator.OidcProfileCreator.create(OidcProfileCreator.java:45)
> ~[pac4j-oidc-4.5.6.jar:?]
> at
> org.pac4j.core.client.BaseClient.retrieveUserProfile(BaseClient.java:119)
> ~[pac4j-core-4.5.6.jar:?]
> at
> org.pac4j.core.client.BaseClient.getUserProfile(BaseClient.java:99)
> ~[pac4j-core-4.5.6.jar:?]
> at
> org.pac4j.core.engine.DefaultCallbackLogic.perform(DefaultCallbackLogic.java:88)
> ~[pac4j-core-4.5.6.jar:?]
> at
> org.pac4j.jee.filter.CallbackFilter.internalFilter(CallbackFilter.java:75)
> ~[jee-pac4j-5.0.0.jar:?]
> at
> org.pac4j.jee.filter.AbstractConfigFilter.doFilter(AbstractConfigFilter.java:70)
> ~[jee-pac4j-5.0.0.jar:?]
> at
> org.apache.knox.gateway.pac4j.filter.Pac4jDispatcherFilter.doFilter(Pac4jDispatcherFilter.java:344)
> ~[gateway-provider-security-pac4j-2.1.0.jar:2.1.0]
> at
> org.apache.knox.gateway.GatewayFilter$Holder.doFilter(GatewayFilter.java:392)
> ~[gateway-server-2.1.0.jar:2.1.0]
> at
> org.apache.knox.gateway.GatewayFilter$Chain.doFilter(GatewayFilter.java:306)
> ~[gateway-server-2.1.0.jar:2.1.0]
> at
> org.apache.knox.gateway.filter.XForwardedHeaderFilter.doFilter(XForwardedHeaderFilter.java:50)
> ~[gateway-server-xforwarded-filter-2.1.0.jar:2.1.0]
> at
> org.apache.knox.gateway.filter.AbstractGatewayFilter.doFilter(AbstractGatewayFilter.java:59)
> ~[gateway-spi-2.1.0.jar:2.1.0]
> ... 57 more
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
