Kia ora all,

I'm writing a library to integrate one of our services with DSpace 7.6 and 
I'm having an issue with the REST API that occurs when I run integration 
tests.

Every so often, a call to the REST API will return an HTTP 401 
Unauthorized, despite being logged in as an admin account, the JWT not 
having expired, and correctly sending the CSRF header and cookie.

Looking at the logs, it seems that DSpace is detecting the JWT as invalid. 
However, the *same* token is used both before and after this point without 
issue, as shown below:

2023-11-14 11:28:52,796 DEBUG unknown unknown 
org.dspace.app.rest.security.jwt.JWTTokenHandler @ Received valid token for 
username: [email protected]

2023-11-14 11:28:52,864 WARN  unknown unknown 
org.dspace.app.rest.security.jwt.JWTTokenHandler @ 0:0:0:0:0:0:0:1 tried to 
use an expired or non-valid token 

2023-11-14 11:28:52,968 DEBUG unknown unknown 
org.dspace.app.rest.security.jwt.JWTTokenHandler @ Received valid token for 
username: [email protected]

This occurs even I if I add a check to the /authn/status endpoint to ensure 
that the client is still authenticated before making each call.

The only related oddity I've managed to note in the logs is that the 
EPerson for the user is mostly blank:

2023-11-14 11:28:52,913 DEBUG unknown 4eb31978-f7fd-414f-851c-a9a0d7071efe 
org.hibernate.internal.util.EntityPrinter @ 
org.dspace.eperson.EPerson{handles=<uninitialized>, 
metadata=<uninitialized>, salt=[redacted], lastActive=2023-11-14 
11:28:51.279, sessionSalt*=*, netid=null, resourcePolicies=<uninitialized>, 
requireCertificate=false, groups=<uninitialized>, digestAlgorithm=SHA-512, 
selfRegistered=false, canLogIn=true, password=[redacted], legacyId=null, 
id=41784848-fe6c-4b7e-82db-c81fe3c89f6e, [email protected]}

But for other calls it's populated correctly.

Ngā mihi nui,
Ori

-- 
All messages to this mailing list should adhere to the Code of Conduct: 
https://www.lyrasis.org/about/Pages/Code-of-Conduct.aspx
--- 
You received this message because you are subscribed to the Google Groups 
"DSpace Technical Support" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/dspace-tech/544c2a48-a00a-4a0b-95fc-6158d66ac68fn%40googlegroups.com.

Reply via email to