Stirling-PDF
Stirling-PDF copied to clipboard
Published
2 weeks ago
•
Stirling-Tools
Stirling-Tools
[Bug]: After enabling oAuth and setting X-API-KEY, API does not work anymore
The Problem
After setting oAuth the API stopped working, as X-API-KEY was missing. Setting this, then gives an error:
nodered_stirling-pdf_1 | 17:10:10.410 [qtp1751850541-172] WARN o.e.j.ee10.servlet.ServletChannel - /api/v1/general/split-pages
nodered_stirling-pdf_1 | java.lang.IllegalArgumentException: Cannot pass null or empty values to constructor
nodered_stirling-pdf_1 | at org.springframework.util.Assert.isTrue(Assert.java:111)
nodered_stirling-pdf_1 | at org.springframework.security.core.userdetails.User.<init>(User.java:110)
nodered_stirling-pdf_1 | at org.springframework.security.core.userdetails.User.<init>(User.java:87)
nodered_stirling-pdf_1 | at stirling.software.SPDF.config.security.UserService.loadUserByApiKey(UserService.java:131)
nodered_stirling-pdf_1 | at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
nodered_stirling-pdf_1 | at java.base/java.lang.reflect.Method.invoke(Method.java:580)
nodered_stirling-pdf_1 | at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:354)
nodered_stirling-pdf_1 | at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:716)
nodered_stirling-pdf_1 | at stirling.software.SPDF.config.security.UserService$$SpringCGLIB$$0.loadUserByApiKey(<generated>)
nodered_stirling-pdf_1 | at stirling.software.SPDF.config.security.UserAuthenticationFilter.doFilterInternal(UserAuthenticationFilter.java:57)
...
Version of Stirling-PDF
0.28.1
Page Where the Problem Occurred
/api/v1/general/split-pages
Docker config
stirling-pdf:
image: frooodle/s-pdf:latest
deploy:
resources:
limits:
memory: 4G
healthcheck:
test: ["CMD-SHELL", "curl -f http://localhost:8080/api/v1/info/status | grep -q 'UP' && curl -fL http://localhost:8080/ | grep -q 'Please sign in'"]
interval: 5s
timeout: 10s
retries: 16
restart: unless-stopped
volumes:
- ./volumes/trainingData:/usr/share/tessdata #Required for extra OCR languages
- ./volumes/extraConfigs:/configs
environment:
VIRTUAL_HOST: "xxx"
LETSENCRYPT_HOST: "xxx"
VIRTUAL_PORT: 8080
INSTALL_BOOK_AND_ADVANCED_HTML_OPS: "true"
LANGS: "en_GB"
SYSTEM_ENABLELOGIN: "true"
DOCKER_ENABLE_SECURITY: "true"
SECURITY_ENABLELOGIN: "true"
SECURITY_LOGINMETHOD: "oauth2"
SECURITY_OAUTH2_ENABLED: "true"
SECURITY_OAUTH2_AUTOCREATEUSER: "true" # This is set to true to allow auto-creation of non-existing users in Striling-PDF
SECURITY_OAUTH2_ISSUER: "xxx" # Change with any other provider that supports OpenID Connect Discovery (/.well-known/openid-configuration) end-point
SECURITY_OAUTH2_CLIENTID: "stirling-pdf" # Client ID from your provider
SECURITY_OAUTH2_CLIENTSECRET: "xxx" # Client Secret from your provider
SECURITY_OAUTH2_USEASUSERNAME: "email"
SECURITY_OAUTH2_SCOPES: "openid, profile, email"
SECURITY_OAUTH2_PROVIDER: "keycloak"
PUID: 1002
PGID: 1002
UMASK: "022"
SYSTEM_DEFAULTLOCALE: "en-US"
UI_APPNAME: "Stirling-PDF"
UI_HOMEDESCRIPTION: "Stirling-PDF with Security"
UI_APPNAMENAVBAR: "Stirling-PDF"
SYSTEM_MAXFILESIZE: "100"
METRICS_ENABLED: "true"
SYSTEM_GOOGLEVISIBILITY: "false"
No Duplicate of the Issue
- [X] I have verified that there are no existing issues raised related to my problem.
I've double checked this yesterday by disabling oauth:
# SYSTEM_ENABLELOGIN: "true"
# DOCKER_ENABLE_SECURITY: "true"
Then it all worked. Re-enabling -> same error.
My guess is the problem is at loadUserByApiKey:
user.getPassword(), // you might not need this for API key auth
When oAuth is used, my guess is that this is null.
Currently got no JDK-environment set up on my laptop and my Java is rusty, so can't quickly test. My guess that this would fix it:
Objects.requireNonNullElse(user.getPassword(), "None"), // Default value when using oAuth
If you need the full logs, let me know.
