opendut icon indicating copy to clipboard operation
opendut copied to clipboard
verified publisher icon eclipse-opendut

EDGAR should stop reconnecting when authentication failed

Open reimarstier opened this issue 1 year ago • 3 comments

At the moment:

  • Given: Invalid credentials for OpenDuT-EDGAR
  • Then EDGAR:
    • cannot be set-up
    • hangs during CARL-reachable check until timeout

Expected behavior:

  • Given: Invalid credentials for OpenDuT-Edgar
  • Then EDGAR:
    • Abort immediately upon authentication failure

reimarstier avatar Apr 30 '24 06:04 reimarstier

I was able to change our connect, so that it's not lazy. This allows us, in theory, to get error feedback more directly. However, the tonic errors don't seem to provide a status code right away. Will need to investigate further, though.

mbfm avatar Apr 30 '24 15:04 mbfm

I attempted to reproduce the issue in THEO and was not able to.
I'm guessing, the behavior changed due to the modification of the connect behavior, to not be lazy anymore, which means it now only opens a channel, it does not anymore make a call which would require authentication.

This might mean the "Check CARL Reachable"-task in EDGAR Setup is successful, but then the EDGAR Service crashes on startup, due to the missing authentication.

Steps I took to reproduce:

I ran the following in edgar-shell:

tar xf artifacts/opendut-edgar-x86_64-unknown-linux-gnu-0.1.0.tar.gz
cd opendut-edgar/
export OPENDUT_EDGAR_NETWORK_OIDC_CLIENT_SECRET=nonsense
./opendut-edgar setup managed <SETUP_STRING>

Got as Setup output:

 ✅ Write CA Certificates
 ✅ Check availabilty of needed command line programs
 ✅ Write Configuration
 ✅ Check CARL Reachable
 ✅ Copy executable to "/opt/opendut/edgar/opendut-edgar"
 ✅ Load Kernel Modules vcan, can-gw (Unchanged)
 ✅ NetBird - Unpack
 ✅ NetBird - Install Service
 ✅ NetBird - Start Service
 ✅ NetBird - Connect
 ✅ Create Service File
 ❌ Start Service
    Execution succeeded, but system state check indicated task still needing execution.

EDGAR Service fails due to:

2024-05-14T09:36:38.873075Z DEBUG opendut_edgar::common::carl: Opening peer messaging stream...
2024-05-14T09:36:38.905177Z ERROR opendut_carl_api::carl::auth::service: Failed to get token: FailedToGetToken: Fetching authentication token failed! cause: Server returned error response.
Error: Error while opening stream: status: Unknown, message: "FailedToGetToken: Fetching authentication token failed! cause: Server returned error response.", details: [], metadata: MetadataMap { headers: {} }

mbfm avatar May 14 '24 09:05 mbfm

seems to be fixed, error is handled and clear to the user

mirenz1 avatar May 22 '24 13:05 mirenz1