micronaut-security icon indicating copy to clipboard operation
micronaut-security copied to clipboard

Published 20 hours ago verified publisher icon micronaut-projects

Token Propagation not working overriding environment properties

Open HelLViS69 opened this issue 4 years ago • 1 comments

Hello, I have a strange problem with the token propagation. I just updated to Micronaut 2.0.0, and following the migration steps I changed some properties to adapt to new behaviour.

My environment is as follow:

  1. authentication service, which generates the JWT token
  2. GraphQL service, which validates the token and then propagates it to the underlying services
  3. other services, which validate the token

The problem came out when I use the full tree path of the service-id-regex property. The TokenPropagationHttpClientFilter bean is not loaded, and all HTTP calls result in a 401

This is the GraphQL application.yml

micronaut:
  application:
    name: GraphQL
  server:
    port: 8080
  security:
    authentication: bearer
    intercept-url-map:
      - pattern: /graphql
        http-method: POST
        access:
          - isAuthenticated()
      - pattern: /gui
        http-method: GET
        access:
          - isAuthenticated()
    endpoints:
      keys:
        enabled: false
      oauth:
        enabled: false
      login:
        enabled: false
      logout:
        enabled: false
    token:
      jwt:
        signatures:
          secret:
            validation:
              secret: averylongsecret
      propagation:
        enabled: true
        service-id-regex: "stats|users"
        header:
          enabled: true
  http:
    services:
      stats:
        url: "http://stats:8080"
      users:
        url: "http://users:8080"

graphql:
  graphiql:
    enabled: true
    path: /gui

This is the application-local.yml, not working

micronaut:
  security:
    intercept-url-map:
      - pattern: /graphql
        http-method: POST
        access:
          - isAnonymous()
      - pattern: /gui
        http-method: GET
        access:
          - isAnonymous()
    token:
      propagation:
        service-id-regex: "http://localhost:(8081|8082)"
  http:
    services:
      stats:
        url: "http://localhost:8081"
      users:
        url: "http://localhost:8082"

This is the application-local.yml, working

micronaut:
  security:
    intercept-url-map:
      - pattern: /graphql
        http-method: POST
        access:
          - isAnonymous()
      - pattern: /gui
        http-method: GET
        access:
          - isAnonymous()
#    token:
#      propagation:
        service-id-regex: "http://localhost:(8081|8082)"
  http:
    services:
      stats:
        url: "http://localhost:8081"
      users:
        url: "http://localhost:8082"

Expected Behaviour

The token is propagated correctly to the other microservices

Environment Information

  • Operating System: Gentoo Linux
  • Micronaut Version: 2.0.0
  • JDK Version: openjdk version "11.0.7" 2020-04-14 OpenJDK Runtime Environment GraalVM CE 20.1.0 (build 11.0.7+10-jvmci-20.1-b02) OpenJDK 64-Bit Server VM GraalVM CE 20.1.0 (build 11.0.7+10-jvmci-20.1-b02, mixed mode, sharing)

HelLViS69 avatar Jul 09 '20 23:07 HelLViS69

any solution for this?

marcosflobo avatar Feb 20 '24 10:02 marcosflobo