Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Panic on JWT token refresh #2460

Closed
plorenz opened this issue Oct 1, 2024 · 0 comments
Closed

Panic on JWT token refresh #2460

plorenz opened this issue Oct 1, 2024 · 0 comments
Assignees
@plorenz
Labels
bug Something isn't working controller Issue related to the controller distributed-control Work related to HA/Raft/other distributed control panic describes a code panic

Comments

@plorenz
Copy link
Member

plorenz commented Oct 1, 2024 

[2024-10-01 13:23:00.556]   ERROR github.com/openziti/xweb/v2.(*Server).wrapHandler.(*Server).wrapPanicRecovery.func2.1: panic caught by server handler: runtime error: invalid memory address or nil pointer dereference
goroutine 4727 [running]:
github.com/openziti/foundation/v2/debugz.generateStack(0x2000, 0x0)
        github.com/openziti/foundation/[email protected]/debugz/stack.go:38 +0x45
github.com/openziti/foundation/v2/debugz.GenerateLocalStack()
        github.com/openziti/foundation/[email protected]/debugz/stack.go:33 +0x1a
github.com/openziti/xweb/v2.(*Server).wrapHandler.(*Server).wrapPanicRecovery.func2.1()
        github.com/openziti/xweb/[email protected]/server.go:163 +0x85
panic({0x375adc0?, 0x5c34d20?})
        runtime/panic.go:785 +0x132
github.com/openziti/ziti/controller/oidc_auth.(*HybridStorage).TokenRequestByRefreshToken(0x4329ce8?, {0xc00401c8a0?, 0xc000ce5930?}, {0xc001132aed?, 0xc000ce5930?})
        github.com/openziti/ziti/controller/oidc_auth/storage.go:582 +0x4a
github.com/zitadel/oidc/v2/pkg/op.GetTokenIDAndSubjectFromToken({0x4329ce8, 0xc00401c8a0}, {0x7973e136ed20, 0xc00325dd40}, {0xc001132aed, 0x5b1}, {0xc0023e3950, 0x2e}, 0x0)
        github.com/zitadel/oidc/[email protected]/pkg/op/token_exchange.go:294 +0x107
github.com/zitadel/oidc/v2/pkg/op.ValidateTokenExchangeRequest({0x4329ce8, 0xc00401c8a0}, 0xc0016ff6b0, {0xc000ce5930, 0x8}, {0xc000ce5930, 0x0}, {0x7973e136ed20, 0xc00325dd40})
        github.com/zitadel/oidc/[email protected]/pkg/op/token_exchange.go:227 +0x47d
github.com/zitadel/oidc/v2/pkg/op.TokenExchange({0x4327770, 0xc00401c4e0}, 0xc0036ff400, {0x7973e136ed20, 0xc00325dd40})
        github.com/zitadel/oidc/[email protected]/pkg/op/token_exchange.go:146 +0x22a
github.com/zitadel/oidc/v2/pkg/op.Exchange({0x4327770, 0xc00401c4e0}, 0xc0036ff400, {0x7973e136ed20, 0xc00325dd40})
        github.com/zitadel/oidc/[email protected]/pkg/op/token_request.go:55 +0x133
github.com/zitadel/oidc/v2/pkg/op.CreateRouter.tokenHandler.func6({0x4327770, 0xc00401c4e0}, 0xc0036ff2c0)
        github.com/zitadel/oidc/[email protected]/pkg/op/token_request.go:32 +0xe8
net/http.HandlerFunc.ServeHTTP(0x4329ce8?, {0x4327770?, 0xc00401c4e0?}, 0x42e79b8?)
        net/http/server.go:2220 +0x29
github.com/zitadel/oidc/v2/pkg/op.(*IssuerInterceptor).setIssuerCtx(0x140?, {0x4327770, 0xc00401c4e0}, 0xc0036ff180, {0x42fc240, 0xc001ad3488})
        github.com/zitadel/oidc/[email protected]/pkg/op/context.go:52 +0x15a
github.com/zitadel/oidc/v2/pkg/op.(*IssuerInterceptor).Handler.func1({0x4327770?, 0xc00401c4e0?}, 0xc0036ff180?)
        github.com/zitadel/oidc/[email protected]/pkg/op/context.go:28 +0x35
net/http.HandlerFunc.ServeHTTP(0xc0029e6c30?, {0x4327770?, 0xc00401c4e0?}, 0xc0036ff180?)
        net/http/server.go:2220 +0x29
github.com/rs/cors.(*Cors).Handler-fm.(*Cors).Handler.func1({0x4327770, 0xc00401c4e0}, 0xc0036ff180)
        github.com/rs/[email protected]/cors.go:289 +0x184
net/http.HandlerFunc.ServeHTTP(0xc0036ff040?, {0x4327770?, 0xc00401c4e0?}, 0xc001547350?)
        net/http/server.go:2220 +0x29
github.com/gorilla/mux.(*Router).ServeHTTP(0xc00325de00, {0x4327770, 0xc00401c4e0}, 0xc0036fef00)
        github.com/gorilla/[email protected]/mux.go:212 +0x1e2
github.com/openziti/ziti/controller/oidc_auth.newHttpRouter.StripPrefix.func5({0x4327770, 0xc00401c4e0}, 0xc0036fedc0)
        net/http/server.go:2282 +0x262
net/http.HandlerFunc.ServeHTTP(0xc0036fec80?, {0x4327770?, 0xc00401c4e0?}, 0x21e1ca0?)
        net/http/server.go:2220 +0x29
github.com/gorilla/mux.(*Router).ServeHTTP(0xc00325dc80, {0x4327770, 0xc00401c4e0}, 0xc0036feb40)
        github.com/gorilla/[email protected]/mux.go:212 +0x1e2
github.com/openziti/ziti/controller/oidc_auth.NewNativeOnlyOP.func1({0x4327770, 0xc00401c4e0}, 0xc0036fe780)
        github.com/openziti/ziti/controller/oidc_auth/provider.go:58 +0x34b
net/http.HandlerFunc.ServeHTTP(0xc00401c420?, {0x4327770?, 0xc00401c4e0?}, 0x273d7d168d?)
        net/http/server.go:2220 +0x29
github.com/gorilla/handlers.(*cors).ServeHTTP(0xc0013359e0, {0x4327770, 0xc00401c4e0}, 0xc0036fe780)
        github.com/gorilla/[email protected]/cors.go:54 +0x335
github.com/openziti/ziti/controller/webapis.OidcApiHandler.ServeHTTP(...)
        github.com/openziti/ziti/controller/webapis/oidc-api.go:93
github.com/openziti/xweb/v2.(*IsHandledDemuxFactory).Build.func1({0x4327770, 0xc00401c4e0}, 0xc0036fe640)
        github.com/openziti/xweb/[email protected]/demux.go:153 +0x1f1
net/http.HandlerFunc.ServeHTTP(0x30?, {0x4327770?, 0xc00401c4e0?}, 0x1555c4b?)
        net/http/server.go:2220 +0x29
github.com/openziti/xweb/v2.(*DemuxHandlerImpl).ServeHTTP(0xc001547970?, {0x4327770?, 0xc00401c4e0?}, 0x42fb2a0?)
        github.com/openziti/xweb/[email protected]/demux.go:48 +0x26
github.com/openziti/xweb/v2.(*Server).wrapHandler.(*Server).wrapSetCtrlAddressHeader.func1({0x4327770?, 0xc00401c4e0?}, 0x0?)
        github.com/openziti/xweb/[email protected]/server.go:185 +0xc9
net/http.HandlerFunc.ServeHTTP(0x30?, {0x4327770?, 0xc00401c4e0?}, 0x30?)
        net/http/server.go:2220 +0x29
github.com/openziti/xweb/v2.(*Server).wrapHandler.(*Server).wrapPanicRecovery.func2({0x4327770?, 0xc00401c4e0?}, 0x1?)
        github.com/openziti/xweb/[email protected]/server.go:167 +0x75
net/http.HandlerFunc.ServeHTTP(0xc003d2efa0?, {0x4327770?, 0xc00401c4e0?}, 0xffffffffffffffff?)
        net/http/server.go:2220 +0x29
github.com/openziti/xweb/v2/middleware.handleGZip({0x43232f8, 0xc0037821c0}, 0xc0036fe640, {0x42fc240, 0xc002c73b20})
        github.com/openziti/xweb/[email protected]/middleware/compression.go:207 +0x19c
github.com/openziti/xweb/v2.(*Server).wrapHandler.NewCompressionHandler.func3({0x43232f8, 0xc0037821c0}, 0xc0036fe640)
        github.com/openziti/xweb/[email protected]/middleware/compression.go:88 +0xa5
net/http.HandlerFunc.ServeHTTP(0x1551225?, {0x43232f8?, 0xc0037821c0?}, 0xc003782101?)
        net/http/server.go:2220 +0x29
net/http.serverHandler.ServeHTTP({0x43197f8?}, {0x43232f8?, 0xc0037821c0?}, 0x6?)
        net/http/server.go:3210 +0x8e
net/http.(*conn).serve(0xc001c82c60, {0x4329ce8, 0xc0027442a0})
        net/http/server.go:2092 +0x5d0
created by net/http.(*Server).Serve in goroutine 106
        net/http/server.go:3360 +0x485
@plorenz plorenz self-assigned this Oct 1, 2024
@plorenz plorenz added bug Something isn't working panic describes a code panic controller Issue related to the controller distributed-control Work related to HA/Raft/other distributed control labels Oct 1, 2024
plorenz added a commit that referenced this issue Oct 1, 2024
@plorenz
Fix JWT refresh panic. Fixes #2460
9658033
@plorenz plorenz closed this as completed in b8294a9 Oct 1, 2024
plorenz added a commit that referenced this issue Oct 1, 2024
@plorenz
Merge pull request #2461 from openziti/fix-jwt-refresh-panic
852976e 
Fix JWT refresh panic. Fixes #2460
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@plorenz plorenz

Labels
bug Something isn't working controller Issue related to the controller distributed-control Work related to HA/Raft/other distributed control panic describes a code panic
Projects
Controller HA
Status: Done
Milestone
No milestone
Development

No branches or pull requests
1 participant
@plorenz