Uploaded image for project: 'mod-authtoken'
  1. mod-authtoken
  2. MODAT-54

Bad JWT signature errors continuous in okapi log

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • TBD
    • Resolution: Cannot Reproduce
    • None
    • None
    • None
    • Core: Platform

    Description

      According to the investigation in MODSOURMAN-210 we found that if we use expired token it can spam into the okapi log. 

      SEVERE: Unsupported JWT format
org.folio.auth.authtokenmodule.BadSignatureException: Could not verify token eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJkaWt1X2FkbWluIiwidXNlcl9pZCI6Ijc3MjkyZGZlLTcwZTktNTQ5ZS04YjZlLWI2ZmVkNDFmMTM3OSIsImlhdCI6MTU3MDAxNjc5NiwidGVuYW50IjoiZGlrdSJ9.NAjwHxX6WhMUESBsbItIc2q-B41dsIfIeCEspo0ckMY
	at org.folio.auth.authtokenmodule.TokenCreator.checkJWTToken(TokenCreator.java:86)

      2019-10-25 08:35:40,746 INFO  ProxyService         X-Okapi-Permissions-Required: inventory.items.collection.get
2019-10-25 08:35:40,747 INFO  ProxyService         X-Okapi-Request-Id: 958543/inventory
2019-10-25 08:35:40,748 INFO  ProxyService         X-Okapi-request-ip: 10.0.2.2
2019-10-25 08:35:40,748 INFO  ProxyService         X-Okapi-request-method: GET
2019-10-25 08:35:40,748 INFO  ProxyService         X-Okapi-request-timestamp: 1571992540738
2019-10-25 08:35:40,749 INFO  ProxyService         X-Okapi-Tenant: diku
2019-10-25 08:35:40,749 INFO  ProxyService         X-Okapi-Token: eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJkaWt1X2FkbWluIiwidXNlcl9pZCI6IjQ3MmYyZjlmLWU5ZDktNWRkOC1iZDdhLTY4NTNiNDYwZWJkOSIsImlhdCI6MTU3MTkyNjQzOSwidGVuYW50IjoiZGlrdSJ9.Lf7hZzTnuhC6D0Au0ZqDZyUQeehvIe0helc-1uiFvSI
2019-10-25 08:35:40,750 INFO  ProxyService         X-Okapi-Url: http://10.0.2.15:9130
2019-10-25 08:35:40,792 INFO  ProxyContext         958543/inventory RES 401 53451us mod-authtoken-2.4.0-SNAPSHOT.58 http://10.0.2.15:9145/inventory/items
2019-10-25 08:35:40,797 INFO  DockerModuleHandle   mod-authtoken-2.4.0-SNAPSHOT.58 Oct 25, 2019 8:35:40 AM mod-auth-authtoken-module
2019-10-25 08:35:40,797 INFO  DockerModuleHandle   mod-authtoken-2.4.0-SNAPSHOT.58 SEVERE: Unsupported JWT format

      The same problem for inventory.

      Header and payload of the token look ok after decoding using for example https://jwt.io/ :

      {
  "alg": "HS256"
}

      {
  "sub": "diku_admin",
  "user_id": "77292dfe-70e9-549e-8b6e-b6fed41f1379",
  "iat": 1570016796,
  "tenant": "diku"
}

      ui-data app has a place where UI call backend every n second for updating progress. If someone doesn't close tab and env rebuild it sends requests with old (expired) token and it spam to console. Maybe it will be better to change logging to logger.info("Unsupported JWT format", b); instead of error or don't log it

      TestRail: Results

        Attachments

          Issue Links

            relates to

            Bug - A problem which impairs or prevents the functions of the product. MODSOURMAN-210 Bad JWT signature errors continuous in okapi log

            • P3 - low priority level, item will be considered for inclusion in the next dev cycle
            • Closed

            Bug - A problem which impairs or prevents the functions of the product. MSEARCH-252 ApiException throws an error in mod search when installing modules

            • P3 - low priority level, item will be considered for inclusion in the next dev cycle
            • Closed

            Activity

              People

                adam Adam Dickmeiss
                OleksiiKuzminov Oleksii Kuzminov
                Votes:
                0 Vote for this issue
                Watchers:
                8 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  TestRail: Runs

                    TestRail: Cases