Expired Example DAPS Certificate #130

Krieke · 2023-03-09T04:02:51Z

Can it be that the example DAPS certificate isstbroker-keystore.jks is expired.

When following the Installation Guide and using the postman collection to illustrate all core functions of the IDS Metadata Broker a Failed to retrieve own DAPS token, preventing a valid response. --I0t5EPCGhkIvABxUmgBpde6wWW4k54-- is noticed.

I also find it strange that a DAPS issue is reported when one has configured the DAPS_VALIDATE_INCOMING=false in the docker-compose.yml

The output on the console:

broker-localhost-broker-reverseproxy-1  | 172.21.0.1 - - [09/Mar/2023:03:34:14 +0000] "POST /infrastructure HTTP/1.1" 200 1475 "-" "PostmanRuntime/7.29.2"
broker-localhost-broker-core-1          | de.fraunhofer.iais.eis.ids.component.core.TokenRetrievalException: Unable to retrieve DAPS token.
broker-localhost-broker-core-1          | 	at de.fraunhofer.iais.eis.ids.component.ecosystemintegration.daps.DapsSecurityTokenProvider.getSecurityToken(DapsSecurityTokenProvider.java:96)
broker-localhost-broker-core-1          | 	at de.fraunhofer.iais.eis.ids.component.core.SecurityTokenProvider.getSecurityTokenAsDAT(SecurityTokenProvider.java:12)
broker-localhost-broker-core-1          | 	at de.fraunhofer.iais.eis.ids.component.core.MessageDispatcher.handle(MessageDispatcher.java:69)
broker-localhost-broker-core-1          | 	at de.fraunhofer.iais.eis.ids.component.core.MessageDispatcher.lambda$dispatch$2(MessageDispatcher.java:51)
broker-localhost-broker-core-1          | 	at java.base/java.util.Optional.map(Optional.java:265)
broker-localhost-broker-core-1          | 	at de.fraunhofer.iais.eis.ids.component.core.MessageDispatcher.dispatch(MessageDispatcher.java:51)
broker-localhost-broker-core-1          | 	at de.fraunhofer.iais.eis.ids.component.core.DefaultComponent.process(DefaultComponent.java:45)
broker-localhost-broker-core-1          | 	at de.fraunhofer.iais.eis.ids.component.interaction.multipart.MultipartComponentInteractor.process(MultipartComponentInteractor.java:87)
broker-localhost-broker-core-1          | 	at de.fraunhofer.iais.eis.ids.component.protocol.http.server.ComponentController.processMessage(ComponentController.java:237)
broker-localhost-broker-core-1          | 	at de.fraunhofer.iais.eis.ids.component.protocol.http.server.ComponentController.infrastructureLevelCommunication(ComponentController.java:205)
broker-localhost-broker-core-1          | 	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
broker-localhost-broker-core-1          | 	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
broker-localhost-broker-core-1          | 	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
broker-localhost-broker-core-1          | 	at java.base/java.lang.reflect.Method.invoke(Method.java:566)
broker-localhost-broker-core-1          | 	at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:189)
broker-localhost-broker-core-1          | 	at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:138)
broker-localhost-broker-core-1          | 	at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:102)
broker-localhost-broker-core-1          | 	at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:895)
broker-localhost-broker-core-1          | 	at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:800)
broker-localhost-broker-core-1          | 	at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)
broker-localhost-broker-core-1          | 	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1038)
broker-localhost-broker-core-1          | 	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:942)
broker-localhost-broker-core-1          | 	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1005)
broker-localhost-broker-core-1          | 	at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:908)
broker-localhost-broker-core-1          | 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:665)
broker-localhost-broker-core-1          | 	at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:882)
broker-localhost-broker-core-1          | 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:750)
broker-localhost-broker-core-1          | 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
broker-localhost-broker-core-1          | 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
broker-localhost-broker-core-1          | 	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53)
broker-localhost-broker-core-1          | 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
broker-localhost-broker-core-1          | 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
broker-localhost-broker-core-1          | 	at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99)
broker-localhost-broker-core-1          | 	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
broker-localhost-broker-core-1          | 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
broker-localhost-broker-core-1          | 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
broker-localhost-broker-core-1          | 	at org.springframework.web.filter.FormContentFilter.doFilterInternal(FormContentFilter.java:92)
broker-localhost-broker-core-1          | 	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
broker-localhost-broker-core-1          | 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
broker-localhost-broker-core-1          | 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
broker-localhost-broker-core-1          | 	at org.springframework.web.filter.HiddenHttpMethodFilter.doFilterInternal(HiddenHttpMethodFilter.java:93)
broker-localhost-broker-core-1          | 	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
broker-localhost-broker-core-1          | 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
broker-localhost-broker-core-1          | 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
broker-localhost-broker-core-1          | 	at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:200)
broker-localhost-broker-core-1          | 	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
broker-localhost-broker-core-1          | 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
broker-localhost-broker-core-1          | 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
broker-localhost-broker-core-1          | 	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202)
broker-localhost-broker-core-1          | 	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
broker-localhost-broker-core-1          | 	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541)
broker-localhost-broker-core-1          | 	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
broker-localhost-broker-core-1          | 	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
broker-localhost-broker-core-1          | 	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74)
broker-localhost-broker-core-1          | 	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
broker-localhost-broker-core-1          | 	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:373)
broker-localhost-broker-core-1          | 	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
broker-localhost-broker-core-1          | 	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:868)
broker-localhost-broker-core-1          | 	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1589)
broker-localhost-broker-core-1          | 	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
broker-localhost-broker-core-1          | 	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
broker-localhost-broker-core-1          | 	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
broker-localhost-broker-core-1          | 	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
broker-localhost-broker-core-1          | 	at java.base/java.lang.Thread.run(Thread.java:829)
broker-localhost-broker-core-1          | Caused by: java.io.IOException: Unable to retrieve DAPS token (response code: 400) 
broker-localhost-broker-core-1          |  Response: {"error":"invalid_client","error_description":"Error decoding JWT: No verification key available"}
broker-localhost-broker-core-1          | 	at de.fraunhofer.iais.eis.ids.component.ecosystemintegration.daps.DapsTokenRetriever.acquireAccessTokenFromDaps(DapsTokenRetriever.java:190)
broker-localhost-broker-core-1          | 	at de.fraunhofer.iais.eis.ids.component.ecosystemintegration.daps.DapsTokenRetriever.retrieveToken(DapsTokenRetriever.java:101)
broker-localhost-broker-core-1          | 	at de.fraunhofer.iais.eis.ids.component.ecosystemintegration.daps.DapsSecurityTokenProvider.getSecurityToken(DapsSecurityTokenProvider.java:94)
broker-localhost-broker-core-1          | 	... 63 more

The text was updated successfully, but these errors were encountered:

tharindupr · 2023-07-19T12:58:14Z

Were you able to resolve this issue? If so, please let me know how. Thanks

Krieke · 2023-07-20T10:04:19Z

Hi @tharindupr, due to change in projects I didn't spend any additional time on this. So if you are not able to reproduce you can close the ticket.

tharindupr · 2023-07-20T10:24:29Z

@Krieke At the moment, I'm facing the same issue. The strange thing is the issue occurs even though the DAPS validation is turned off.

Krieke · 2023-07-20T10:34:16Z

@tharindupr indeed, see my initial comment. I hope someone can find the time to help you with this.

elkezza · 2024-09-26T11:07:06Z

@tharindupr Were you able to resolve this issue? I am facing the same problem

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Expired Example DAPS Certificate #130

Expired Example DAPS Certificate #130

Krieke commented Mar 9, 2023

tharindupr commented Jul 19, 2023

Krieke commented Jul 20, 2023

tharindupr commented Jul 20, 2023

Krieke commented Jul 20, 2023

elkezza commented Sep 26, 2024

Expired Example DAPS Certificate #130

Expired Example DAPS Certificate #130

Comments

Krieke commented Mar 9, 2023

tharindupr commented Jul 19, 2023

Krieke commented Jul 20, 2023

tharindupr commented Jul 20, 2023

Krieke commented Jul 20, 2023

elkezza commented Sep 26, 2024