This seems to be already reported here
https://issues.jboss.org/browse/KEYCLOAK-518 . I've added your
stacktrace into comment in JIRA as it's not completely same as the one
in JIRA.
Marek
On 9.6.2014 07:46, Conrad Winchester wrote:
Hi again
I think I my have found another bug. If I send in a bearer token that is invalid keycloak
throws an error rather than returning an ‘Unauthorised' response
[0m[31m06:26:20,551 ERROR [io.undertow.request] (default task-105) UT005023: Exception
handling request to /shift-server/shift/users: java.lang.RuntimeException:
java.lang.RuntimeException: Illegal base64url string!
at org.keycloak.jose.jws.JWSInput.<init>(JWSInput.java:39)
[keycloak-core-1.0-beta-2.jar:]
at org.keycloak.RSATokenVerifier.verifyToken(RSATokenVerifier.java:20)
[keycloak-core-1.0-beta-2.jar:]
at org.keycloak.RSATokenVerifier.verifyToken(RSATokenVerifier.java:16)
[keycloak-core-1.0-beta-2.jar:]
at
org.keycloak.adapters.BearerTokenRequestAuthenticator.authenticate(BearerTokenRequestAuthenticator.java:63)
[keycloak-adapter-core-1.0-beta-2.jar:]
at org.keycloak.adapters.RequestAuthenticator.authenticate(RequestAuthenticator.java:37)
[keycloak-adapter-core-1.0-beta-2.jar:]
at
org.keycloak.adapters.undertow.ServletKeycloakAuthMech.authenticate(ServletKeycloakAuthMech.java:38)
[keycloak-undertow-adapter-1.0-beta-2.jar:]
at
io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:281)
[undertow-core-1.0.15.Final.jar:1.0.15.Final]
at
io.undertow.security.impl.SecurityContextImpl$AuthAttempter.transition(SecurityContextImpl.java:298)
[undertow-core-1.0.15.Final.jar:1.0.15.Final]
at
io.undertow.security.impl.SecurityContextImpl$AuthAttempter.access$100(SecurityContextImpl.java:268)
[undertow-core-1.0.15.Final.jar:1.0.15.Final]
at
io.undertow.security.impl.SecurityContextImpl.attemptAuthentication(SecurityContextImpl.java:131)
[undertow-core-1.0.15.Final.jar:1.0.15.Final]
at
io.undertow.security.impl.SecurityContextImpl.authTransition(SecurityContextImpl.java:106)
[undertow-core-1.0.15.Final.jar:1.0.15.Final]
at
io.undertow.security.impl.SecurityContextImpl.authenticate(SecurityContextImpl.java:99)
[undertow-core-1.0.15.Final.jar:1.0.15.Final]
at
io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:54)
[undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at
io.undertow.server.handlers.DisableCacheHandler.handleRequest(DisableCacheHandler.java:27)
[undertow-core-1.0.15.Final.jar:1.0.15.Final]
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25)
[undertow-core-1.0.15.Final.jar:1.0.15.Final]
at
io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:51)
[undertow-core-1.0.15.Final.jar:1.0.15.Final]
at
io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:45)
[undertow-core-1.0.15.Final.jar:1.0.15.Final]
at
io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:61)
[undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at
io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:56)
[undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at
io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58)
[undertow-core-1.0.15.Final.jar:1.0.15.Final]
at
io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70)
[undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at
io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76)
[undertow-core-1.0.15.Final.jar:1.0.15.Final]
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25)
[undertow-core-1.0.15.Final.jar:1.0.15.Final]
at
org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25)
[undertow-core-1.0.15.Final.jar:1.0.15.Final]
at
org.keycloak.adapters.undertow.ServletPreAuthActionsHandler.handleRequest(ServletPreAuthActionsHandler.java:54)
[keycloak-undertow-adapter-1.0-beta-2.jar:]
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25)
[undertow-core-1.0.15.Final.jar:1.0.15.Final]
at
io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:240)
[undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at
io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:227)
[undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at
io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:73)
[undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at
io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:146)
[undertow-servlet-1.0.15.Final.jar:1.0.15.Final]
at io.undertow.server.Connectors.executeRootHandler(Connectors.java:177)
[undertow-core-1.0.15.Final.jar:1.0.15.Final]
at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:727)
[undertow-core-1.0.15.Final.jar:1.0.15.Final]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
[rt.jar:1.8.0]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
[rt.jar:1.8.0]
at java.lang.Thread.run(Thread.java:744) [rt.jar:1.8.0]
Caused by: java.lang.RuntimeException: Illegal base64url string!
at org.keycloak.util.Base64Url.decode(Base64Url.java:33)
[keycloak-core-1.0-beta-2.jar:]
at org.keycloak.jose.jws.JWSInput.<init>(JWSInput.java:30)
[keycloak-core-1.0-beta-2.jar:]
... 35 more
Conrad
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user