Cannot convert access token to JSON on accessing management endpoints from jhipster registry

See original GitHub issue

Architecture Jhispter Registry API Gateway UAA Server MS 1 MS 2 …

  • Microservices and Gateway uses authenticationType as uaa, while jhispter registry uses JWT
  • I can access host:8761/admin/logfile for Jhispter Registry
  • Accessing host:8761/admin/logfile for other results in 401 with Cannot convert access token to JSON

Similar Issue was reported for Jhipster Registry v5.0.0 #367

steps to reproduce

  1. Login to jhipster-registry using admin credentials
  2. Go to Administrator and open logs i.e host:8761/admin/logfile
  3. Choose microservice/uua
  4. Gets redirected to login again

Response

{
     "error":"invalid_token",
     "error_description":"Cannot convert access token to JSON"
}

Headers

Request URL: http://host:8761/services/authserver/authserver:09a2477fa25d36ddddc3dd5c056c575d/management/logfile
Request Method: GET
Status Code: 401 Unauthorized
Remote Address: host:8761
Referrer Policy: no-referrer-when-downgrade

**Response Header**
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Connection: keep-alive
Content-Type: application/json;charset=UTF-8
Date: Thu, 19 Mar 2020 13:46:21 GMT
Expires: 0
Pragma: no-cache
Transfer-Encoding: chunked
Vary: Origin
Vary: Access-Control-Request-Method
Vary: Access-Control-Request-Headers
WWW-Authenticate: Bearer realm="jhipster-uaa", error="invalid_token", error_description="Cannot convert access token to JSON"
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

**Request Header**
Accept: application/json, text/plain, */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en-GB;q=0.9,en;q=0.8
Authorization: Bearer eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJhZG1pbiIsImF1dGgiOiJST0xFX0FETUlOLFJPTEVfVVNFUiIsImV4cCI6MTU4NDcxMTk3N30.gI6dHBpAOUfrjnoL1um-ei4PxzuWKTmJP-hC8kQp4UlVfMlGfmT_yF-4jl5sVPP-dy9h5baPxAeW6uD5Re1ctw
Connection: keep-alive
Host: host:8761
Referer: http://host:8761/admin/logfile
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.132 Safari/537.36

.yo-rc.json (Jhipster Registry)

{
  "generator-jhipster": {
    "jhipsterVersion": "6.6.0",
    "baseName": "JHipsterRegistry",
    "packageName": "io.github.jhipster.registry",
    "packageFolder": "io/github/jhipster/registry",
    "serverPort": "8761",
    "authenticationType": "jwt",
    "hibernateCache": "no",
    "clusteredHttpSession": false,
    "websocket": false,
    "databaseType": "no",
    "devDatabaseType": "no",
    "prodDatabaseType": "no",
    "searchEngine": false,
    "messageBroker": false,
    "serviceDiscoveryType": "eureka",
    "buildTool": "maven",
    "enableSocialSignIn": false,
    "jwtSecretKey": "c9d37cefc48581919939d587c750ea215020765b",
    "useSass": true,
    "enableTranslation": false,
    "applicationType": "gateway",
    "testFrameworks": [],
    "jhiPrefix": "jhi",
    "skipClient": false,
    "skipUserManagement": false,
    "clientPackageManager": "npm",
    "clientFramework": "angularX",
    "cacheProvider": "no",
    "enableHibernateCache": false,
    "embeddableLaunchScript": false,
    "clientTheme": "none",
    "entitySuffix": "",
    "dtoSuffix": "DTO",
    "otherModules": [],
    "blueprints": [],
    "creationTimestamp": 1576848019661,
    "gcpProjectId": "jhipsterproject",
    "gcpCloudSqlInstanceName": "jhipsterproject:us-central1:jhipster",
    "gcpCloudSqlUserName": "root",
    "gcpCloudSqlDatabaseName": "jhipsterregistry",
    "gaeServiceName": "jhipster-registry",
    "gaeLocation": "us-central",
    "gaeInstanceClass": "F2",
    "gaeScalingType": "automatic",
    "gaeMinInstances": "1",
    "gaeMaxInstances": "2",
    "gaeCloudSQLInstanceNeeded": "Y"
  }
}

.yo-rc.json (API Gateway)

{
  "generator-jhipster": {
    "promptValues": {
      "packageName": "com.pck.gateway",
      "nativeLanguage": "en"
    },
    "jhipsterVersion": "6.3.1",
    "applicationType": "gateway",
    "baseName": "APIGateway",
    "packageName": "com.pck.gateway",
    "packageFolder": "com/pck/gateway",
    "serverPort": "8080",
    "authenticationType": "uaa",
    "uaaBaseName": "AuthServer",
    "cacheProvider": "no",
    "enableHibernateCache": false,
    "websocket": false,
    "databaseType": "sql",
    "devDatabaseType": "postgresql",
    "prodDatabaseType": "postgresql",
    "searchEngine": false,
    "messageBroker": false,
    "serviceDiscoveryType": "eureka",
    "buildTool": "maven",
    "enableSwaggerCodegen": false,
    "embeddableLaunchScript": false,
    "useSass": true,
    "clientPackageManager": "npm",
    "clientFramework": "angularX",
    "clientTheme": "none",
    "clientThemeVariant": "",
    "testFrameworks": [],
    "jhiPrefix": "jhi",
    "entitySuffix": "",
    "dtoSuffix": "DTO",
    "otherModules": [],
    "enableTranslation": true,
    "nativeLanguage": "en",
    "languages": ["en"],
    "blueprints": []
  }
}

.yo-rc.json (UAA)

{
  "generator-jhipster": {
    "promptValues": {
      "packageName": "com.pck.authserver",
      "nativeLanguage": "en"
    },
    "jhipsterVersion": "6.3.1",
    "applicationType": "uaa",
    "baseName": "AuthServer",
    "packageName": "com.pck.authserver",
    "packageFolder": "com/pck/authserver",
    "serverPort": "9999",
    "authenticationType": "uaa",
    "cacheProvider": "no",
    "websocket": false,
    "databaseType": "sql",
    "devDatabaseType": "postgresql",
    "prodDatabaseType": "postgresql",
    "searchEngine": false,
    "messageBroker": false,
    "serviceDiscoveryType": "eureka",
    "buildTool": "maven",
    "enableSwaggerCodegen": false,
    "jwtSecretKey": "Y2ZkMDVhM2FkMjc5ZDE2YWEzYjA0MDI1MWY2MDg5ZjdkM2YyZmE2NWM0ZTQ4NzExMTAyYTZhNzQ1MzYzMjI2OTk1MmVlZDhkMDQ3NTQ0OTQ1ZGQxNzNiZWQ0MmE1YzgwMDIyNGVhOGZiYjkwY2IxZDg3NTRjMjJkZGI1YjE4Mjg=",
    "embeddableLaunchScript": false,
    "testFrameworks": [],
    "jhiPrefix": "jhi",
    "entitySuffix": "",
    "dtoSuffix": "DTO",
    "otherModules": [],
    "enableTranslation": true,
    "clientPackageManager": "npm",
    "nativeLanguage": "en",
    "languages": [
      "en"
    ],
    "blueprints": [],
    "skipClient": true
  }
}

.yo-rc.json (MS 1)

{
  "generator-jhipster": {
    "promptValues": {
      "packageName": "com.pck.botmanager",
      "nativeLanguage": "en"
    },
    "jhipsterVersion": "6.3.1",
    "applicationType": "microservice",
    "baseName": "BotManagerMS",
    "packageName": "com.pck.botmanager",
    "packageFolder": "com/pck/botmanager",
    "serverPort": "8082",
    "authenticationType": "uaa",
    "uaaBaseName": "AuthServer",
    "cacheProvider": "no",
    "websocket": false,
    "databaseType": "sql",
    "devDatabaseType": "postgresql",
    "prodDatabaseType": "postgresql",
    "searchEngine": false,
    "messageBroker": false,
    "serviceDiscoveryType": "eureka",
    "buildTool": "maven",
    "enableSwaggerCodegen": false,
    "jwtSecretKey": "ZDYxOTU1MjM4ZWQ1ZmMyMTVhMjhlN2EzOTUzZWZhZDM0YmI1NDNlYjE3NzM3NDg1ZTBhYzBmY2FiMWNkMzNlZWUxNWJhNzk1ZmZhZTgwN2JiNmVmYTQ4ZTJiMmU5MjVlZDFjNDljYWEzODIxN2M5N2RkOTEwZDc1OWZlMzdmMjE=",
    "embeddableLaunchScript": false,
    "testFrameworks": [],
    "jhiPrefix": "jhi",
    "entitySuffix": "",
    "dtoSuffix": "DTO",
    "otherModules": [],
    "enableTranslation": true,
    "clientPackageManager": "npm",
    "nativeLanguage": "en",
    "languages": [
      "en"
    ],
    "blueprints": [],
    "skipClient": true,
    "skipUserManagement": true
  }
}

Issue Analytics

  • State:closed
  • Created 4 years ago
  • Comments:9 (3 by maintainers)

github_iconTop GitHub Comments

1reaction
pascalgrimaudcommented, Mar 25, 2021

Sorry @jairo-henao but the support of UAA has been removed in the last version of JHipster Registry, because it’s not maintained for long time and no one wants to fix all the related issue, like this one.

I would suggest you to switch to OAuth2 + Keycloak/Okta. If you really want to keep UAA, you can use an old version of JHipster Registry, fork it, and try to fix the issue on your side.

As the support of UAA has been removed, we can close this ticket.

0reactions
jairo-henaocommented, Mar 24, 2021

Any update on this? This error has me crazy

Read more comments on GitHub >

github_iconTop Results From Across the Web

Spring oauth2 refresh token - Cannot convert access token to ...
So it looks like the issue was an invalid refresh_token format. Due to my config, what the auth server was expecting was a...
Read more >
Security - JHipster
JHipster provides three main security mechanisms: JSON Web Tokens (JWT); Session-based authentication; OAuth 2.0 and OpenID Connect. JSON Web Tokens (JWT) ...
Read more >
Cannot convert access token to JSON - Auth0 Community
We are having problems loging into an application because it's throwing all the time an invalid_token error saying that “cannot convert ...
Read more >
spring-projects/spring-security-oauth - Gitter
The error was Cannot convert access token to JSON . This is on the Resource Server side, so we might not need a...
Read more >
Securing your APIs using Okta and a JHipster gateway - Ippon
You can even use the JHipster registry for that. Depending on the OAuth 2.0 flow you chose you will obtain an ID Token...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found