Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 1718177

Summary:	Token based Userinfo API is giving Internal Server Error.
Product:	[oVirt] ovirt-engine	Reporter:	Pratik Narode <pratik.narode>
Component:	General	Assignee:	Martin Perina <mperina>
Status:	CLOSED CURRENTRELEASE	QA Contact:	Petr Matyáš <pmatyas>
Severity:	high	Docs Contact:
Priority:	unspecified
Version:	4.3.3.7	CC:	bugs, lleistne
Target Milestone:	ovirt-4.3.5	Flags:	pm-rhel: ovirt-4.3+
Target Release:	4.3.5
Hardware:	Unspecified
OS:	Linux
Whiteboard:
Fixed In Version:	ovirt-engine-4.3.5	Doc Type:	If docs needed, set a value
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2019-07-30 14:08:47 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	Infra	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:

Description Pratik Narode 2019-06-07 08:08:48 UTC

Description of problem:
For 4.2 and lesser version we where using an userinfo API which was based on token authentication to gather user information.
The Api that I was using was:
curl -v -k -H "Accept: application/json" -H "Authorization: Bearer $1" "http://<engine>/ovirt-engine/sso/openid/userinfo?token=$1"

For 4.3 and greater version this API is changed to:
curl -v -k -H "Accept: application/json" -H "Authorization: Bearer $1" "http://<engine url>/ovirt-engine/sso/openid/userinfo?access_token=$1"

But when we are using this we are getting an "Internal Server Error". When I check the server logs on RHV engine, I came across this error:

```
2019-06-06 03:35:04,860-04 ERROR [io.undertow.request] (default task-38) UT005023: Exception handling request to /ovirt-engine/sso/openid/userinfo: java.lang.NoClassDefFoundError: Could not initialize class net.minidev.json.JSONValue

	at net.minidev.json.JSONObject.toString(JSONObject.java:260)

	at com.nimbusds.jose.Header.toString(Header.java:311) [nimbus-jose-jwt.jar:5.12]

	at com.nimbusds.jose.Header.toBase64URL(Header.java:329) [nimbus-jose-jwt.jar:5.12]

	at com.nimbusds.jose.JWSObject.<init>(JWSObject.java:120) [nimbus-jose-jwt.jar:5.12]

	at com.nimbusds.jwt.SignedJWT.<init>(SignedJWT.java:57) [nimbus-jose-jwt.jar:5.12]

	at org.ovirt.engine.core.sso.servlets.OpenIdUtils.createJWT(OpenIdUtils.java:68) [enginesso.jar:]

	at org.ovirt.engine.core.sso.servlets.OpenIdUserInfoServlet.buildResponse(OpenIdUserInfoServlet.java:65) [enginesso.jar:]

	at org.ovirt.engine.core.sso.servlets.OpenIdUserInfoServlet.service(OpenIdUserInfoServlet.java:44) [enginesso.jar:]

	at javax.servlet.http.HttpServlet.service(HttpServlet.java:791) [jboss-servlet-api_4.0_spec.jar:1.0.0.Final-redhat-1]

	at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:74) [undertow-servlet.jar:2.0.19.Final-redhat-00001]

	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129) [undertow-servlet.jar:2.0.19.Final-redhat-00001]

	at org.ovirt.engine.core.utils.servlet.CachingFilter.doFilter(CachingFilter.java:133) [utils.jar:]

	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) [undertow-servlet.jar:2.0.19.Final-redhat-00001]

	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) [undertow-servlet.jar:2.0.19.Final-redhat-00001]

	at org.ovirt.engine.core.branding.BrandingFilter.doFilter(BrandingFilter.java:73) [branding.jar:]

	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) [undertow-servlet.jar:2.0.19.Final-redhat-00001]

	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) [undertow-servlet.jar:2.0.19.Final-redhat-00001]

	at org.ovirt.engine.core.utils.servlet.LocaleFilter.doFilter(LocaleFilter.java:65) [utils.jar:]

	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) [undertow-servlet.jar:2.0.19.Final-redhat-00001]

	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) [undertow-servlet.jar:2.0.19.Final-redhat-00001]

	at org.ovirt.engine.core.utils.servlet.HeaderFilter.doFilter(HeaderFilter.java:94) [utils.jar:]

	at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61) [undertow-servlet.jar:2.0.19.Final-redhat-00001]

	at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131) [undertow-servlet.jar:2.0.19.Final-redhat-00001]

	at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84) [undertow-servlet.jar:2.0.19.Final-redhat-00001]

	at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) [undertow-servlet.jar:2.0.19.Final-redhat-00001]

	at io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68) [undertow-servlet.jar:2.0.19.Final-redhat-00001]

	at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) [undertow-servlet.jar:2.0.19.Final-redhat-00001]

	at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)

	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core.jar:2.0.19.Final-redhat-00001]

	at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:132) [undertow-servlet.jar:2.0.19.Final-redhat-00001]

	at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) [undertow-servlet.jar:2.0.19.Final-redhat-00001]

	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core.jar:2.0.19.Final-redhat-00001]

	at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:53) [undertow-core.jar:2.0.19.Final-redhat-00001]

	at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) [undertow-core.jar:2.0.19.Final-redhat-00001]

	at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) [undertow-servlet.jar:2.0.19.Final-redhat-00001]

	at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59) [undertow-servlet.jar:2.0.19.Final-redhat-00001]

	at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60) [undertow-core.jar:2.0.19.Final-redhat-00001]

	at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77) [undertow-servlet.jar:2.0.19.Final-redhat-00001]

	at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50) [undertow-core.jar:2.0.19.Final-redhat-00001]

	at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43) [undertow-core.jar:2.0.19.Final-redhat-00001]

	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core.jar:2.0.19.Final-redhat-00001]

	at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)

	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core.jar:2.0.19.Final-redhat-00001]

	at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core.jar:2.0.19.Final-redhat-00001]

	at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292) [undertow-servlet.jar:2.0.19.Final-redhat-00001]

	at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81) [undertow-servlet.jar:2.0.19.Final-redhat-00001]

	at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138) [undertow-servlet.jar:2.0.19.Final-redhat-00001]

	at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135) [undertow-servlet.jar:2.0.19.Final-redhat-00001]

	at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48) [undertow-servlet.jar:2.0.19.Final-redhat-00001]

	at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43) [undertow-servlet.jar:2.0.19.Final-redhat-00001]

	at org.wildfly.extension.undertow.security.SecurityContextThreadSetupAction.lambda$create$0(SecurityContextThreadSetupAction.java:105)

	at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)

	at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)

	at org.wildfly.extension.undertow.deployment.UndertowDeploymentInfoService$UndertowThreadSetupAction.lambda$create$0(UndertowDeploymentInfoService.java:1502)

	at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272) [undertow-servlet.jar:2.0.19.Final-redhat-00001]

	at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81) [undertow-servlet.jar:2.0.19.Final-redhat-00001]

	at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104) [undertow-servlet.jar:2.0.19.Final-redhat-00001]

	at io.undertow.server.Connectors.executeRootHandler(Connectors.java:364) [undertow-core.jar:2.0.19.Final-redhat-00001]

	at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:830) [undertow-core.jar:2.0.19.Final-redhat-00001]

	at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)

	at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:1985)

	at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1487)

	at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1378)

	at java.lang.Thread.run(Thread.java:748) [rt.jar:1.8.0_212]

```

Version-Release number of selected component (if applicable):
4.3.3.7-0.1.el7


How reproducible:
Invoke the userinfo API by passing jwt token.

Actual results:
Gets an Internal Server Error.

Expected results:
Should return user information

Comment 1 Petr Matyáš 2019-06-18 11:37:50 UTC

Verified on ovirt-engine-4.3.5-0.1.el7.noarch

Comment 2 Sandro Bonazzola 2019-07-30 14:08:47 UTC

This bugzilla is included in oVirt 4.3.5 release, published on July 30th 2019.

Since the problem described in this bug report should be
resolved in oVirt 4.3.5 release, it has been closed with a resolution of CURRENT RELEASE.

If the solution does not work for you, please open a new bug report.