[ https://issues.apache.org/jira/browse/NIFI-10842?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17636044#comment-17636044 ]
Curtis W Ruck commented on NIFI-10842: -------------------------------------- The OAuth2 server is running https (proxied via httpd 2.4.37 w/ mod_ssl and http2). If I disable http2 on the remote httpd, it succeeds. The authentication endpoints do have optional mutual TLS client certificate authentication enabled, which appears to be what triggers the OkHttp3 bug. > StandardOauth2AccessTokenProvider support forcing HTTP protocol to 1.1 > ---------------------------------------------------------------------- > > Key: NIFI-10842 > URL: https://issues.apache.org/jira/browse/NIFI-10842 > Project: Apache NiFi > Issue Type: Bug > Components: Extensions > Affects Versions: 1.18.0 > Reporter: Curtis W Ruck > Priority: Major > > We are trying to use nifi's StandardOauth2AccessTokenProvider to enable > authentication in concert with InvokeHTTP to make requests to a REST API. The > OAuth2 server is responding with a HTTP 408 error code, and okhttp3 is > throwing a "stream was reset: HTTP_1_1_REQUIRED" exception. > In the same manner that InvokeHTTP got the `HTTP/2 Disabled` property, it > would be nice if StandardOauth2AccessTokenProvider had the same property. > {code:java} > 2022-11-18 20:44:17,842 ERROR [Timer-Driven Process Thread-9] > o.a.nifi.processors.standard.InvokeHTTP > InvokeHTTP[id=8c6c303d-0184-1000-2cd2-c88625f9a563] Failed to properly > initialize Processor. If still scheduled to run, NiFi will attempt to > initialize and run the Processor again after the 'Administrative Yield > Duration' has elapsed. Failure is due to java.io.UncheckedIOException: OAuth2 > access token request failed > java.io.UncheckedIOException: OAuth2 access token request failed > at > org.apache.nifi.oauth2.StandardOauth2AccessTokenProvider.getAccessDetails(StandardOauth2AccessTokenProvider.java:330) > at > org.apache.nifi.oauth2.StandardOauth2AccessTokenProvider.acquireAccessDetails(StandardOauth2AccessTokenProvider.java:289) > at > org.apache.nifi.oauth2.StandardOauth2AccessTokenProvider.getAccessDetails(StandardOauth2AccessTokenProvider.java:243) > at jdk.internal.reflect.GeneratedMethodAccessor966.invoke(Unknown Source) > at > java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.base/java.lang.reflect.Method.invoke(Method.java:566) > at > org.apache.nifi.controller.service.StandardControllerServiceInvocationHandler.invoke(StandardControllerServiceInvocationHandler.java:254) > at > org.apache.nifi.controller.service.StandardControllerServiceInvocationHandler.invoke(StandardControllerServiceInvocationHandler.java:105) > at com.sun.proxy.$Proxy216.getAccessDetails(Unknown Source) > at > org.apache.nifi.processors.standard.InvokeHTTP.initOauth2AccessTokenProvider(InvokeHTTP.java:875) > at jdk.internal.reflect.GeneratedMethodAccessor965.invoke(Unknown Source) > at > java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.base/java.lang.reflect.Method.invoke(Method.java:566) > at > org.apache.nifi.util.ReflectionUtils.invokeMethodsWithAnnotations(ReflectionUtils.java:145) > at > org.apache.nifi.util.ReflectionUtils.invokeMethodsWithAnnotations(ReflectionUtils.java:133) > at > org.apache.nifi.util.ReflectionUtils.invokeMethodsWithAnnotations(ReflectionUtils.java:78) > at > org.apache.nifi.util.ReflectionUtils.invokeMethodsWithAnnotation(ReflectionUtils.java:55) > at > org.apache.nifi.controller.StandardProcessorNode.lambda$initiateStart$8(StandardProcessorNode.java:1733) > at org.apache.nifi.engine.FlowEngine$3.call(FlowEngine.java:123) > at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264) > at > java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:304) > at > java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) > at > java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) > at java.base/java.lang.Thread.run(Thread.java:829) > Caused by: okhttp3.internal.http2.StreamResetException: stream was reset: > HTTP_1_1_REQUIRED > at okhttp3.internal.http2.Http2Stream.takeHeaders(Http2Stream.kt:148) > at > okhttp3.internal.http2.Http2ExchangeCodec.readResponseHeaders(Http2ExchangeCodec.kt:96) > at > okhttp3.internal.connection.Exchange.readResponseHeaders(Exchange.kt:106) > at > okhttp3.internal.http.CallServerInterceptor.intercept(CallServerInterceptor.kt:79) > at > okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109) > at > okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.kt:34) > at > okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109) > at > okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.kt:95) > at > okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109) > at > okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.kt:83) > at > okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109) > at > okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.kt:76) > at > okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109) > at > okhttp3.internal.connection.RealCall.getResponseWithInterceptorChain$okhttp(RealCall.kt:201) > at okhttp3.internal.connection.RealCall.execute(RealCall.kt:154) > at > org.apache.nifi.oauth2.StandardOauth2AccessTokenProvider.getAccessDetails(StandardOauth2AccessTokenProvider.java:320) > ... 23 common frames omitted > {code} -- This message was sent by Atlassian Jira (v8.20.10#820010)