[
https://issues.apache.org/jira/browse/NIFI-10842?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17636044#comment-17636044
]
Curtis W Ruck commented on NIFI-10842:
--------------------------------------
The OAuth2 server is running https (proxied via httpd 2.4.37 w/ mod_ssl and
http2). If I disable http2 on the remote httpd, it succeeds. The
authentication endpoints do have optional mutual TLS client certificate
authentication enabled, which appears to be what triggers the OkHttp3 bug.
> StandardOauth2AccessTokenProvider support forcing HTTP protocol to 1.1
> ----------------------------------------------------------------------
>
> Key: NIFI-10842
> URL: https://issues.apache.org/jira/browse/NIFI-10842
> Project: Apache NiFi
> Issue Type: Bug
> Components: Extensions
> Affects Versions: 1.18.0
> Reporter: Curtis W Ruck
> Priority: Major
>
> We are trying to use nifi's StandardOauth2AccessTokenProvider to enable
> authentication in concert with InvokeHTTP to make requests to a REST API. The
> OAuth2 server is responding with a HTTP 408 error code, and okhttp3 is
> throwing a "stream was reset: HTTP_1_1_REQUIRED" exception.
> In the same manner that InvokeHTTP got the `HTTP/2 Disabled` property, it
> would be nice if StandardOauth2AccessTokenProvider had the same property.
> {code:java}
> 2022-11-18 20:44:17,842 ERROR [Timer-Driven Process Thread-9]
> o.a.nifi.processors.standard.InvokeHTTP
> InvokeHTTP[id=8c6c303d-0184-1000-2cd2-c88625f9a563] Failed to properly
> initialize Processor. If still scheduled to run, NiFi will attempt to
> initialize and run the Processor again after the 'Administrative Yield
> Duration' has elapsed. Failure is due to java.io.UncheckedIOException: OAuth2
> access token request failed
> java.io.UncheckedIOException: OAuth2 access token request failed
> at
> org.apache.nifi.oauth2.StandardOauth2AccessTokenProvider.getAccessDetails(StandardOauth2AccessTokenProvider.java:330)
> at
> org.apache.nifi.oauth2.StandardOauth2AccessTokenProvider.acquireAccessDetails(StandardOauth2AccessTokenProvider.java:289)
> at
> org.apache.nifi.oauth2.StandardOauth2AccessTokenProvider.getAccessDetails(StandardOauth2AccessTokenProvider.java:243)
> at jdk.internal.reflect.GeneratedMethodAccessor966.invoke(Unknown Source)
> at
> java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.base/java.lang.reflect.Method.invoke(Method.java:566)
> at
> org.apache.nifi.controller.service.StandardControllerServiceInvocationHandler.invoke(StandardControllerServiceInvocationHandler.java:254)
> at
> org.apache.nifi.controller.service.StandardControllerServiceInvocationHandler.invoke(StandardControllerServiceInvocationHandler.java:105)
> at com.sun.proxy.$Proxy216.getAccessDetails(Unknown Source)
> at
> org.apache.nifi.processors.standard.InvokeHTTP.initOauth2AccessTokenProvider(InvokeHTTP.java:875)
> at jdk.internal.reflect.GeneratedMethodAccessor965.invoke(Unknown Source)
> at
> java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.base/java.lang.reflect.Method.invoke(Method.java:566)
> at
> org.apache.nifi.util.ReflectionUtils.invokeMethodsWithAnnotations(ReflectionUtils.java:145)
> at
> org.apache.nifi.util.ReflectionUtils.invokeMethodsWithAnnotations(ReflectionUtils.java:133)
> at
> org.apache.nifi.util.ReflectionUtils.invokeMethodsWithAnnotations(ReflectionUtils.java:78)
> at
> org.apache.nifi.util.ReflectionUtils.invokeMethodsWithAnnotation(ReflectionUtils.java:55)
> at
> org.apache.nifi.controller.StandardProcessorNode.lambda$initiateStart$8(StandardProcessorNode.java:1733)
> at org.apache.nifi.engine.FlowEngine$3.call(FlowEngine.java:123)
> at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
> at
> java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:304)
> at
> java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
> at
> java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
> at java.base/java.lang.Thread.run(Thread.java:829)
> Caused by: okhttp3.internal.http2.StreamResetException: stream was reset:
> HTTP_1_1_REQUIRED
> at okhttp3.internal.http2.Http2Stream.takeHeaders(Http2Stream.kt:148)
> at
> okhttp3.internal.http2.Http2ExchangeCodec.readResponseHeaders(Http2ExchangeCodec.kt:96)
> at
> okhttp3.internal.connection.Exchange.readResponseHeaders(Exchange.kt:106)
> at
> okhttp3.internal.http.CallServerInterceptor.intercept(CallServerInterceptor.kt:79)
> at
> okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
> at
> okhttp3.internal.connection.ConnectInterceptor.intercept(ConnectInterceptor.kt:34)
> at
> okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
> at
> okhttp3.internal.cache.CacheInterceptor.intercept(CacheInterceptor.kt:95)
> at
> okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
> at
> okhttp3.internal.http.BridgeInterceptor.intercept(BridgeInterceptor.kt:83)
> at
> okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
> at
> okhttp3.internal.http.RetryAndFollowUpInterceptor.intercept(RetryAndFollowUpInterceptor.kt:76)
> at
> okhttp3.internal.http.RealInterceptorChain.proceed(RealInterceptorChain.kt:109)
> at
> okhttp3.internal.connection.RealCall.getResponseWithInterceptorChain$okhttp(RealCall.kt:201)
> at okhttp3.internal.connection.RealCall.execute(RealCall.kt:154)
> at
> org.apache.nifi.oauth2.StandardOauth2AccessTokenProvider.getAccessDetails(StandardOauth2AccessTokenProvider.java:320)
> ... 23 common frames omitted
> {code}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
