Comments (10)
/cc @Ladicek (smallrye), @jmartisk (smallrye), @phillip-kruger (smallrye), @radcortez (smallrye), @sberyozkin (jwt)
from quarkus.
@amal-sebs Please provide more details, such as the cause of 500 (stacktrace) etc, see also https://quarkus.io/guides/security-jwt#how-to-check-the-errors-in-the-logs
from quarkus.
This is my function->
@functionName("fruits")
@RolesAllowed({"user"})
@securityrequirement(name = "jwt")
public HttpResponseMessage getFruits(@HttpTrigger(
name = "getFruits",
methods = {HttpMethod.POST},
authLevel = AuthorizationLevel.ANONYMOUS,
route = "/getFruits")
HttpRequestMessage request,
final ExecutionContext context)
Stack Trace ->
Exception: UnauthorizedException:
Stack: java.lang.reflect.InvocationTargetException
[2024-03-01T12:40:18.191Z] at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
[2024-03-01T12:40:18.200Z] at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
[2024-03-01T12:40:18.203Z] at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
[2024-03-01T12:40:18.207Z] at java.base/java.lang.reflect.Method.invoke(Method.java:566)
[2024-03-01T12:40:18.217Z] at com.microsoft.azure.functions.worker.broker.JavaMethodInvokeInfo.invoke(JavaMethodInvokeInfo.java:22)
[2024-03-01T12:40:18.220Z] at com.microsoft.azure.functions.worker.broker.EnhancedJavaMethodExecutorImpl.execute(EnhancedJavaMethodExecutorImpl.java:22)
[2024-03-01T12:40:18.222Z] at com.microsoft.azure.functions.worker.chain.FunctionExecutionMiddleware.invoke(FunctionExecutionMiddleware.java:19)
[2024-03-01T12:40:18.230Z] at com.microsoft.azure.functions.worker.chain.InvocationChain.doNext(InvocationChain.java:21)
[2024-03-01T12:40:18.234Z] at io.quarkus.azure.functions.runtime.QuarkusAzureFunctionsMiddleware.invoke(QuarkusAzureFunctionsMiddleware.java:19)
[2024-03-01T12:40:18.236Z] at com.microsoft.azure.functions.worker.chain.InvocationChain.doNext(InvocationChain.java:21)
[2024-03-01T12:40:18.241Z] at com.microsoft.azure.functions.worker.broker.JavaFunctionBroker.invokeMethod(JavaFunctionBroker.java:125)
[2024-03-01T12:40:18.247Z] at com.microsoft.azure.functions.worker.handler.InvocationRequestHandler.execute(InvocationRequestHandler.java:34)
[2024-03-01T12:40:18.250Z] at com.microsoft.azure.functions.worker.handler.InvocationRequestHandler.execute(InvocationRequestHandler.java:10)
[2024-03-01T12:40:18.253Z] at com.microsoft.azure.functions.worker.handler.MessageHandler.handle(MessageHandler.java:44)
[2024-03-01T12:40:18.259Z] at com.microsoft.azure.functions.worker.JavaWorkerClient$StreamingMessagePeer.lambda$onNext$0(JavaWorkerClient.java:94)
[2024-03-01T12:40:18.269Z] at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:515)
[2024-03-01T12:40:18.273Z] at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
[2024-03-01T12:40:18.279Z] at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
[2024-03-01T12:40:18.291Z] at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
[2024-03-01T12:40:18.300Z] at java.base/java.lang.Thread.run(Thread.java:834)
[2024-03-01T12:40:18.304Z] Caused by: io.quarkus.security.UnauthorizedException
[2024-03-01T12:40:18.306Z] at io.quarkus.security.runtime.interceptor.check.RolesAllowedCheck.doApply(RolesAllowedCheck.java:70)
[2024-03-01T12:40:18.308Z] at io.quarkus.security.runtime.interceptor.check.RolesAllowedCheck.apply(RolesAllowedCheck.java:55)
[2024-03-01T12:40:18.310Z] at io.quarkus.security.runtime.interceptor.SecurityConstrainer.check(SecurityConstrainer.java:34)
[2024-03-01T12:40:18.314Z] at io.quarkus.security.runtime.interceptor.SecurityHandler.handle(SecurityHandler.java:46)
[2024-03-01T12:40:18.319Z] at io.quarkus.security.runtime.interceptor.RolesAllowedInterceptor.intercept(RolesAllowedInterceptor.java:29)
[2024-03-01T12:40:18.322Z] at io.quarkus.security.runtime.interceptor.RolesAllowedInterceptor_Bean.intercept(Unknown Source)
[2024-03-01T12:40:18.325Z] at io.quarkus.arc.impl.InterceptorInvocation.invoke(InterceptorInvocation.java:42)
[2024-03-01T12:40:18.326Z] at io.quarkus.arc.impl.AroundInvokeInvocationContext.proceed(AroundInvokeInvocationContext.java:70)
[2024-03-01T12:40:18.336Z] at io.quarkus.arc.impl.AroundInvokeInvocationContext.proceed(AroundInvokeInvocationContext.java:62)
[2024-03-01T12:40:18.340Z] at io.quarkus.resteasy.reactive.server.runtime.StandardSecurityCheckInterceptor.intercept(StandardSecurityCheckInterceptor.java:44)
[2024-03-01T12:40:18.344Z] at io.quarkus.resteasy.reactive.server.runtime.StandardSecurityCheckInterceptor_RolesAllowedInterceptor_Bean.intercept(Unknown Source)
[2024-03-01T12:40:18.374Z] at io.quarkus.arc.impl.InterceptorInvocation.invoke(InterceptorInvocation.java:42)
[2024-03-01T12:40:18.387Z] at io.quarkus.arc.impl.AroundInvokeInvocationContext.perform(AroundInvokeInvocationContext.java:30)
[2024-03-01T12:40:18.399Z] at io.quarkus.arc.impl.InvocationContexts.performAroundInvoke(InvocationContexts.java:27)
[2024-03-01T12:40:18.439Z] ... 20 more
from quarkus.
@amal-sebs I have to admit I don't know how the infrastructure for hosting the Azure functions supports this jwt
requirement. Is the token already verified at the gateway ? AFAIK, for the Amazon functions, in this case the already verified token (by Cognito I guess) is mapped to the Quarkus security identity, so may be this is what is needed for the Azure functions case too
from quarkus.
and what is authLevel = AuthorizationLevel.ANONYMOUS
?
from quarkus.
and what is
authLevel = AuthorizationLevel.ANONYMOUS
?
There are three authLevels -> ANONYMOUS(no api key required, but enforcement of keys is possible), FUNCTION(function specific key required) and ADMIN
from quarkus.
@amal-sebs I have to admit I don't know how the infrastructure for hosting the Azure functions supports this
jwt
requirement. Is the token already verified at the gateway ? AFAIK, for the Amazon functions, in this case the already verified token (by Cognito I guess) is mapped to the Quarkus security identity, so may be this is what is needed for the Azure functions case too
I just went through what was done for Amazon functions and yes something similar is need for Azure functions too.
from quarkus.
@amal-sebs Thanks for confirming, would you like to work on the PR ? FYI, https://github.com/quarkusio/quarkus/blob/main/CONTRIBUTING.md
from quarkus.
This is a duplicate of #32479, but I'll close #32479 instead as this issue is newer. Workaround is shown in #32479, but I'd like to encourage you to go ahead with the fix
from quarkus.
/cc @patriot1burke
from quarkus.
Related Issues (20)
- Investigate SharedOpenArchivePathTree users counting HOT 4
- ArC: add ability to initialize synthetic beans eagerly HOT 3
- Gradle: cannot override the version of a dependency defined in the BOM HOT 2
- Quarkus CLI reports `Unmatched argument at index 2` error when running a command that doesn't exist HOT 1
- Flyway dev UI should allow me to create a migration script HOT 1
- Option `quarkus.log.syslog.max-length` ignores text of the message HOT 4
- Integration tests against AWS deployed services HOT 5
- Kubernetes Job does not inherit customization made to the Kubernetes deployment HOT 5
- Running Quarkus CLI rewrites gradle.properties HOT 1
- Add -DmicroOnly or similar to quarkus:update
- Multipart @FormParam on EntityPart not working according to Jakarta RESTful Web Services 3.1 HOT 5
- Remove @RestClient annotation and handle like normal bean HOT 19
- Scheduler: introduce a build item equivalent of quarkus.scheduler.start-mode=forced HOT 1
- Documentation describing Basic authentication stress additional complexity while this complexity is handled by extensions providing IdentityProvider HOT 6
- Add pagination fields in response or headers for rest-data-panache HOT 1
- HibernateException: A collection with cascade="all-delete-orphan" was no longer referenced by the owning entity instance HOT 7
- CDI not working with @QuarkusComponentTest HOT 6
- [Extension Proposal] AsyncAPI generator HOT 4
- continous testing - problem with @Nested @Nested: java.nio.file.FileSystemNotFoundException: Provider "quarkus" not installed
- Error Quarkus Native Build step org.apache.camel.quarkus.core.deployment.CamelProcessor#camelServices threw an exception: java.nio.file.ClosedFileSystemException HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from quarkus.