By: Jeremy Carter user 11 Aug 2020 at 2:21 p.m. CDT

4 Responses

The passport_saml and passport_social default scripts will produce the exception at the bottom of this ticket if the script is reloaded (destroyed and reinitialized due to a script save action in oxtrust) after someone has loaded the login page (prepareForStep already called) but before they have clicked the login button (authenticate action). This can be fixed by adding self.parseProviderConfigs() at the bottom of the init() function. Traceback (most recent call last): File "passport_saml.py", line 133, in authenticate File "passport_saml.py", line 537, in attemptAuthentication AttributeError: 'PersonAuthentication' object has no attribute 'registeredProviders' at org.python.core.Py.AttributeError(Py.java:207) at org.python.core.PyObject.noAttributeError(PyObject.java:1032) at org.python.core.PyObject.__getattr__(PyObject.java:1027) at org.python.pycode._pyx15.attemptAuthentication$30(passport_saml.py:655) at org.python.pycode._pyx15.call_function(passport_saml.py) at org.python.core.PyTableCode.call(PyTableCode.java:171) at org.python.core.PyBaseCode.call(PyBaseCode.java:189) at org.python.core.PyFunction.__call__(PyFunction.java:446) at org.python.core.PyMethod.__call__(PyMethod.java:171) at org.python.pycode._pyx15.authenticate$8(passport_saml.py:178) at org.python.pycode._pyx15.call_function(passport_saml.py) at org.python.core.PyTableCode.call(PyTableCode.java:171) at org.python.core.PyBaseCode.call(PyBaseCode.java:308) at org.python.core.PyBaseCode.call(PyBaseCode.java:199) at org.python.core.PyFunction.__call__(PyFunction.java:482) at org.python.core.PyMethod.instancemethod___call__(PyMethod.java:237) at org.python.core.PyMethod.__call__(PyMethod.java:228) at org.python.core.PyMethod.__call__(PyMethod.java:218) at org.python.core.PyMethod.__call__(PyMethod.java:213) at org.python.core.PyObject._jcallexc(PyObject.java:3644) at org.python.core.PyObject._jcall(PyObject.java:3676) at org.python.proxies.__builtin__$PersonAuthentication$26.authenticate(Unknown Source) at org.gluu.oxauth.service.external.ExternalAuthenticationService.executeExternalAuthenticate(ExternalAuthenticationService.java:196) at org.gluu.oxauth.service.external.ExternalAuthenticationService$Proxy$_$$_WeldClientProxy.executeExternalAuthenticate(Unknown Source) at org.gluu.oxauth.auth.Authenticator.userAuthenticationInteractive(Authenticator.java:321) at org.gluu.oxauth.auth.Authenticator.authenticateImpl(Authenticator.java:204) at org.gluu.oxauth.auth.Authenticator.authenticateWithOutcome(Authenticator.java:154) at sun.reflect.GeneratedMethodAccessor342.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.apache.el.parser.AstValue.invoke(AstValue.java:247) at org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:267) at org.jboss.weld.module.web.util.el.ForwardingMethodExpression.invoke(ForwardingMethodExpression.java:40) at org.jboss.weld.module.web.el.WeldMethodExpression.invoke(WeldMethodExpression.java:50) at com.sun.faces.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:107) at javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:87) at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102) at javax.faces.component.UIViewAction.broadcast(UIViewAction.java:587) at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:870) at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:1418) at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:82) at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:100) at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:201) at javax.faces.webapp.FacesServlet.service(FacesServlet.java:670) at org.eclipse.jetty.servlet.ServletHolder$NotAsyncServlet.service(ServletHolder.java:1395) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:755) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1617) at org.eclipse.jetty.websocket.server.WebSocketUpgradeFilter.doFilter(WebSocketUpgradeFilter.java:226) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1604) at org.gluu.oxauth.audit.debug.ServletLoggingFilter.doFilter(ServletLoggingFilter.java:67) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1596) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:545) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:590) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1607) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1297) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:485) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1577) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1212) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:221) at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:146) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127) at org.eclipse.jetty.server.Server.handle(Server.java:500) at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:383) at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:547) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:375) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:270) at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311) at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:103) at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:117) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:336) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:313) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:171) at org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:129) at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:388) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:806) at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:938) at java.lang.Thread.run(Thread.java:748)

Ubuntu 18.0

closed

By Michael Schwartz Account Admin 11 Aug 2020 at 2:30 p.m. CDT

Copy

Thanks for the suggestion. Will review.

By Chris Eland staff 12 Aug 2020 at 2:03 p.m. CDT

Copy

Hello Jeremy. Thanks for your report and suggestion. This issue 'was fixed' on 4.2.x for passport_saml. Actually the [solved issue](https://github.com/GluuFederation/oxAuth/pull/1413) main scope was not triggered **destroy/reloading from oxtrust**, but as we had external (file, and not database) scripts being destroyed / initialized in short interval. So we worked this fix exclusively for **passport_saml**. So just to make it crystal clear: We are talking about the use-case that you wrote (reload script when saving on oxtrust in the middle of login flow for passport_saml and passport_social, correct? Looking forward your answer to proceed accordingly. Best Chris

By Jeremy Carter user 12 Aug 2020 at 5:18 p.m. CDT

Copy

Correct, this error is caused whenever I edit any of the login scripts in oxtrust (which are configured as database sourced not external file) which causes all scripts to be destroyed and reinitialized. Since the authentication server is under normal use when this occurs, there are various users in various states of authentication when the reload occurs. If the first request that arrives after script reload is to authenticate (login button pressed on an already loaded page) and not a page load (which triggers prepareForStep), it will be referencing the uninitialized property 'registeredProviders' which is only initialized in prepareForStep. My suggestion is to initialize that property in the init function so that it doesn't matter which request arrives first on script reload, it will already have been initialized.

By Chris Eland staff 17 Aug 2020 at 9:31 a.m. CDT

Copy

Hey Jeremy! Thanks for your input. I opened the issue https://github.com/GluuFederation/oxAuth/issues/1448 regarding this ticket :) We are open source, open to contributions, feel free to submit your PR if wanted. Meanwhile I'm closing this ticket, but feel free to open a ticket anytime. Best regards, Chris

You need to Login in order to post an answer

passport_saml and passport_social produces script error after reloading script.

By: Jeremy Carter user 11 Aug 2020 at 2:21 p.m. CDT

Answers

By Michael Schwartz Account Admin 11 Aug 2020 at 2:30 p.m. CDT

By Chris Eland staff 12 Aug 2020 at 2:03 p.m. CDT

By Jeremy Carter user 12 Aug 2020 at 5:18 p.m. CDT

By Chris Eland staff 17 Aug 2020 at 9:31 a.m. CDT

Post an answer