• Home
  • Categories
  • Recent
  • Popular
  • Pricing
  • Contact us
  • Docs
  • Login
FusionAuth
  • Home
  • Categories
  • Recent
  • Popular
  • Pricing
  • Contact us
  • Docs
  • Login

500 Error: /api/jwt/vend

Scheduled Pinned Locked Moved Solved
General Discussion
2
8
1.5k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • S
    support 0
    last edited by support 0 29 May 2022, 22:47

    I'm attempting to use the /api/jwt/vend endpoint and getting a 500 ERROR as a response. This seems very similar/identical to [this] previous report.

    Here is the error from the logs:

    2022-05-29 10:31:28.498 PM ERROR io.fusionauth.app.primeframework.error.ExceptionExceptionHandler - An unhandled exception was thrown
    java.lang.NullPointerException: Cannot read field "keyId" because "this.request" is null
    	at io.fusionauth.app.action.api.jwt.VendAction.validate(VendAction.java:53)
    	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
    	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    	at java.base/java.lang.reflect.Method.invoke(Method.java:568)
    	at org.primeframework.mvc.util.ReflectionUtils.invoke(ReflectionUtils.java:414)
    	at org.primeframework.mvc.validation.DefaultValidationProcessor.validate(DefaultValidationProcessor.java:77)
    	at org.primeframework.mvc.validation.DefaultValidationWorkflow.perform(DefaultValidationWorkflow.java:46)
    	at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:51)
    	at org.primeframework.mvc.security.DefaultSecurityWorkflow.perform(DefaultSecurityWorkflow.java:81)
    	at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:51)
    	at org.primeframework.mvc.parameter.DefaultPostParameterWorkflow.perform(DefaultPostParameterWorkflow.java:50)
    	at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:51)
    	at org.primeframework.mvc.content.DefaultContentWorkflow.perform(DefaultContentWorkflow.java:52)
    	at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:51)
    	at org.primeframework.mvc.parameter.DefaultParameterWorkflow.perform(DefaultParameterWorkflow.java:57)
    	at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:51)
    	at org.primeframework.mvc.parameter.DefaultURIParameterWorkflow.perform(DefaultURIParameterWorkflow.java:102)
    	at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:51)
    	at org.primeframework.mvc.scope.DefaultScopeRetrievalWorkflow.perform(DefaultScopeRetrievalWorkflow.java:58)
    	at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:51)
    	at org.primeframework.mvc.message.DefaultMessageWorkflow.perform(DefaultMessageWorkflow.java:44)
    	at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:51)
    	at org.primeframework.mvc.action.DefaultActionMappingWorkflow.perform(DefaultActionMappingWorkflow.java:126)
    	at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:51)
    	at org.primeframework.mvc.workflow.StaticResourceWorkflow.perform(StaticResourceWorkflow.java:97)
    	at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:51)
    	at org.primeframework.mvc.parameter.RequestBodyWorkflow.perform(RequestBodyWorkflow.java:91)
    	at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:51)
    	at org.primeframework.mvc.security.DefaultSavedRequestWorkflow.perform(DefaultSavedRequestWorkflow.java:64)
    	at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:51)
    	at io.fusionauth.app.primeframework.CORSFilter.doFilter(CORSFilter.java:262)
    	at io.fusionauth.app.primeframework.CORSRequestWorkflow.perform(CORSRequestWorkflow.java:49)
    	at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:51)
    	at io.fusionauth.app.primeframework.FusionAuthMVCWorkflow.perform(FusionAuthMVCWorkflow.java:86)
    	at org.primeframework.mvc.workflow.DefaultWorkflowChain.continueWorkflow(DefaultWorkflowChain.java:44)
    	at org.primeframework.mvc.servlet.FilterWorkflowChain.continueWorkflow(FilterWorkflowChain.java:50)
    	at org.primeframework.mvc.servlet.PrimeFilter.doFilter(PrimeFilter.java:78)
    	at com.inversoft.maintenance.servlet.MaintenanceModePrimeFilter.doFilter(MaintenanceModePrimeFilter.java:63)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at com.inversoft.servlet.UTF8Filter.doFilter(UTF8Filter.java:27)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:197)
    	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)
    	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:543)
    	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135)
    	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
    	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
    	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:367)
    	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:639)
    	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
    	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:881)
    	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1647)
    	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
    	at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
    	at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
    	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
    	at java.base/java.lang.Thread.run(Thread.java:833)
    

    Request Attempts:

    curl -vvv -X POST -H 'Authorization: ##api_key##' -d '{"keyId": "fafdc79b-d058-4e93-99d9-759e40b03711", "timeToLiveInSeconds":300, "claims":{"sub":"test","roles":["anonymous"]}}' 'https://##instance_url##/api/jwt/vend?client_id=##client_id##&client_secret=##client_secret##'
    
    curl -vvv -X POST -H 'X-FusionAuth-TenantId: ##tenant_id##' -H 'Authorization: ##api_key##' -d '{"keyId": "fafdc79b-d058-4e93-99d9-759e40b03711", "timeToLiveInSeconds":300, "claims":{"sub":"test","roles":["anonymous"]}}' 'https://##instance_url##/api/jwt/vend?client_id=##client_id##&client_secret=##client_secret##'
    
    curl -vvv -X POST -d '{"keyId": "fafdc79b-d058-4e93-99d9-759e40b03711", "timeToLiveInSeconds":300, "claims":{"sub":"test","roles":["anonymous"]}}' 'https://##url##/api/jwt/vend?client_id=##client_id##&client_secret=##client_secret##'
    
    curl -vvv -X POST -H 'Authorization: ##api_key##' -d '{"keyId": "fafdc79b-d058-4e93-99d9-759e40b03711", "timeToLiveInSeconds":300, "claims":{"sub":"test","roles":["anonymous"]}}' 'https://##url##/api/jwt/vend'
    

    Instance Details:
    Version: 1.36.4
    Latest version:
    Nodes: 1
    Runtime mode: Development
    Host: Ubuntu 18.04.5 LTS (GNU/Linux 5.4.0-1048-azure x86_64)
    Reverse Proxy: nginx

    D 1 Reply Last reply 30 May 2022, 17:10 Reply Quote 0
    • D
      dan @support 0
      last edited by 30 May 2022, 17:10

      @support-0

      Hmmm.

      Do you see the same issues when you don't put the parameters on the request?

      The vend API doesn't require them. It is designed to create arbitrary JWTs signed by FusionAuth managed keys, and there's need to tie such JWTs to an account. If you want the aud or applicationId claim to be set to an application client Id, you need those values in the body.

      --
      FusionAuth - Auth for devs, built by devs.
      https://fusionauth.io

      S 1 Reply Last reply 30 May 2022, 17:31 Reply Quote 0
      • S
        support 0 @dan
        last edited by 30 May 2022, 17:31

        @dan no matter how I change the request (including no query string) if I remove the Authorization header it gives me a 401, otherwise i get the same 500 error.

        D 1 Reply Last reply 30 May 2022, 21:05 Reply Quote 0
        • D
          dan @support 0
          last edited by 30 May 2022, 21:05

          @support-0 Ah, I think you need to use -H 'Content-type: application/json' as well. Otherwise curl sends the post as form parameters, which doesn't work.

          I'll file a bug about the 500 error, we shouldn't return that, though.

          --
          FusionAuth - Auth for devs, built by devs.
          https://fusionauth.io

          S D 3 Replies Last reply 30 May 2022, 21:27 Reply Quote 0
          • S
            support 0 @dan
            last edited by 30 May 2022, 21:27

            @dan ah! That worked. Thanks. Your timing is uncanny, I just pushed a fake JWT creator awaiting this fix. Switching back to FA for my anon users 🙂

            1 Reply Last reply Reply Quote 0
            • S
              support 0 @dan
              last edited by 30 May 2022, 22:18

              @dan How do I mark this as [resolved]?

              D 1 Reply Last reply 31 May 2022, 16:05 Reply Quote 0
              • D
                dan @support 0
                last edited by 31 May 2022, 16:05

                @support-0 I think you have to mark it as a question and then mark it as an answered question.

                --
                FusionAuth - Auth for devs, built by devs.
                https://fusionauth.io

                1 Reply Last reply Reply Quote 0
                • D
                  dan @dan
                  last edited by 31 May 2022, 16:15

                  Bug filed here: https://github.com/FusionAuth/fusionauth-issues/issues/1740

                  --
                  FusionAuth - Auth for devs, built by devs.
                  https://fusionauth.io

                  1 Reply Last reply Reply Quote 0
                  • S support 0 marked this topic as a question on 31 May 2022, 23:41
                  • S support 0 has marked this topic as solved on 31 May 2022, 23:41
                  3 out of 8
                  • First post
                    3/8
                    Last post