Skip to content

gRPC Bearer Token Authentication #44414

New issue
New issue
Open
Open
gRPC Bearer Token Authentication#44414

Description

@jonsnowseven

jonsnowseven
openedon Nov 11, 2024

Hello 👋

I have a GrpcService and I am trying to implement authentication using a bearer token.

@Authenticated
@GrpcService
public class ...

and

@ApplicationScoped
public class GrpcAuthNValidator implements GrpcSecurityMechanism {
  private static final Metadata.Key<String> AUTHORIZATION =
      Metadata.Key.of("Authorization", Metadata.ASCII_STRING_MARSHALLER);

  private static final String bearerTokenPrefix = "Bearer";

  @Override
  public AuthenticationRequest createAuthenticationRequest(Metadata metadata) {
    String authString = metadata.get(AUTHORIZATION);
    if (authString != null && authString.startsWith(bearerTokenPrefix)) {
      String token = authString.substring((bearerTokenPrefix + " ").length());
      return new TokenAuthenticationRequest(new TokenCredential(token, bearerTokenPrefix));
    } else {
      throw new UnauthorizedException("Token not found");
    }
  } 
}

Although, when I run this Quarkus application I get the this following error:

java.lang.RuntimeException: Failed to start quarkus
	at io.quarkus.runner.ApplicationImpl.doStart(Unknown Source)
	at io.quarkus.runtime.Application.start(Application.java:101)
	at io.quarkus.runtime.ApplicationLifecycleManager.run(ApplicationLifecycleManager.java:119)
	at io.quarkus.runtime.Quarkus.run(Quarkus.java:71)
	at io.quarkus.runtime.Quarkus.run(Quarkus.java:44)
	at mypackage.Main.main(Main.java:30)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:569)
	at io.quarkus.bootstrap.runner.QuarkusEntryPoint.doRun(QuarkusEntryPoint.java:62)
	at io.quarkus.bootstrap.runner.QuarkusEntryPoint.main(QuarkusEntryPoint.java:33)
Caused by: jakarta.enterprise.context.ContextNotActiveException: RequestScoped context was not active when trying to obtain a bean instance for a client proxy of CLASS bean [class=io.quarkus.vertx.http.runtime.CurrentVertxRequest, id=0_6n6EmChCiiDdd8HelptG_A0AE]
	- you can activate the request context for a specific method using the @ActivateRequestContext interceptor binding
	at io.quarkus.arc.impl.ClientProxies.notActive(ClientProxies.java:70)
	at io.quarkus.arc.impl.ClientProxies.getSingleContextDelegate(ClientProxies.java:30)
	at io.quarkus.vertx.http.runtime.CurrentVertxRequest_ClientProxy.arc$delegate(Unknown Source)
	at io.quarkus.vertx.http.runtime.CurrentVertxRequest_ClientProxy.getOtherHttpContextObject(Unknown Source)
	at io.quarkus.resteasy.reactive.server.runtime.QuarkusCurrentRequest.get(QuarkusCurrentRequest.java:21)
	at org.jboss.resteasy.reactive.server.core.CurrentRequestManager.get(CurrentRequestManager.java:8)
	at io.quarkus.resteasy.reactive.server.runtime.StandardSecurityCheckInterceptor.intercept(StandardSecurityCheckInterceptor.java:39)
	at io.quarkus.resteasy.reactive.server.runtime.StandardSecurityCheckInterceptor_AuthenticatedInterceptor_Bean.intercept(Unknown Source)
	at io.quarkus.arc.impl.InterceptorInvocation.invoke(InterceptorInvocation.java:42)
	at io.quarkus.arc.impl.AroundInvokeInvocationContext.perform(AroundInvokeInvocationContext.java:30)
	at io.quarkus.arc.impl.InvocationContexts.performAroundInvoke(InvocationContexts.java:27)
	at mypackage.MyClass_Subclass.bindService(Unknown Source)
	at io.quarkus.grpc.runtime.GrpcServerRecorder.collectServiceDefinitions(GrpcServerRecorder.java:383)
	at io.quarkus.grpc.runtime.GrpcServerRecorder.buildGrpcServer(GrpcServerRecorder.java:158)
	at io.quarkus.grpc.runtime.GrpcServerRecorder.initializeGrpcServer(GrpcServerRecorder.java:138)
	at io.quarkus.deployment.steps.GrpcServerProcessor$initializeServer760746362.deploy_0(Unknown Source)
	at io.quarkus.deployment.steps.GrpcServerProcessor$initializeServer760746362.deploy(Unknown Source)
	... 12 more
","errorType":"java.lang.RuntimeException","errorMessage":"Failed to start quarkus","logContext":"stdout","millis":1731325997337,"exception":"java.lang.RuntimeException: Failed to start quarkus

If I remove the @Authenticated annotation, the application executes successfully.

My questions are:

  • Do I need the @Authenticated annotation in order for GrpcSecurityMechanism to work?
  • If so, how can I resolve the ContextNotActiveException?

Thank you in advance!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Metadata

Assignees

Labels

area/grpcgRPCarea/oidcarea/securitykind/bugSomething isn't working

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions