Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

ReactiveSecurityContextHolder.getContext() is empty , unable to getCurrentUserLogin() in any service except Gateway #27934

Closed
2 tasks
deceivingrakesh opened this issue Nov 19, 2024 · 12 comments
Labels
area: triage $$ bug-bounty $$ https://www.jhipster.tech/bug-bounties/ theme: undefined $100 https://www.jhipster.tech/bug-bounties/
Milestone

Comments

@deceivingrakesh
Copy link

Overview of the issue

Unable to fetch current loggedin user from a reactive microservice using the getCurrentUserLogin() method , except it works in Gateway

Motivation for or Use Case

Need to use current logged in user details in different services

Reproduce the error

When I changed the method getCurrentUserLogin() in SecurityUtils class to

 public static Mono<String> getCurrentUserLogin() {
        return ReactiveSecurityContextHolder.getContext().switchIfEmpty(Mono.error(new IllegalStateException("ReactiveSecurityContext is empty")))
            .map(SecurityContext::getAuthentication)
            .flatMap(authentication -> Mono.justOrEmpty(extractPrincipal(authentication)));
    }

the context is empty .

Related issues
Suggest a Fix
JHipster Version(s)

8.7.3

Browsers and Operating System
  • Tickets opened without reproduction steps or that doesn't follows the template recommendation will be closed.
  • Checking this box is mandatory (this is just to show you read everything)
@mshima
Copy link
Member

mshima commented Nov 20, 2024

@deceivingrakesh can you provide a PR with the change?

@deceivingrakesh
Copy link
Author

I don't have the solution for the problem yet , I'm still not able to get current logged in userId from microservices , other than gateway by using the getCurrentUserLogin() , when I debugged I got to know that ReactiveSecurityContextHolder.getContext() is returning empty inside the getCurrentUserLogin() method .

@deceivingrakesh
Copy link
Author

Is there any update on this issue , as of now I'm using Principal object in controller to get UserId .

@mraible
Copy link
Contributor

mraible commented Dec 7, 2024

No update. But if you figure out a solution, please let us know. I'll add a bug bounty to see if that helps get this fixed.

@mraible mraible added $100 https://www.jhipster.tech/bug-bounties/ $$ bug-bounty $$ https://www.jhipster.tech/bug-bounties/ labels Dec 7, 2024
@kamilkrzywanski
Copy link
Contributor

Can someone provide example to reproduce this bug? @mraible @deceivingrakesh

@deceivingrakesh
Copy link
Author

@kamilkrzywanski , Generate a new reactive microservice app , and try to get the current logged in username with SecurityUtils.getCurrentUserLogin() method , it's returns empty . It works in Gateway app , but not in any other service .

@kamilkrzywanski
Copy link
Contributor

For me works fine :) It looks like full example is required or you use this method incorrect.
image
image
image

@deceivingrakesh
Copy link
Author

deceivingrakesh commented Dec 11, 2024

@kamilkrzywanski , you are right , If I return a mono , value is present , but if I subscribe to the Mono , I'm unable to use / print it , I guess I'm missing something with reactive / Mono .

@GetMapping(value = "/login", produces = MediaType.APPLICATION_JSON_VALUE)
public Mono getAllOffers(){
SecurityUtils.getCurrentUserLogin()
.subscribe(login -> LOG.info(login));
return SecurityUtils.getCurrentUserLogin();
}

This , SecurityUtils.getCurrentUserLogin().hasElement().subscribe(tof -> LOG.info(tof.toString())); Logs False in console .

Can you help me with this ?

@kamilkrzywanski
Copy link
Contributor

Can you try with

{
return SecurityUtils.getCurrentUserLogin()
.doOnNext(login -> LOG.info("Current user login: {}", login));
}

@kamilkrzywanski
Copy link
Contributor

@deceivingrakesh
I've checked it and looks fine, another way is pass authentication as method parameter like:
public Mono getLogin(Authentication authentication) {
System.out.println(SecurityUtils.extractPrincipal(authentication));
return SecurityUtils.getCurrentUserLogin()
.doOnNext(login -> LOG.info("Current user login: {}", login));
}

@deceivingrakesh
Copy link
Author

@kamilkrzywanski it worked for me now , I was doing it wrong , followed your code , This isn't a defect .

@kamilkrzywanski
Copy link
Contributor

@deceivingrakesh deceivingrakesh closed this as not planned Won't fix, can't repro, duplicate, stale Dec 13, 2024
@mraible mraible added this to the 8.8.0 milestone Dec 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
area: triage $$ bug-bounty $$ https://www.jhipster.tech/bug-bounties/ theme: undefined $100 https://www.jhipster.tech/bug-bounties/
Projects
None yet
Development

No branches or pull requests

4 participants