The access token was retrieved at 23-04-2019 22:07:57 and used at 23-04-2019 22:10:46. However, an error was received stating the following 2019-04-23T22:10:47.566+0800 INFO 962 com.l7tech.server.policy.assertion.ServerAuditDetailAssertion: -4: error: invalid_request, error_description: Access token does not exist (expired, revoked, replaced, unknown, ...). This issue occurred intermittently at an average of once per day.
Environment
There are 2 gateway nodes in the cluster and the otk jdbc connection url is set as, jdbc:mysql:localhost:3306/otk_db
Cause
When there are 2 nodes, and each node connect to local otk database, and there will be delay even replication is running fine, and the oauth flow has multiple steps, the whole session might call the oauth endpoint on different node, therefore, the access token generated at one node, might not be found in the otk database on another node, and then it fails with error "Access token does not exist"
Resolution
specify hostname instead of localhost in otk jdbc connection
If want to configure failover, the jdbc url can be, jdbc:mysql://<DB host 1>:3306,<DB host 2>:3306/otk_db?failOverReadOnly=false&autoReconnect=true&connectTimeout=100