SCS broker has invalid_token error during bind/unbind
Article ID: 297170
Updated On:
Products
Support Only for Spring
Issue/Introduction
Sometimes when an app binds/unbinds to a service an error to the user is produced, eg:
For application 'paca-auth-bff': For service 'paca-registry-svt': Service broker error: invalid_token: Invalid access token: expired at Mon Dec 06 18:23:10 UTC 2021In the scs-service-broker logs we can see log:
2021-12-09 14:04:14.839 ERROR 35 --- [ry-client-nio-3] s.c.s.c.ServiceInstanceBindingController : Error creating service instance binding. error=invalid_token: Invalid access token: expired at Wed Dec 08 15:53:00 UTC 2021 org.cloudfoundry.uaa.UaaException: invalid_token: Invalid access token: expired at Wed Dec 08 15:53:00 UTC 2021 at org.cloudfoundry.reactor.util.ErrorPayloadMappers.lambda$null$8(ErrorPayloadMappers.java:89) ~[cloudfoundry-client-reactor-4.16.0.RELEASE.jar!/:na] Suppressed: reactor.core.publisher.FluxOnAssembly$OnAssemblyException: Assembly trace from producer [reactor.core.publisher.MonoFlatMap] : reactor.core.publisher.Mono.checkpoint(Mono.java:1884) org.cloudfoundry.reactor.uaa.clients.ReactorClients.create(ReactorClients.java:105)
Environment
Product Version: 3.1
Resolution
If the UAA server returns the response is 401 the reason-phrase is empty (not Unauthorized). The cf-java-client version < 5.7.0 fails to compare it properly. cf-java-client 5.7.0.RELEASE fixes for comparison of Unauthorised check.
Cloud Foundry Java Client has been upgraded to 5.7.0 in SCS v3.1.30. This upgrade should help resolve this issue in which UAA tokens become expired.
Cloud Foundry Java Client has been upgraded to 5.7.0 in SCS v3.1.30. This upgrade should help resolve this issue in which UAA tokens become expired.
Feedback
Yes
No
Powered by
