Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Issue with Token Caching in a Docker container. #44365

Open
3 tasks done
bengalaviz opened this issue Feb 24, 2025 · 2 comments
Open
3 tasks done

[BUG] Issue with Token Caching in a Docker container. #44365

bengalaviz opened this issue Feb 24, 2025 · 2 comments

Comments

@bengalaviz
Copy link

bengalaviz commented Feb 24, 2025
edited
Loading

Describe the bug
When using DeviceCodeCredential and using TokenCachePersistenceOptions in a Docker container, I am getting the error

com.azure.identity.DeviceCodeCredential: Azure Identity => ERROR in getToken() call for scopes [https://graph.microsoft.com/.default]: Shared token cache is unavailable in this environment. Caused by: java.lang.Error: Exception reading field 'domain' in class com.microsoft.aad.msal4jextensions.persistence.linux.GError Caused by: java.lang.IllegalAccessException: class com.sun.jna.Structure cannot access a member of class com.microsoft.aad.msal4jextensions.persistence.linux.GError with modifiers "public"

Exception or Stack Trace
INFO [2025-02-22 00:10:15,364] Build DeviceCodeCredentialBuilder INFO [2025-02-22 00:10:15,521] com.azure.core.http.netty.implementation.NettyUtility: {"az.sdk.message":"The following Netty versions were found on the classpath and have a mismatch with the versions used by azure-core-http-netty. If your application runs without issue this message can be ignored, otherwise please align the Netty versions used in your application. For more information, see https://aka.ms/azsdk/java/dependency/troubleshoot.","azure-netty-version":"4.1.115.Final","azure-netty-native-version":"2.0.69.Final","classpath-netty-version-io.netty:netty-common":"unknown (not found and is required)","classpath-netty-version-io.netty:netty-handler":"4.1.115.Final","classpath-netty-version-io.netty:netty-handler-proxy":"unknown (not found and is required)","classpath-netty-version-io.netty:netty-buffer":"unknown (not found and is required)","classpath-netty-version-io.netty:netty-codec":"unknown (not found and is required)","classpath-netty-version-io.netty:netty-codec-http":"unknown (not found and is required)","classpath-netty-version-io.netty:netty-codec-http2":"unknown (not found and is required)","classpath-native-netty-version-io.netty:netty-tcnative-boringssl-static":"2.0.69.Final"} ERROR [2025-02-22 00:10:15,578] com.azure.identity.implementation.PersistentTokenCacheImpl: Shared token cache is unavailable in this environment. ERROR [2025-02-22 00:10:15,580] com.azure.identity.implementation.PersistentTokenCacheImpl: Shared token cache is unavailable in this environment. ERROR [2025-02-22 00:10:15,580] com.azure.identity.DeviceCodeCredential: Azure Identity => ERROR in getToken() call for scopes [https://graph.microsoft.com/.default]: Shared token cache is unavailable in this environment. com.azure.core.exception.ClientAuthenticationException: Shared token cache is unavailable in this environment. at com.azure.identity.implementation.PersistentTokenCacheImpl.registerCache(PersistentTokenCacheImpl.java:64) at com.azure.identity.implementation.IdentityClientBase.getPublicClient(IdentityClientBase.java:396) at com.azure.identity.implementation.IdentitySyncClient.lambda$new$1(IdentitySyncClient.java:90) at com.azure.identity.implementation.SynchronousAccessor.getValue(SynchronousAccessor.java:45) at com.azure.identity.implementation.IdentitySyncClient.authenticateWithDeviceCode(IdentitySyncClient.java:298) at com.azure.identity.DeviceCodeCredential.getTokenSync(DeviceCodeCredential.java:169) at com.microsoft.kiota.authentication.AzureIdentityAccessTokenProvider.getAuthorizationToken(AzureIdentityAccessTokenProvider.java:167) at com.microsoft.kiota.authentication.BaseBearerTokenAuthenticationProvider.authenticateRequest(BaseBearerTokenAuthenticationProvider.java:46) at com.microsoft.kiota.http.OkHttpRequestAdapter.getHttpResponseMessage(OkHttpRequestAdapter.java:710) at com.microsoft.kiota.http.OkHttpRequestAdapter.send(OkHttpRequestAdapter.java:275) at com.microsoft.graph.users.item.UserItemRequestBuilder.get(UserItemRequestBuilder.java:761) at ******************* at *** Custom Code *** at ******************* at io.dropwizard.core.cli.EnvironmentCommand.run(EnvironmentCommand.java:66) at io.dropwizard.core.cli.ConfiguredCommand.run(ConfiguredCommand.java:98) at io.dropwizard.core.cli.Cli.run(Cli.java:78) at io.dropwizard.core.Application.run(Application.java:94) Caused by: java.lang.Error: Exception reading field 'domain' in class com.microsoft.aad.msal4jextensions.persistence.linux.GError at com.sun.jna.Structure.getFieldValue(Structure.java:653) at com.sun.jna.Structure.deriveLayout(Structure.java:1318) at com.sun.jna.Structure.calculateSize(Structure.java:1192) at com.sun.jna.Structure.calculateSize(Structure.java:1144) at com.sun.jna.Structure.useMemory(Structure.java:358) at com.sun.jna.Structure.<init>(Structure.java:213) at com.sun.jna.Structure.<init>(Structure.java:204) at com.sun.jna.Structure.<init>(Structure.java:200) at com.microsoft.aad.msal4jextensions.persistence.linux.GError.<init>(GError.java:25) at com.microsoft.aad.msal4jextensions.persistence.linux.KeyRingAccessor.write(KeyRingAccessor.java:111) at com.microsoft.aad.msal4jextensions.persistence.linux.KeyRingAccessor.verify(KeyRingAccessor.java:56) at com.microsoft.aad.msal4jextensions.PersistenceTokenCacheAccessAspect.<init>(PersistenceTokenCacheAccessAspect.java:86) at com.azure.identity.implementation.PersistentTokenCacheImpl.registerCache(PersistentTokenCacheImpl.java:61) ... 20 more Caused by: java.lang.IllegalAccessException: class com.sun.jna.Structure cannot access a member of class com.microsoft.aad.msal4jextensions.persistence.linux.GError with modifiers "public" at java.base/jdk.internal.reflect.Reflection.newIllegalAccessException(Unknown Source) at java.base/java.lang.reflect.AccessibleObject.checkAccess(Unknown Source) at java.base/java.lang.reflect.Field.checkAccess(Unknown Source) at java.base/java.lang.reflect.Field.get(Unknown Source) at com.sun.jna.Structure.getFieldValue(Structure.java:650) ... 32 more

To Reproduce
Steps to reproduce the behavior:

Using the instructions on https://github.com/Azure/azure-sdk-for-java/blob/main/sdk/identity/azure-identity/TOKEN_CACHING.md

Expected behavior

Should be able to setup token caching within a Docker container.

Setup (please complete the following information):

  • OS: Docker Alpine
  • IDE: VS Code
  • Library/Libraries: com.azure.azure-identity:1.15.0
  • Java version: JDK11 (Temurin)
  • App Server/Environment: Docker Alpine running JDK11 Temurin
  • Frameworks: Dropwizard

Information Checklist
Kindly make sure that you have added all the following information above and checkoff the required fields otherwise we will treat the issuer as an incomplete report

  • Bug Description Added
  • Repro Steps Added
  • Setup information Added
@bengalaviz bengalaviz changed the title [BUG] [BUG] Issue with Token Caching in a Docker container. Feb 24, 2025
@bengalaviz
Copy link
Author

Is there anyone else that uses Docker with Azure Identity/Graph and doing token caching?

@bengalaviz
Copy link
Author

Hello @g2vinay, I see there was a previous bug #32138 where cache persistence is not working under linux. It's under the milestone 2025-01.

Is this still a work in progress?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@bengalaviz