TokenServiceTests.testInvalidateRefreshTokenThatIsAlreadyInvalidated fails with ClassCastException #85902

rjernst · 2022-04-14T13:32:30Z

CI Link

https://gradle-enterprise.elastic.co/s/72jn3jmotbelc/console-log?task=:x-pack:plugin:security:test

Repro line

./gradlew ':x-pack:plugin:security:test' --tests "org.elasticsearch.xpack.security.authc.TokenServiceTests.testInvalidateRefreshTokenThatIsAlreadyInvalidated" -Dtests.seed=4C8C62EC8BC30D4A -Dtests.locale=sr-Latn -Dtests.timezone=America/Fortaleza -Druntime.java=17

Does it reproduce?

Yes

Applicable branches

master

Failure history

No response

Failure excerpt

org.elasticsearch.xpack.security.authc.TokenServiceTests > testInvalidateRefreshTokenThatIsAlreadyInvalidated FAILED
  java.lang.ClassCastException: class java.util.HashMap cannot be cast to class org.elasticsearch.common.bytes.BytesReference (java.util.HashMap is in module java.base of loader 'bootstrap'; org.elasticsearch.common.bytes.BytesReference is in unnamed module of loader 'app') |  
  | at __randomizedtesting.SeedInfo.seed([4C8C62EC8BC30D4A:CD4EFA933E0F14A5]:0) |  
  | at org.elasticsearch.xpack.core.security.authc.Authentication.maybeRewriteMetadataForApiKeyRoleDescriptors(Authentication.java:706) |  
  | at org.elasticsearch.xpack.core.security.authc.Authentication.maybeRewriteForOlderVersion(Authentication.java:165) |  
  | at org.elasticsearch.xpack.security.authc.TokenService.createOAuth2Tokens(TokenService.java:372) |  
  | at org.elasticsearch.xpack.security.authc.TokenService.createOAuth2Tokens(TokenService.java:319) |  
  | at org.elasticsearch.xpack.security.authc.TokenServiceTests.testInvalidateRefreshTokenThatIsAlreadyInvalidated(TokenServiceTests.java:605)

The text was updated successfully, but these errors were encountered:

elasticmachine · 2022-04-14T13:32:44Z

Pinging @elastic/es-security (Team:Security)

dakrone · 2022-04-14T21:52:06Z

Another failure: https://gradle-enterprise.elastic.co/s/htc35azqstb7w

…ated Relates elastic#85902

dimitris-athanasiou · 2022-04-15T14:23:39Z

And another: https://gradle-enterprise.elastic.co/s/naxqf73jl6cp6

Preparing mute.

Also, cc @albertzaharovits as it seems relevant to recent work.

…ated (#85927) Relates #85902

ywangd · 2022-04-18T23:51:34Z

@tvernum Do you mind me taking this? This is caused by my latest refactor (#85590) for randomizing Authentication object for tests. Apparently, there are discrepencies like this one.

The token method creates a new authentication based on the existing one. It changes only the authentication type. Hence it should use the version of the existing authentication as well instead of CURRENT. Resolves: elastic#85902

ywangd · 2022-04-19T06:02:50Z

PR is #85978

#85978) The token method creates a new authentication based on the existing one. It changes only the authentication type. Hence it should use the version of the existing authentication as well instead of CURRENT. Resolves: #85902

elastic#85978) The token method creates a new authentication based on the existing one. It changes only the authentication type. Hence it should use the version of the existing authentication as well instead of CURRENT. Resolves: elastic#85902

#85978) (#86049) The token method creates a new authentication based on the existing one. It changes only the authentication type. Hence it should use the version of the existing authentication as well instead of CURRENT. Resolves: #85902

rjernst added >test-failure Triaged test failures from CI needs:triage Requires assignment of a team area label :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) labels Apr 14, 2022

elasticmachine added the Team:Security Meta label for security team label Apr 14, 2022

dimitris-athanasiou added a commit to dimitris-athanasiou/elasticsearch that referenced this issue Apr 15, 2022

Mute TokenServiceTests.testInvalidateRefreshTokenThatIsAlreadyInvalid…

9724be8

…ated Relates elastic#85902

dimitris-athanasiou mentioned this issue Apr 15, 2022

Mute TokenServiceTests.testInvalidateRefreshTokenThatIsAlreadyInvalid… #85927

Merged

dimitris-athanasiou added a commit that referenced this issue Apr 15, 2022

Mute TokenServiceTests.testInvalidateRefreshTokenThatIsAlreadyInvalid…

bdd8d4e

…ated (#85927) Relates #85902

gwbrown removed the needs:triage Requires assignment of a team area label label Apr 15, 2022

tvernum self-assigned this Apr 17, 2022

tvernum assigned ywangd and unassigned tvernum Apr 19, 2022

ywangd mentioned this issue Apr 19, 2022

Authentication.token now uses version from the existing authentication #85978

Merged

ywangd closed this as completed in #85978 Apr 21, 2022

ywangd mentioned this issue Apr 21, 2022

Authentication.token now uses version from the existing authentication (#85978) #86049

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

TokenServiceTests.testInvalidateRefreshTokenThatIsAlreadyInvalidated fails with ClassCastException #85902

TokenServiceTests.testInvalidateRefreshTokenThatIsAlreadyInvalidated fails with ClassCastException #85902

rjernst commented Apr 14, 2022

elasticmachine commented Apr 14, 2022

dakrone commented Apr 14, 2022

dimitris-athanasiou commented Apr 15, 2022

ywangd commented Apr 18, 2022

ywangd commented Apr 19, 2022

TokenServiceTests.testInvalidateRefreshTokenThatIsAlreadyInvalidated fails with ClassCastException #85902

TokenServiceTests.testInvalidateRefreshTokenThatIsAlreadyInvalidated fails with ClassCastException #85902

Comments

rjernst commented Apr 14, 2022

CI Link

Repro line

Does it reproduce?

Applicable branches

Failure history

Failure excerpt

elasticmachine commented Apr 14, 2022

dakrone commented Apr 14, 2022

dimitris-athanasiou commented Apr 15, 2022

ywangd commented Apr 18, 2022

ywangd commented Apr 19, 2022