None of the services are working after upgrading to the latest version

Question

None of the services are working after upgrading to the latest version

helloalbin opened this issue 2 years ago · 6 comments

I have upgraded the dependency to the latest version 2.1.18 and none of my services are working anymore. Any service that I try to access is failing with error

{
"statusCode": 401,
"code": "ERR10002",
"message": "MISSING_AUTH_TOKEN",
"description": "No Authorization header or the token is not bearer type",
"severity": "ERROR"
}

I checked the code and seems like the default value of enableVerifyJwt in openapi-security.yml has been changed to true. I have a version of openapi-security,yaml file and seems like the system is ignoring my file and using the file from the library.

What is the order of lookup for these files? Can the priority to be given to the files specified using -Dlight-4j-config-dir ?

Answer 1 · 2023-05-30T12:06:24.000Z

For security reasons, the enableVerifyJwt is defaulted to true in openapi-security.yml since this configuration was introduced. I think you had a way to overwrite the value before. The best way to do that is to add a values.yml in your -Dlight-4j-config-dir folder with the following.

# openapi-security.yml
openapi-security.enableVerifyJwt: true

Let me know if this works. Thanks.

Answer 2 · 2023-05-30T12:28:08.000Z

Hi @stevehu , Thank you for sharing this. I have openapi-security.**yaml** file in -Dlight-4j-config-dir with enableVerifyJwt as false. However this file is getting ignored and openapi-security.yml from the library is getting picked up.

I think currently .yml files are loaded first irrespective of the location and then .yaml file are considered. I think the expected behaviour is to load the files from light-4j-config-dir and if a config file doesn't exist in that directory, it should check other locations.

Answer 3 · 2023-05-30T13:33:18.000Z

Could you please check if you have a values.yml file in your -Dlight-4j-config-dir? The overwritten sequence is config-dir/values.ym > config-dir/openapi-security.yml > app/values.yml > app/openapi-security.yml > openapi-security module default openapi-security.yml

Sometimes, old users will have security.yml somewhere for generic overwritten and it should be removed. The best way is to use values.yml in your config-dir so that there is no confusion.

Answer 4 · 2023-05-30T13:44:31.000Z

@stevehu Thank you very much. After adding the following value to values.yml file it is working now.

# openapi-security.yml
openapi-security.enableVerifyJwt: false

So I can delete the openapi-security.yml file from my config directory right?

Also what is syntax that I need to use in this file? Is it the filename.key? For eg: if I need to disable info, is the key is

info.enableServerInfo: false

Answer 5 · 2023-05-30T13:48:39.000Z

I tested the info change as well and its working fine. Thank you very much.

Answer 6 · 2023-05-30T16:52:33.000Z

All the config files have properties externalized, and they can be overwritten by values.yml. Here is the default info.yml for the module.

https://github.com/networknt/light-4j/blob/master/info/src/main/resources/config/info.yml#L4