Skip to content

Remove MockWebServer from JwtIssuerAuthenticationManagerResolverTests #17869

New issue
New issue
Closed
Closed
Remove MockWebServer from JwtIssuerAuthenticationManagerResolverTests#17869
Assignees
rwinch
Labels
in: buildAn issue in the buildtype: bugA general bug
Milestone
6.4.10
@rwinch

Description

@rwinch
rwinch
opened on Sep 10, 2025

JwtIssuerAuthenticationManagerResolverTests uses MockWebServer which is flakey on GitHub Windows runners due to resource contention of MockWebServer. The end result is that we occassionally get read timeouts like:

Exception
java.lang.IllegalArgumentException: Unable to resolve the Configuration with the provided Issuer of "http://127.0.0.1:51003/"	
at org.springframework.security.oauth2.jwt.JwtDecoderProviderConfigurationUtils.getConfiguration(JwtDecoderProviderConfigurationUtils.java:176)	
at org.springframework.security.oauth2.jwt.JwtDecoderProviderConfigurationUtils.getConfigurationForIssuerLocation(JwtDecoderProviderConfigurationUtils.java:88)	
at org.springframework.security.oauth2.jwt.NimbusJwtDecoder.lambda$withIssuerLocation$2(NimbusJwtDecoder.java:232)	
at org.springframework.security.oauth2.jwt.NimbusJwtDecoder$JwkSetUriJwtDecoderBuilder.jwkSource(NimbusJwtDecoder.java:461)	
at org.springframework.security.oauth2.jwt.NimbusJwtDecoder$JwkSetUriJwtDecoderBuilder.processor(NimbusJwtDecoder.java:470)	
at org.springframework.security.oauth2.jwt.NimbusJwtDecoder$JwkSetUriJwtDecoderBuilder.build(NimbusJwtDecoder.java:486)	
at org.springframework.security.oauth2.jwt.JwtDecoders.fromIssuerLocation(JwtDecoders.java:92)	
at org.springframework.security.oauth2.server.resource.authentication.JwtIssuerAuthenticationManagerResolver$TrustedIssuerJwtAuthenticationManagerResolver.lambda$resolve$0(JwtIssuerAuthenticationManagerResolver.java:210)	
•••
at org.springframework.security.oauth2.server.resource.authentication.JwtIssuerAuthenticationManagerResolver$TrustedIssuerJwtAuthenticationManagerResolver.resolve(JwtIssuerAuthenticationManagerResolver.java:207)	
at org.springframework.security.oauth2.server.resource.authentication.JwtIssuerAuthenticationManagerResolverTests.resolveWhenUsingSameIssuerThenReturnsSameAuthenticationManager(JwtIssuerAuthenticationManagerResolverTests.java:181)	
•••
Caused by: org.springframework.web.client.ResourceAccessException: I/O error on GET request for "http://127.0.0.1:51003/.well-known/openid-configuration": Read timed out	
at org.springframework.web.client.RestTemplate.createResourceAccessException(RestTemplate.java:780)	
•••
at org.springframework.security.oauth2.jwt.JwtDecoderProviderConfigurationUtils.getConfiguration(JwtDecoderProviderConfigurationUtils.java:165)	
at org.springframework.security.oauth2.jwt.JwtDecoderProviderConfigurationUtils.getConfigurationForIssuerLocation(JwtDecoderProviderConfigurationUtils.java:88)	
at org.springframework.security.oauth2.jwt.NimbusJwtDecoder.lambda$withIssuerLocation$2(NimbusJwtDecoder.java:232)	
at org.springframework.security.oauth2.jwt.NimbusJwtDecoder$JwkSetUriJwtDecoderBuilder.jwkSource(NimbusJwtDecoder.java:461)	
at org.springframework.security.oauth2.jwt.NimbusJwtDecoder$JwkSetUriJwtDecoderBuilder.processor(NimbusJwtDecoder.java:470)	
at org.springframework.security.oauth2.jwt.NimbusJwtDecoder$JwkSetUriJwtDecoderBuilder.build(NimbusJwtDecoder.java:486)	
at org.springframework.security.oauth2.jwt.JwtDecoders.fromIssuerLocation(JwtDecoders.java:92)	
at org.springframework.security.oauth2.server.resource.authentication.JwtIssuerAuthenticationManagerResolver$TrustedIssuerJwtAuthenticationManagerResolver.lambda$resolve$0(JwtIssuerAuthenticationManagerResolver.java:210)	
•••
at org.springframework.security.oauth2.server.resource.authentication.JwtIssuerAuthenticationManagerResolver$TrustedIssuerJwtAuthenticationManagerResolver.resolve(JwtIssuerAuthenticationManagerResolver.java:207)	
at org.springframework.security.oauth2.server.resource.authentication.JwtIssuerAuthenticationManagerResolverTests.resolveWhenUsingSameIssuerThenReturnsSameAuthenticationManager(JwtIssuerAuthenticationManagerResolverTests.java:181)	
•••
Caused by: java.net.SocketTimeoutException: Read timed out	
at sun.nio.ch.NioSocketImpl.timedRead(NioSocketImpl.java:288)	
•••
at org.springframework.security.oauth2.jwt.JwtDecoderProviderConfigurationUtils.getConfiguration(JwtDecoderProviderConfigurationUtils.java:165)	
at org.springframework.security.oauth2.jwt.JwtDecoderProviderConfigurationUtils.getConfigurationForIssuerLocation(JwtDecoderProviderConfigurationUtils.java:88)	
at org.springframework.security.oauth2.jwt.NimbusJwtDecoder.lambda$withIssuerLocation$2(NimbusJwtDecoder.java:232)	
at org.springframework.security.oauth2.jwt.NimbusJwtDecoder$JwkSetUriJwtDecoderBuilder.jwkSource(NimbusJwtDecoder.java:461)	
at org.springframework.security.oauth2.jwt.NimbusJwtDecoder$JwkSetUriJwtDecoderBuilder.processor(NimbusJwtDecoder.java:470)	
at org.springframework.security.oauth2.jwt.NimbusJwtDecoder$JwkSetUriJwtDecoderBuilder.build(NimbusJwtDecoder.java:486)	
at org.springframework.security.oauth2.jwt.JwtDecoders.fromIssuerLocation(JwtDecoders.java:92)	
at org.springframework.security.oauth2.server.resource.authentication.JwtIssuerAuthenticationManagerResolver$TrustedIssuerJwtAuthenticationManagerResolver.lambda$resolve$0(JwtIssuerAuthenticationManagerResolver.java:210)	
•••
at org.springframework.security.oauth2.server.resource.authentication.JwtIssuerAuthenticationManagerResolver$TrustedIssuerJwtAuthenticationManagerResolver.resolve(JwtIssuerAuthenticationManagerResolver.java:207)	
at org.springframework.security.oauth2.server.resource.authentication.JwtIssuerAuthenticationManagerResolverTests.resolveWhenUsingSameIssuerThenReturnsSameAuthenticationManager(JwtIssuerAuthenticationManagerResolverTests.java:181)	
•••

We should remove the MockWebServer in favor of mocking.

Metadata

Metadata

Assignees

Labels

in: buildAn issue in the buildtype: bugA general bug

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions