Fork me on GitHub
#pedestal
<
2020-04-02
>
jjttjj15:04:38

Is there anything in the basic pedestal template that would cause it not to be accessible on a remote server but working locally through curl on the same server? Trying to figure out what I'm doing wrong. The correct port seems to be open (and does work from curl)

orestis15:04:02

The interface by default is localhost, need to change it to bind to 0.0.0.0 instead.

orestis15:04:14

On mobile so can’t remember how it works

orestis15:04:44

Was a recent change AFAIK because it’s a security concern

jjttjj15:04:20

Is it that ::http/allowed-origins must be set?

jjttjj15:04:49

I tried setting both these keys, as in the dev server

;; all origins are allowed in dev mode
            ::http/allowed-origins {:creds true :allowed-origins (constantly true)}
            ;; Content Security Policy (CSP) is mostly turned off in dev mode
            ::http/secure-headers  {:content-security-policy-settings {:object-src "'none'"}}

jjttjj15:04:27

Also tried ::http/host "0.0.0.0" as well as the actual IP address

haywood20:04:18

I’m just trying to return 401 from an interceptor but the server responds with 500

haywood20:04:49

the interceptor returns

{:status 401 :body   "Unauthorized"}

haywood20:04:13

which is somewhere in the :body response, but the main response is 500

haywood20:04:17

I don’t get it

haywood20:04:30

"clojure.lang.ExceptionInfo: java.lang.NullPointerException in Interceptor :io.pedestal.http.ring-middlewares/content-type-interceptor - \n\tat io.pedestal.interceptor.chain$throwable__GT_ex_info.invokeStatic(chain.clj:35)\n\tat io.pedestal.interceptor.chain$throwable__GT_ex_info.invoke(chain.clj:32)\n\tat io.pedestal.interceptor.chain$try_f.invokeStatic(chain.clj:57)\n\tat io.pedestal.interceptor.chain$try_f.invoke(chain.clj:44)\n\tat io.pedestal.interceptor.chain$leave_all_with_binding.invokeStatic(chain.clj:254)\n\tat io.pedestal.interceptor.chain$leave_all_with_binding.invoke(chain.clj:237)\n\tat io.pedestal.interceptor.chain$leave_all$fn__7211.invoke(chain.clj:268)\n\tat clojure.lang.AFn.applyToHelper(AFn.java:152)\n\tat clojure.lang.AFn.applyTo(AFn.java:144)\n\tat clojure.core$apply.invokeStatic(core.clj:665)\n\tat clojure.core$with_bindings_STAR_.invokeStatic(core.clj:1973)\n\tat clojure.core$with_bindings_STAR_.doInvoke(core.clj:1973)\n\tat clojure.lang.RestFn.invoke(RestFn.java:425)\n\tat io.pedestal.interceptor.chain$leave_all.invokeStatic(chain.clj:266)\n\tat io.pedestal.interceptor.chain$leave_all.invoke(chain.clj:260)\n\tat io.pedestal.interceptor.chain$execute.invokeStatic(chain.clj:379)\n\tat io.pedestal.interceptor.chain$execute.invoke(chain.clj:352)\n\tat io.pedestal.interceptor.chain$execute.invokeStatic(chain.clj:389)\n\tat io.pedestal.interceptor.chain$execute.invoke(chain.clj:352)\n\tat io.pedestal.http.impl.servlet_interceptor$interceptor_service_fn$fn__10376.invoke(servlet_interceptor.clj:351)\n\tat io.pedestal.http.servlet.FnServlet.service(servlet.clj:28)\n\tat org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:873)\n\tat org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:542)\n\tat org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:255)\n\tat org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1345)\n\tat org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:203)\n\tat org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:480)\n\tat org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:201)\n\tat org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1247)\n\tat org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:144)\n\tat org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)\n\tat org.eclipse.jetty.server.Server.handle(Server.java:505)\n\tat org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:370)\n\tat org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:267)\n\tat .AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:305)\n\tat .FillInterest.fillable(FillInterest.java:103)\n\tat .ChannelEndPoint$2.run(ChannelEndPoint.java:117)\n\tat org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:333)\n\tat org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:310)\n\tat org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:168)\n\tat org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:126)\n\tat org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:366)\n\tat org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:698)\n\tat org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:804)\n\tat java.base/java.lang.Thread.run(Thread.java:834)\nCaused by: java.lang.NullPointerException: null\n"

haywood20:04:54

error is so unhelpful no?

isak21:04:35

@haywood try adding :headers {}

isak21:04:00

if you don't have that in there, it isn't considered a valid response for the purposes of short-circuiting, so the next interceptor will fire

haywood21:04:11

into the request or the interceptor response

isak21:04:22

the latter

haywood21:04:58

ok thank you, one sec trying

haywood21:04:59

same error, not sure where the NPE is coming from.

isak21:04:08

oh, instead of returning {:status 401 :body "Unauthorized" :headers {}} you should assoc that into [ctx :response] (assoc ctx :response <my response map>)

haywood21:04:12

yea that would make sense

haywood21:04:31

(def basic-auth-interceptor
  (interceptor {:name  ::basic-auth
                :enter (fn [context]
                         (update context :request
                                 (fn [req]
                                   (let [auth-req (basic-authentication-request req basic-auth-fn)]
                                     (if (:basic-authentication auth-req)
                                       auth-req
                                       (assoc context
                                              :request
                                              {:status 401
                                               :headers {}
                                               :body   "Unauthorized"}))))))}))

haywood21:04:38

no dice… still an NPE

isak21:04:16

you are updating :request instead of :response

haywood21:04:42

where do I venmo you money for wasting your time

haywood21:04:12

just to close this out, had to change my interceptor definition:

(def basic-auth-interceptor
  (interceptor {:name  ::basic-auth
                :enter (fn [context]
                         (let [req      (:request context)
                               auth-req (basic-authentication-request req basic-auth-fn)]
                           (if (:basic-authentication auth-req)
                             (assoc context :request auth-req)
                             (assoc context :response
                                    {:status  401
                                     :headers {}
                                     :body    "Unauthorized"}))))}))

4
haywood21:04:24

Thank you for opening my eyes to my idiocy