Choerodon平台版本:0.20.0
运行环境:自主搭建
问题描述:
在进行问题导入的时候,会出现token丢失的问题,拼接的token为undefined
本项目使用了nginx做负载,监听了8000端口+后缀为notify的请求,一下为nginx的相关配置
location /notify/ {
proxy_pass http://127.0.0.1:30098/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
请帮忙看看是否有错误的配置,或应当如何处理这个问题
修改nginx配置为后,可以获得token
location /notify {
proxy_pass http://127.0.0.1:30098;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
改报401问题
2020-04-02 09:53:43.161 ERROR 7 --- [io-18085-exec-3] .c.n.a.e.NotifySocketHandlerRegistration : reject webSocket connect, redirect request to oauth-server error
org.springframework.web.client.HttpClientErrorException$Unauthorized: 401 Unauthorized
at org.springframework.web.client.HttpClientErrorException.create(HttpClientErrorException.java:81) ~[spring-web-5.1.8.RELEASE.jar!/:5.1.8.RELEASE]
at org.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:122) ~[spring-web-5.1.8.RELEASE.jar!/:5.1.8.RELEASE]
at org.springframework.web.client.DefaultResponseErrorHandler.handleError(DefaultResponseErrorHandler.java:102) ~[spring-web-5.1.8.RELEASE.jar!/:5.1.8.RELEASE]
at org.springframework.web.client.ResponseErrorHandler.handleError(ResponseErrorHandler.java:63) ~[spring-web-5.1.8.RELEASE.jar!/:5.1.8.RELEASE]
at org.springframework.web.client.RestTemplate.handleResponse(RestTemplate.java:778) ~[spring-web-5.1.8.RELEASE.jar!/:5.1.8.RELEASE]
at org.springframework.web.client.RestTemplate.doExecute(RestTemplate.java:736) ~[spring-web-5.1.8.RELEASE.jar!/:5.1.8.RELEASE]
at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:670) ~[spring-web-5.1.8.RELEASE.jar!/:5.1.8.RELEASE]
at org.springframework.web.client.RestTemplate.exchange(RestTemplate.java:579) ~[spring-web-5.1.8.RELEASE.jar!/:5.1.8.RELEASE]
at io.choerodon.notify.api.eventhandler.NotifySocketHandlerRegistration.beforeHandshake(NotifySocketHandlerRegistration.java:54) ~[classes!/:0.20.3]
at io.choerodon.websocket.connect.HandshakeCheckerHandler.beforeHandshake(HandshakeCheckerHandler.java:23) [choerodon-starter-websocket-0.14.0.RELEASE.jar!/:0.14.0.RELEASE]
oauth服务报错
Failed to find access token for token f2a39f00-e446-4eeb-b8d1-5bebc8651045
你好~这个抛401是当前的token过期了,你能成功访问页面的其他接口么?
其他功能是可以正常访问的,只是ws一直再报401
token的校验逻辑都是通过oauth的同一个接口校验的,接口能访问成功,说明token没问题。
目前判断是传递到notify的token有问题,你不用nginx,直接访问notify的ws测试,看下能否访问成功。
测试工具:http://coolaf.com/tool/chattest
ws地址:ws://notify地址/choerodon/msg?token=2cxxxxx
或者如果你是源码启动,可以打印下notify的token。
在服务器上使用curl测试是好的,ws含token不能走nginx转发吗
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
stream {
# gitlab ssh
server {
listen 8222;
proxy_pass 127.0.0.1:32222;
}
# gitlab server
server {
listen 8030;
proxy_pass 127.0.0.1:32280;
}
# chartmuseum server
server {
listen 8010;
proxy_pass 127.0.0.1:31009;
}
# harbor server
server {
listen 8020;
proxy_pass 127.0.0.1:30002;
}
# snaorqube server
server {
listen 9010;
proxy_pass 127.0.0.1:30868;
}
# gateway server
server {
listen 8080;
proxy_pass 127.0.0.1:30100;
}
}
http {
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
# 代理集群内的服务
server {
listen 9000;
server_name 10.6.134.56;
location / {
proxy_pass http://localhost:31311;
}
}
server {
listen 8000;
server_name 10.6.134.56;
location /devops/ {
proxy_pass http://127.0.0.1:30106/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
location /devops-agent/ {
proxy_pass http://127.0.0.1:30106/agent/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
location /notify/ {
proxy_pass http://127.0.0.1:30098/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
listen 80;
server_name 10.6.134.56;
location /c7n-register/ {
proxy_pass http://localhost:30090/;
}
location / {
proxy_pass http://localhost:30118/;
}
}
}
不好意思 开头的版本是错的 现在notify服务的版本是 0.20.3
{"status":"UP","details":{"diskSpace":{"status":"UP","details":{"total":198386499584,"free":185267326976,"threshold":10485760}},"redis":{"status":"UP","details":{"version":"4.0.11"}},"db":{"status":"UP","details":{"database":"MySQL","hello":1}},"refreshScope":{"status":"UP"},"discoveryComposite":{"status":"UP","details":{"discoveryClient":{"status":"UP","details":{"services":["devops-service","knowledgebase-service","workflow-service","api-gateway","go-register-server","test-manager-service","agile-service","asgard-service","oauth-server","notify-service","manager-service","base-service","file-service","gitlab-service"]}},"eureka":{"description":"Remote status from Eureka server","status":"UNKNOWN","details":{"applications":{"go-register-server":1,"agile-service":1,"base-service":1,"asgard-service":1,"notify-service":1,"file-service":1,"test-manager-service":1,"oauth-server":1,"gitlab-service":1,"manager-service":1,"knowledgebase-service":1,"api-gateway":1,"workflow-service":1,"devops-service":1}}}}},"clientConfigServer":{"status":"UP","details":{"propertySources":["configClient","notify-service-default-0.20.3"]}},"hystrix":{"status":"UP"}}}
半个小时候可升级notify-service 到0.20.5看看 token
升级到 20.5后 没有再出现401问题
你能展示下打印的token么
token正常的哎。notify-service 的0.20.5版本我就打印了下token以及对token进行了为空判断,其余啥都没干。可能只是重新部署下就好了
嗯嗯 这个问题很奇怪 谢谢
