Uploaded image for project: 'OpenId Connect'
  1. OpenId Connect
  2. OIDC-298

Impossible to upgrade the authenticator or the provider to 2.21.0+

    XMLWordPrintable

Details

    • Bug
    • Resolution: Unresolved
    • Blocker
    • None
    • 2.20.3
    • regression
    • None
    • Unknown

    Description

      Tested with local demo Jetty/HSQLDB 17.10.9. And also observed same situation on old version 16.10.17.

      Observation

      When upgrading, installing, uninstalling, or downgrading OpenID Connect Authenticator from an older version such as 2.20.3 (this is the version I originally used), the operation can fail because some OIDC/OAuth2 classes cannot be resolved from the current classloader.

      This prevents components such as OIDCConsentStore, DefaultOAuth2TokenStore, or OIDCUserManager from being initialized properly. As a result, the extension upgrade/downgrade may fail with dependency initialization errors, for example:

      Failed to get fields for class \[org.xwiki.contrib.oidc.consent.internal.store.OIDCConsentStore\] because the class \[org/xwiki/contrib/oidc/OIDCException\] couldn't be found in the ClassLoader.
Failed to get fields for class \[org.xwiki.contrib.oidc.internal.DefaultOAuth2TokenStore\] because the class \[org/xwiki/contrib/oidc/OAuth2Exception\] couldn't be found in the ClassLoader.
Extension \[org.xwiki.contrib.oidc:oidc-authenticator/2.20.3\] cannot be initialized because its dependency (\[org.xwiki.contrib.oidc:oauth2-store-2.20.3\]) could not.

      A restart of XWiki usually resolves the issue, which suggests that the problem is related to stale extension classloaders or classes/components from the previous OIDC version still being cached during the extension operation.

      However, in some cases, even restarting does not fully recover the installation state, making it impossible to install the target version. Adding note, this last situation with install I only observed randomly on 17.10.9. on version 16.10.17 install or uninstall operation doesn't have it.

      Steps

      1. Install OpenID Connect Authenticator 2.20.3.
      2. Verify that the installation completes successfully and that the extension is listed as installed.
      3. Select the latest available stable version 2.23.0.
      4. Click Upgrade and confirm the extension upgrade.
      5. Wait for the extension manager to complete the job.

      Expected Result

      • The extension and all its dependencies are upgraded successfully.
      • No class loading errors are reported.

      Actual Result

      • The upgrade operation fails.
      • The logs contain class loading errors (shared above)

      Attachments

        Issue Links

          duplicates

          Bug - A problem which impairs or prevents the functions of the product. XCOMMONS-3689 JAR extension upgrade can fail when one of the dependencies is new but depends on an upgraded dependency

          • Critical - Crashes, loss of data, severe memory leak.
          • In Progress
          is caused by

          Task - A task that needs to be done. OIDC-285 Move the token authenticator to its own module

          • Major - Major loss of function.
          • Closed

          Activity

            People

              tmortagne Thomas Mortagne
              npetrenko Nikita Petrenko
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated: