Error 500 while accessing Bitbucket Server "Authorized applications" page

お困りですか?

アトラシアン コミュニティをご利用ください。

コミュニティに質問

プラットフォームについて: Server および Data Center のみ。この記事は、Server および Data Center プラットフォームのアトラシアン製品にのみ適用されます。

Support for Server* products ended on February 15th 2024. If you are running a Server product, you can visit the Atlassian Server end of support announcement to review your migration options.

*Fisheye および Crucible は除く

要約

Trying to access Bitbucket User profile >> Manage account >> Authorized Applications tab, shows 500 error and a Null Pointer exception is logged.

診断

The atlassian-bitbucket.log would have the following stack trace:

ERROR [http-nio-7990-exec-2812] @12STDEHx686x8352062x4 qgqnbt 3.120.75.37,10.50.0.103 "GET /mvc/error500 HTTP/1.1" c.a.s.i.web.ErrorPageController There was an unhandled exception loading [/plugins/servlet/oauth/users/access-tokens]
java.lang.NullPointerException: consumer
	at com.google.common.base.Preconditions.checkNotNull(Preconditions.java:895)
	at com.atlassian.oauth.Token$TokenBuilder.consumer(Token.java:163)
	at com.atlassian.oauth.serviceprovider.sal.PluginSettingsServiceProviderTokenStore.get(PluginSettingsServiceProviderTokenStore.java:101)
	at com.atlassian.oauth.serviceprovider.sal.PluginSettingsServiceProviderTokenStore$KeyToToken.apply(PluginSettingsServiceProviderTokenStore.java:212)
	at com.atlassian.oauth.serviceprovider.sal.PluginSettingsServiceProviderTokenStore$KeyToToken.apply(PluginSettingsServiceProviderTokenStore.java:204)

	at com.atlassian.stash.internal.web.auth.BeforeLoginPluginAuthenticationFilter.doFilter(BeforeLoginPluginAuthenticationFilter.java:73)
	at com.atlassian.stash.internal.request.DefaultRequestManager.doAsRequest(DefaultRequestManager.java:84)
	at com.atlassian.stash.internal.hazelcast.ConfigurableWebFilter.doFilter(ConfigurableWebFilter.java:38)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
	at java.lang.Thread.run(Unknown Source)
	... 248 frames trimmed
  • Verify if this issue is occurring only for a particular user.

(info) The Authorized Applications page is only populated after you retrieve Bitbucket Server data (eg. PR, Branch, Commits) from within JIRA. Basically clicking on something in the Development panel of the Jira issue. For example if you click on Commits in the Jira Issue Development panel:

the Authorized Applications page gets this information:

原因


This issue could be caused due to a corrupted entry in the table where the tokens are stored. The plugin_setting table in the database stores the Application Authorization tokens.

ソリューション

ソリューション 1

  • Find the key for the Authorized application in the plugin_setting table and the 4 rows associated with the specific user. For example in this case we have connected Bitbucket to JIRA.

To do that, connect to the Bitbucket database and run the below query:

SELECT * from plugin_setting where key_name like '%ServiceProviderTokenStore%';

This is how the output would look like:

bitbucket_7120=# select * from plugin_setting where key_name like '%ServiceProviderTokenStore%';
         namespace         |                                               key_name                                               |                       key_value                        | id  
---------------------------+------------------------------------------------------------------------------------------------------+--------------------------------------------------------+-----
 bitbucket.global.settings | com.atlassian.oauth.serviceprovider.ServiceProviderTokenStore.token.Kwe5D78FhvhN7vemKsMn0z63ekuE4iaz | #java.util.Properties                                 +| 129
                           |                                                                                                      | #Wed Aug 25 16:47:59 IST 2021                         +| 
                           |                                                                                                      | session.handle=fnke86wT3D5wDIHnilNL80r5xh0w6KoP       +| 
                           |                                                                                                      | token=Kwe5D78FhvhN7vemKsMn0z63ekuE4iaz                +| 
                           |                                                                                                      | session.timeToLive=160272000000                       +| 
                           |                                                                                                      | creationTime=1629890279662                            +| 
                           |                                                                                                      | session.creationTime=1629890279662                    +| 
                           |                                                                                                      | tokenSecret=uhFYhg9zjgZje8s9GS1z61kCAkKSGOrb          +| 
                           |                                                                                                      | session.lastRenewalTime=1629890279662                 +| 
                           |                                                                                                      | authorization=AUTHORIZED                              +| 
                           |                                                                                                      | type=ACCESS                                           +| 
                           |                                                                                                      | userName=ajaitly                                      +| 
                           |                                                                                                      | consumerKey=jira\:4eb9a749-cf8b-4927-a1d4-174e8a82295d+| 
                           |                                                                                                      | timeToLive=157680000000                               +| 
                           |                                                                                                      |                                                        | 
 bitbucket.global.settings | com.atlassian.oauth.serviceprovider.ServiceProviderTokenStore.userAccessTokens.ajaitly               | #java.util.Properties                                 +| 130
                           |                                                                                                      | #Wed Aug 25 16:47:59 IST 2021                         +| 
                           |                                                                                                      | keys=Kwe5D78FhvhN7vemKsMn0z63ekuE4iaz                 +| 
                           |                                                                                                      | username=ajaitly                                      +| 
                           |                                                                                                      |                                                        | 
 bitbucket.global.settings | com.atlassian.oauth.serviceprovider.ServiceProviderTokenStore.tokenKeys                              | Kwe5D78FhvhN7vemKsMn0z63ekuE4iaz                       | 127
 bitbucket.global.settings | com.atlassian.oauth.serviceprovider.ServiceProviderTokenStore.consum35c23ba8624816b776784919df5bd192 | #java.util.Properties                                 +| 128
                           |                                                                                                      | #Wed Aug 25 16:47:59 IST 2021                         +| 
                           |                                                                                                      | keys=Kwe5D78FhvhN7vemKsMn0z63ekuE4iaz                 +| 
                           |                                                                                                      | consumerKey=jira\:4eb9a749-cf8b-4927-a1d4-174e8a82295d+| 
                           |                                                                                                      |                                                        | 
(4 rows)

You can delete your user Access Token using the following query:

DELETE from plugin_setting where key_name = 'com.atlassian.oauth.serviceprovider.ServiceProviderTokenStore.userAccessTokens.<Bitbucket username>';

for example:

DELETE from plugin_setting where key_name = 'com.atlassian.oauth.serviceprovider.ServiceProviderTokenStore.userAccessTokens.ajaitly';

ソリューション 2

If there are multiple tokens, you can use this query instead:

SELECT * FROM plugin_setting WHERE key_value like '%G7jz2M7y6YujwiKUiiAV8p7wvMS8R00j/Vt1uij63HFFpj9DqLxrkojrP3imWbMYB/Fp5E8Wvzgf8oQzzjrkP48xIYuVjmrucl%'

and then delete them:

DELETE FROM plugin_setting WHERE key_value like '%G7jz2M7y6YujwiKUiiAV8p7wvMS8R00j/Vt1uij63HFFpj9DqLxrkojrP3imWbMYB/Fp5E8Wvzgf8oQzzjrkP48xIYuVjmrucl%'

G7jz2M7y6YujwiKUiiAV8p7wvMS8R00j, Vt1uij63HFFpj9DqLxrkojrP3imWbMYB etc are the key_value fields that you see in the key_name: com.atlassian.oauth.serviceprovider.ServiceProviderTokenStore.tokenKeys. You can then create a new token for an Application Link where you use OAuth.

Here are the detailed steps on how to revoke tokens for the username ajaitly:

  1. Stop Bitbucket Server.
  2. In the Bitbucket Server database run the appropriate SELECT SQL query
  3. Run the corresponding DELETE SQL command to remove those tokens
  4. Restart Bitbucket Server.
  5. Go to JIRA and login as ajaitly.
  6. Click on your avatar in the upper right, then click Profile.
  7. Click Tools (upper right), then View OAuth Tokens.
  8. Remove any tokens for Bitbucket Server
  9. Remove the user tokens for ajaitly in each of the other linked applications.

This solution will remove and allow ajaitly to re-establish their OAuth tokens without impacting any other users.

When Bitbucket Server first starts, and when a new OAuth token is created, Bitbucket Server (or more specifically the Application Links subsystem) loads the data from the database into memory for quick access. Restarting Bitbucket Server would reload the tokens.

You can then recreate the token using the normal process of retrieving Bitbucket Server data (eg. PR, Branch, Commits) from within JIRA.

最終更新日 2022 年 7 月 2 日

この内容はお役に立ちましたか?

はい
いいえ
この記事についてのフィードバックを送信する
Powered by Confluence and Scroll Viewport.