👋 Hello team!!! I’m trying to enable OIDC with Google SSO but I’m getting an error. Any help would be appreciated.

extraEnvs:
    - name: AUTH_OIDC_ENABLED
      value: "true"
    - name: AUTH_OIDC_CLIENT_ID
      value: "<http://XXXXXXX.apps.googleusercontent.com|XXXXXXX.apps.googleusercontent.com>"
    - name: AUTH_OIDC_CLIENT_SECRET
      value: "YYYYYYY"
    - name: AUTH_OIDC_DISCOVERY_URI
      value: "<https://accounts.google.com/.well-known/openid-configuration>"
    - name: AUTH_OIDC_USER_NAME_CLAIM
      value: "email"
    - name: AUTH_OIDC_USER_NAME_CLAIM_REGEX
      value: "([^@]+)"
    - name: AUTH_OIDC_BASE_URL
      value: "<https://datahub.mydomain.com>"

datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend ! @7n2h5bp28 - Internal server error, for (GET) [/authenticate?redirect_uri=%2F] ->
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend play.api.UnexpectedException: Unexpected exception[CryptoException: Unable to init cipher instance.]
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at play.api.http.HttpErrorHandlerExceptions$.throwableToUsefulException(HttpErrorHandler.scala:247)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at play.api.http.DefaultHttpErrorHandler.onServerError(HttpErrorHandler.scala:176)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at play.core.server.AkkaHttpServer$$anonfun$2.applyOrElse(AkkaHttpServer.scala:363)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at play.core.server.AkkaHttpServer$$anonfun$2.applyOrElse(AkkaHttpServer.scala:361)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at scala.concurrent.Future$$anonfun$recoverWith$1.apply(Future.scala:346)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at scala.concurrent.Future$$anonfun$recoverWith$1.apply(Future.scala:345)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at scala.concurrent.impl.CallbackRunnable.run(Promise.scala:36)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at akka.dispatch.BatchingExecutor$AbstractBatch.processBatch(BatchingExecutor.scala:55)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at akka.dispatch.BatchingExecutor$BlockableBatch$$anonfun$run$1.apply$mcV$sp(BatchingExecutor.scala:92)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at akka.dispatch.BatchingExecutor$BlockableBatch$$anonfun$run$1.apply(BatchingExecutor.scala:92)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at akka.dispatch.BatchingExecutor$BlockableBatch$$anonfun$run$1.apply(BatchingExecutor.scala:92)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at scala.concurrent.BlockContext$.withBlockContext(BlockContext.scala:72)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at akka.dispatch.BatchingExecutor$BlockableBatch.run(BatchingExecutor.scala:91)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at akka.dispatch.TaskInvocation.run(AbstractDispatcher.scala:41)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at akka.dispatch.ForkJoinExecutorConfigurator$AkkaForkJoinTask.exec(ForkJoinExecutorConfigurator.scala:49)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at akka.dispatch.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at akka.dispatch.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at akka.dispatch.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at akka.dispatch.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:107)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend Caused by: org.apache.shiro.crypto.CryptoException: Unable to init cipher instance.
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at org.apache.shiro.crypto.JcaCipherService.init(JcaCipherService.java:495)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at org.apache.shiro.crypto.JcaCipherService.initNewCipher(JcaCipherService.java:599)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at org.apache.shiro.crypto.JcaCipherService.crypt(JcaCipherService.java:444)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at org.apache.shiro.crypto.JcaCipherService.encrypt(JcaCipherService.java:324)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at org.apache.shiro.crypto.JcaCipherService.encrypt(JcaCipherService.java:313)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at org.pac4j.play.store.ShiroAesDataEncrypter.encrypt(ShiroAesDataEncrypter.java:51)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at org.pac4j.play.store.PlayCookieSessionStore.set(PlayCookieSessionStore.java:77)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at org.pac4j.play.store.PlayCookieSessionStore.set(PlayCookieSessionStore.java:29)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at org.pac4j.oidc.redirect.OidcRedirectActionBuilder.addStateAndNonceParameters(OidcRedirectActionBuilder.java:97)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at org.pac4j.oidc.redirect.OidcRedirectActionBuilder.redirect(OidcRedirectActionBuilder.java:72)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at org.pac4j.core.client.IndirectClient.getRedirectAction(IndirectClient.java:109)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at org.pac4j.core.client.IndirectClient.redirect(IndirectClient.java:79)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at controllers.AuthenticationController.redirectToIdentityProvider(AuthenticationController.java:160)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at controllers.AuthenticationController.authenticate(AuthenticationController.java:87)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at router.Routes$$anonfun$routes$1$$anonfun$applyOrElse$4$$anonfun$apply$4.apply(Routes.scala:450)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at router.Routes$$anonfun$routes$1$$anonfun$applyOrElse$4$$anonfun$apply$4.apply(Routes.scala:450)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at play.core.routing.HandlerInvokerFactory$$anon$3.resultCall(HandlerInvoker.scala:134)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at play.core.routing.HandlerInvokerFactory$$anon$3.resultCall(HandlerInvoker.scala:133)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at play.core.routing.HandlerInvokerFactory$JavaActionInvokerFactory$$anon$8$$anon$2$$anon$1.invocation(HandlerInvoker.scala:108)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at play.core.j.JavaAction$$anon$1.call(JavaAction.scala:88)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at play.http.DefaultActionCreator$1.call(DefaultActionCreator.java:31)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at play.core.j.JavaAction$$anonfun$9.apply(JavaAction.scala:138)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at play.core.j.JavaAction$$anonfun$9.apply(JavaAction.scala:138)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at scala.concurrent.impl.Future$PromiseCompletingRunnable.liftedTree1$1(Future.scala:24)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at scala.concurrent.impl.Future$PromiseCompletingRunnable.run(Future.scala:24)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at play.core.j.HttpExecutionContext$$anon$2.run(HttpExecutionContext.scala:56)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at play.api.libs.streams.Execution$trampoline$.execute(Execution.scala:70)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at play.core.j.HttpExecutionContext.execute(HttpExecutionContext.scala:48)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at scala.concurrent.impl.Future$.apply(Future.scala:31)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at scala.concurrent.Future$.apply(Future.scala:494)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at play.core.j.JavaAction.apply(JavaAction.scala:138)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at play.api.mvc.Action$$anonfun$apply$2.apply(Action.scala:96)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at play.api.mvc.Action$$anonfun$apply$2.apply(Action.scala:89)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at play.api.libs.streams.StrictAccumulator$$anonfun$mapFuture$2$$anonfun$1.apply(Accumulator.scala:174)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at play.api.libs.streams.StrictAccumulator$$anonfun$mapFuture$2$$anonfun$1.apply(Accumulator.scala:174)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at scala.util.Try$.apply(Try.scala:192)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at play.api.libs.streams.StrictAccumulator$$anonfun$mapFuture$2.apply(Accumulator.scala:174)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at play.api.libs.streams.StrictAccumulator$$anonfun$mapFuture$2.apply(Accumulator.scala:170)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at scala.Function1$$anonfun$andThen$1.apply(Function1.scala:52)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at play.api.libs.streams.StrictAccumulator.run(Accumulator.scala:207)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at play.core.server.AkkaHttpServer$$anonfun$14.apply(AkkaHttpServer.scala:357)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at play.core.server.AkkaHttpServer$$anonfun$14.apply(AkkaHttpServer.scala:355)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at akka.http.scaladsl.util.FastFuture$.akka$http$scaladsl$util$FastFuture$$strictTransform$1(FastFuture.scala:41)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at akka.http.scaladsl.util.FastFuture$$anonfun$transformWith$extension1$1.apply(FastFuture.scala:51)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at akka.http.scaladsl.util.FastFuture$$anonfun$transformWith$extension1$1.apply(FastFuture.scala:50)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	... 13 common frames omitted
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend Caused by: java.security.InvalidKeyException: Invalid AES key length: 30 bytes
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at com.sun.crypto.provider.AESCrypt.init(AESCrypt.java:87)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at com.sun.crypto.provider.GaloisCounterMode.init(GaloisCounterMode.java:302)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at com.sun.crypto.provider.CipherCore.init(CipherCore.java:589)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at com.sun.crypto.provider.AESCipher.engineInit(AESCipher.java:346)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at javax.crypto.Cipher.implInit(Cipher.java:809)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at javax.crypto.Cipher.chooseProvider(Cipher.java:867)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at javax.crypto.Cipher.init(Cipher.java:1399)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at javax.crypto.Cipher.init(Cipher.java:1330)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	at org.apache.shiro.crypto.JcaCipherService.init(JcaCipherService.java:488)
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 	... 57 common frames omitted
datahub-datahub-frontend-8d7f7cf6f-xvjwm datahub-frontend 11:24:21 [Thread-1] INFO  play.core.server.AkkaHttpServer - Stopping server...

Thanks in advance!!

Yep. Thanks @acoustic-quill-54426!!

v0.8.28

is working!!

Do put long logs inside threads next time, easier for the devs to check messages

I've submitted an issue https://github.com/linkedin/datahub/issues/4416

Thank you! We are looking into this on our side.

On version 0.8.29?

yes

Is this just happening on logging out

it happens while logging in after logging out. it was reported by a coworker and started happening to me after logging out too. now I cant login

okay thank you for the help!