Auth0 Home Blog Docs

Authorization failing on GCP (which has NTP)

token
spring-security
unauthorized
#1

I have a Spring-boot back-end application running on Google Cloud Platform that suddenly started failing authorization of POSTs from a front-end app (also running on GCP)

the response to the POST is “status”: 401, “error”: “Unauthorized”

I test this back-end app on my local workstation with a script that uses cURL to get and save an auth0 token to a text file, parse out the token for a subsequent cURL that sends a POST to my test app. This used to work all the time, but recently started working only sometimes.

So, both these servers show the same symptoms as this issue: Token is not authorized immediately, which recommends implementing NTP on the host that is requesting authorization.

Two things:
1 - I put a 60 second delay in my test setup between getting a token and using it… this did not work
B - I didn’t run NTP on my windows machine but I played with the system time and found that I could get my test setup to work.
thirdly - GCP already comes with instances that are NTP synchronized.

I feel like I have some kind of clock synchronization problem, especially since the same code can be running locally (works if I play with the system clock) in a GCP dev environment (never works) and in a GCP staging environment (always works). But given that GCP should already be NTP synchronized does anybody have any further suggestions?

I’d like to be able to see some failure logs at the DEBUG level, but I can’t find the right logger to configure