Fix LazyInitializationException in agent WebSocket proxy (#169)

Copilot · phrocker · web-flow · commit db1e381898a3 · 2025-11-26T05:45:48.000-05:00
* Initial plan

* Fix LazyInitializationException in agent proxy communication

Co-authored-by: phrocker &lt;1781585+phrocker@users.noreply.github.com&gt;

---------

Co-authored-by: copilot-swe-agent[bot] &lt;198982749+Copilot@users.noreply.github.com&gt;
Co-authored-by: phrocker &lt;1781585+phrocker@users.noreply.github.com&gt;
diff --git a/dataplane/src/main/java/io/sentrius/sso/core/repository/OpsApprovalRepository.java b/dataplane/src/main/java/io/sentrius/sso/core/repository/OpsApprovalRepository.java
@@ -4,11 +4,14 @@
 import java.util.UUID;
 import io.sentrius.sso.core.model.zt.OpsApproval;
 import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Query;
+import org.springframework.data.repository.query.Param;
 
 public interface OpsApprovalRepository extends JpaRepository<OpsApproval, Long> {
     void deleteByZtatRequestId(Long ztatRequestId);
 
     Optional<OpsApproval> findByZtatRequestId(Long id);
 
-    Optional<OpsApproval> findByToken(UUID token);
+    @Query("SELECT oa FROM OpsApproval oa LEFT JOIN FETCH oa.ztatRequest WHERE oa.token = :token")
+    Optional<OpsApproval> findByToken(@Param("token") UUID token);
 }
diff --git a/dataplane/src/main/java/io/sentrius/sso/core/services/security/ZeroTrustAccessTokenService.java b/dataplane/src/main/java/io/sentrius/sso/core/services/security/ZeroTrustAccessTokenService.java
@@ -19,11 +19,11 @@
 import io.sentrius.sso.core.model.zt.OpsZeroTrustAcessTokenRequest;
 import io.sentrius.sso.core.repository.OpsJITRequestRepository;
 import io.sentrius.sso.core.utils.ZTATUtils;
-import jakarta.transaction.Transactional;
 import lombok.NonNull;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
 
 @Slf4j
 @Service
@@ -323,6 +323,7 @@ public void addCommunicationLink(RequestCommunicationLink link) {
     ztatRequestService.addCommunicationLink(link);
   }
 
+  @Transactional(readOnly = true)
   public boolean isOpsActive(String ztat) {
     var status = ztatRequestService.getOpsTokenStatus(ztat);
     if (status.isPresent()) {
@@ -346,6 +347,7 @@ public boolean isOpsActive(String ztat) {
 
   }
 
+  @Transactional
   public boolean incremenOpsUses(String ztat) {
     var status = ztatRequestService.getOpsTokenStatus(ztat);
     if (status.isPresent()) {
diff --git a/dataplane/src/main/java/io/sentrius/sso/core/services/security/ZeroTrustRequestService.java b/dataplane/src/main/java/io/sentrius/sso/core/services/security/ZeroTrustRequestService.java
@@ -192,6 +192,7 @@ public void revokeJIT(ZeroTrustAccessTokenRequest ztatRequest, Long userId) {
         }
     }
 
+    @Transactional(readOnly = true)
     public Optional<OpsApproval> getOpsTokenStatus(String token ) {
         try {
             return opsApprovalRepository.findByToken(UUID.fromString(token));

Original file line number	Diff line number	Diff line change
`@@ -192,6 +192,7 @@ public void revokeJIT(ZeroTrustAccessTokenRequest ztatRequest, Long userId) {`
`192`	`192`	`}`
`193`	`193`	`}`
`194`	`194`
	`195`	`+ @Transactional(readOnly = true)`
`195`	`196`	`public Optional<OpsApproval> getOpsTokenStatus(String token ) {`
`196`	`197`	`try {`
`197`	`198`	`return opsApprovalRepository.findByToken(UUID.fromString(token));`