OIDC Extension does not work anymore with Azure AD and Quarkus 1.13.0

Describe the bug

Looks like there is a regression when updating from Quarkus 1.12.x to 1.13.0

We get a 401 Unauthorized when we try to authenticate through Azure AD with Quarkus OIDC, this used to work fine in the previous versions. I did some debugging and turns out Azure AD doesn’t like the chunked transfer headers.

I intercepted the requests to Azure AD with ProxyMan and Quarkus running locally. Below are the cURL exports from those requests.

Quarkus 1.12.x

curl 'https://login.microsoftonline.com/<<tenant>>/oauth2/v2.0/token' \
-X POST \
-H 'Content-Length: 878' \       
-H 'Accept: application/json,application/x-www-form-urlencoded;q=0.9' \
-H 'Authorization: Basic <<secret>>' \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'Host: login.microsoftonline.com' \
--proxy http://localhost:9090 \
-d 'code=<<code>>&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Fauth&grant_type=authorization_code'

Quarkus 1.13.0

curl 'https://login.microsoftonline.com/<<tenant>>/oauth2/v2.0/token' \
-X POST \
-H 'Transfer-Encoding: chunked' \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'User-Agent: Vert.x-WebClient/3.9.5' \
-H 'Authorization: Basic <<secret>>' \
-H 'Host: login.microsoftonline.com' \
--proxy http://localhost:9090 \
-d 'grant_type=authorization_code&code=<<code>>&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Fauth'

The last request returns a 404 Not Found from Azure AD. It looks like that Azure AD doesn’t like the chunked transfer encoding from the Vert.x WebClient. If I remove the header 'Transfer-Encoding: chunked' I can successfully obtain a token with the above cURL request. Can we set some config for the Vert.x WebClient or do we need to dive a bit deeper here? I would be glad to help out and test some more.

Expected behavior

Successful authentication through Azure AD with Quarkus OIDC.

Actual behavior

Quarkus returns a 401 Unauthorized after successfully authenticating to Azure AD as a user.

To Reproduce

Link to a small reproducer (preferably a Maven project if the issue is not Gradle-specific).

Or attach an archive containing the reproducer to the issue.

Steps to reproduce the behavior:

1. Set up a project with Quarkus OIDC
2. Set the needed properties for your OIDC server with Azure AD
3. Try to login with Azure AD
4. You get a 401 Unauthorized from Quarkus

Configuration

# Add your application.properties here, if applicable.

Screenshots

(If applicable, add screenshots to help explain your problem.)

Environment (please complete the following information):

Output of uname -a or ver

Darwin Willems-MBP.i.btp34.nl 20.3.0 Darwin Kernel Version 20.3.0: Thu Jan 21 00:07:06 PST 2021; root:xnu-7195.81.3~1/RELEASE_X86_64 x86_64

Output of java -version

openjdk version "11.0.10" 2021-01-19
OpenJDK Runtime Environment AdoptOpenJDK (build 11.0.10+9)
OpenJDK 64-Bit Server VM AdoptOpenJDK (build 11.0.10+9, mixed mode)

GraalVM version (if different from Java)

Quarkus version or git rev

1.13.0.FINAL

Build tool (ie. output of mvnw --version or gradlew --version)

Apache Maven 3.6.3 (cecedd343002696d0abb50b32b541b8a6ba2883f)
Maven home: /Users/wjglerum/.m2/wrapper/dists/apache-maven-3.6.3-bin/1iopthnavndlasol9gbrbg6bf2/apache-maven-3.6.3
Java version: 11.0.10, vendor: AdoptOpenJDK, runtime: /Library/Java/JavaVirtualMachines/adoptopenjdk-11.jdk/Contents/Home
Default locale: en_NL, platform encoding: UTF-8
OS name: "mac os x", version: "10.16", arch: "x86_64", family: "mac"

Additional context

(Add any other context about the problem here.)