I'm having issues with an octokit-based nodejs app that was working just a couple of weeks ago. From nowhere, I'm getting auth errors that I've managed to debug to the point of getting this error message:
A JSON web token could not be decoded
This happens when I instanciate the Octokit for an installation App that works on Github and then ask anything of it (creating a PR, adding an issue, etc).
However, I'm not sure what does this mean. So far:
APP_ID and PRIVATE_KEY are variables stored in process.env.
The InstallationId I get from the Github app URL, and the other data (OWNER, REPO, etc) I've verified is correct.
This is a summarized version of my code:
const {Octokit} = require("#octokit/rest");
const { createAppAuth } = require("#octokit/auth-app");
const octokit = new Octokit({
authStrategy: createAppAuth,
auth: {
appId: APP_ID,
privateKey: PRIVATE_KEY,
// optional: this will make appOctokit authenticate as app (JWT)
// or installation (access token), depending on the request URL
installationId: process.env.INSTALLATION_ID,
},
});
const test = async()=>
await octokit.issues.create({
owner: OWNER,
repo: REPO,
title: "Hello world from me",
});
test()
What could be happening? Any help would be greatly appreciated.
Update:
I just tested this code on a different machine and... it works. So, I'm baffled as to why it is not running in the original machine.
I found the issue. The appId was wrong somehow. Quite embarrasing, but by testing on a new machine I just double checked all possible changes and found the issue.
Related
I am implementing a nodejs backend to manage users in Keycloak and for this I am using the npm package keycloak-nodejs-admin-client.
Everything works fine but when I started to try to delete resources I got 405 DELETE METHOD NOT ALLOWED
const adminClient = await initializeKeycloak()
let mapper = await adminClient.clientScopes.findProtocolMapperByName({id: openIdScopeId, name: keycloakId})
await adminClient.clientScopes.delProtocolMapper({id: openIdScopeId, name: mapper.name});
await adminClient.clientScopes.delProtocolMapper({id: samlScopeId, name: mapper.name});
For example the findProtocolMapperByName Works fine but the Delete does not and returns 405 I already tried to make sure I am using the library correctly so I think must be a keycloak configuration
This is how I configured the keycloak admin npm package:
kcAdminClient.setConfig({
realmName: 'master',
});
adminClient = await kcAdminClient.auth({
username: 'admin',
password: 'dummy',
grantType: 'password',
clientId:'admin-cli',
});
kcAdminClient.setConfig({
realmName: dummy,
});
the fact that I configure two realms is not affecting as this issue was happening before and I tried to use a user from Master realm to perform the request.
There is no information direct information on keycloak/http method and I think many a clarification of this can help lots of people, thanks!
I have found the issue: On the keycloak-nodejs-admin-client there is little docs and a test file to test the methods, there they user the mapper name to make the delete, in reality you need using the mapperID.
We have shifted our DocuSign integration from Sandbox to Production. All credentials of the sandbox are working. Also, our integration key from staging has been promoted to DocuSign's live production environment.
But when we are using production credentials then we are getting an error.
We are using docusign-esign npm package in our Node project.
This is the code after which error comes:
const client = new docuSign.ApiClient({
basePath,
oAuthBasePath,
});
const jwtTokenResult = await client.requestJWTUserToken(integratorKey, userId, scopes, privateKeyFile, expiresIn);
After the above line we get this error:
Error: getaddrinfo ENOTFOUND undefined undefined:443
Paths/URLs of Sandbox
basePath: 'https://demo.docusign.net/restapi'
oAuthBasePath: 'account-d.docusign.com'
Paths/URLs of Production
basePath: 'https://eu.docusign.net/restapi'
oAuthBasePath: 'https://account.docusign.com'
Try this one
client = new docusign.ApiClient();
client.setOAuthBasePath(dsConfig.dsOauthServer.replace('https://', ''));
client.setBasePath(args.basePath);
const jwtTokenResult = await client.requestJWTUserToken(integratorKey, userId, scopes, privateKeyFile, expiresIn);
I am using the sample Video application pulled from GitHub. I am using a node.js server to supply the sample application with the access token. When I use the Twilio Console to generate a video access token and put it in my Node.js server as a literal and return it I am able to run the example application and connect to a room. If I use the sample token generation code in my Node.js server I get 'Invalid Access Token' back in an exception in the onDisconnected method in the Room.Listener.
The following code is what is running in the server to create the access token, I also found a different sample which I tried as well. I have gone back and verified that my data values for the account SID and the API keys are correct. I have a similar method running returning the VoiceGrant access token and that is working, but something about this VideoGrant one is off, I just do not see it.
// ***********************************************************************************
// ***********************************************************************************
// Video Access Token
// ***********************************************************************************
// ***********************************************************************************
var videoCallAccessToken = function(request, response) {
console.log('/twilio/video/accessToken');
var accessToken = makeVideoAccessToken();
response.writeHead(200, {'Content-Type': 'text/plain'});
response.end(accessToken);
console.log(accessToken);
};
app.get('/twilio/video/accessToken', videoCallAccessToken);
var makeVideoAccessToken = function() {
const AccessToken = twilio.AccessToken;
const VideoGrant = AccessToken.VideoGrant;
const grant = new VideoGrant({configurationProfileSid: accountData.videoConfigurationProfileSid});
const accessToken = new AccessToken(accountData.sid, accountData.videoApiSid, accountData.videoApiSecret);
accessToken.identity = 'ABC123';
accessToken.addGrant(grant);
return accessToken.toJwt();
};
FYI...I plan to alter the identity generation, but have not got there yet.
Thanks,
Adding this from my comment as an answer to close this question out, the issue was that the example code was flawed...
Ok, thought I had waited long enough prior to actually sending this, but apparently not. The issue is the example does not work in that the value passed into the VideoGrant constructor needed to have the attribute name quoted, so {configurationProfileSid: accountData.videoConfigurationProfileSid}); needed to be {'configurationProfileSid': accountData.videoConfigurationProfileSid}); Glad I finally found that, wasted a ton of time on it, but at least it is working properly now.
I want to create a google docs sheet within my alexa skill, that is written in Node.js. I have the enabled the google API, I set the required scope in amazon dev portal, I actually can log into the google account (so the first few lines of the posted code seem to work), and I do not get any error messages. But the sheet is never created.
Now the main question would be whether anyone can see the problem in my code.
But I would also have an additional question I would be very interested in: since I use account linking, I can not try that code in the Alexa test simulator, but have to upload it to Alexa before running it, where I can not get any debug messages. How does one best debug in that way?
if (this.event!== undefined)
{
if (this.event.session.user.accessToken === undefined)
{
this.emit(':tellWithLinkAccountCard','to start using this skill, please use the companion app to authenticate on Google');
return;
}
}
else
{
this.emit(':tellWithLinkAccountCard','to start using this skill, please use the companion app to authenticate on Google');
return;
}
var oauth2Client = new google.auth.OAuth2('***.apps.googleusercontent.com', '***', '***');
oauth2Client.setCredentials({
access_token: this.event.session.user.accessToken,
refresh_token: this.event.session.user.refreshToken
});
var services = google.sheets('v4');
services.spreadsheets.create({
resource : {properties:{title:"MySheet"}},
auth : oauth2Client
}, function(err,response) {
if( err ) {
console.log('Error : unable to create file, ' + err);
return;
} else {
console.dir(response);
}
});
Edit: I tried just the lower part manually, and could create a spreadsheet. So the problem seems indeed to be retrieving the access token with "this.event.session.user.accessToken" .
I find it is much easier to debug issues like this using unit tests. This allows rerunning code locally. I use NPM and Mocha and it makes it easier to debug both custom and smart home skills. There is quite a bit of information available online about how to use NPM and Mocha to test Nodejs code, so I won't repeat that here. For example, refer to the Big Nerd Ranch article. It makes it a bit more complex to setup your project initially, but you'll be glad you did every time you hit a bug.
In this example, I would divide the code in half:
The first half would handle the request coming from Alexa and extract the token.
The second half would use the token to create the Google doc. I would also pass the name of the doc to create.
I would test the 2nd part first, passing in a valid token (for testing only) and a test doc name. When that is working, at least you'd know that the doc creation code was working, and any issues would have to be with the token or how you're getting it.
Once that was working, I would then create a test for the first part.
I would us a hardcoded JSON object to pass in as the 'event', with event.session.user.accesToken set to a the working test token used in the first test:
'use strict';
var token = '<valid token obtained from google account>';
let testEvent = {
'session': {
'user': {
'accessToken': token
}
}
}
When I run my app, I get this error message, and I'm not entirely sure why.
[ { code: 89, message: 'Invalid or expired token.' } ]
It was working a little over a week ago, and I even generated tokens for a new application, and I'm still receiving the error.
I've tried looking into this, and I've tried everything from a new application, reinstalling node packages. I'm currently trying to use the twitter node package here: https://www.npmjs.com/package/twitter
According to documentation, my usage was right, and I can confirm the same code was working about a week ago.
var Twitter = require('twitter');
var auth = require('../config/twitter.js');
var client = new Twitter({
consumer_key: auth['consumer_key'],
consumer_secret: auth['consumer_secret'],
access_token: auth['access_token'],
access_token_secret: auth['access_token_secret']
});
client.get('statuses/user_timeline', {screen_name: 'lrroberts0122', count: 10}, function(error, tweets) {
if(error) {
console.log(error);
} else {
console.log(tweets);
};
});
I can also confirm with absolute certainty that the keys are being pulled accurately from my config file.
I'm just trying to get the statuses of the user timeline - the last 'x' amount of tweets from a specified user. I wasn't using any kind of authentication or Oauth aside from my own for the API - so I'm not sure if I need to implement something now.
Any help would be greatly appreciated! =)
Thank you very much for your help!
As an added note, I did take a look at this SO question: Twitter application oauth started returning error code 89 Invalid or expired token after 1 year working
But I'm not sure if it applies in what I'm trying to do.
This is a barebones node application, so there's really not much other than what I already have. Please let me know if there's any additional information you might need.
Generate new access token and try with that. ref: https://twittercommunity.com/t/solved-errors-message-invalid-or-expired-token-code-89/10797/11