I am following clone project youtube (https://youtu.be/g7nZ1R-5K40) and encountered problems applying facebook oauth.
My (1) codes (2) error message on the console (3) browser message are below.
Problem is, I made a consumer application for a Facebook developer but when I used it (its credential) with next-auth and tried sign-in, I get these errors.
URL is localhost:3000
How can I fix this?
(1) code:
import NextAuth from "next-auth";
import FacebookProvider from "next-auth/providers/facebook";
export const authOptions = {
// Configure one or more authentication providers
providers: [
FacebookProvider({
clientId: process.env.FACEBOOK_CLIENT_ID,
clientSecret: process.env.FACEBOOK_CLIENT_SECRET,
}),
// ...add more providers here
],
};
export default NextAuth(authOptions);
(2) Console:
[next-auth][error][OAUTH_CALLBACK_ERROR]
https://next-auth.js.org/errors#oauth_callback_error self signed certificate in certificate chain {
error: Error: self signed certificate in certificate chain
at TLSSocket.onConnectSecure (node:_tls_wrap:1532:34)
at TLSSocket.emit (node:events:527:28)
at TLSSocket.emit (node:domain:475:12)
at TLSSocket._finishInit (node:_tls_wrap:946:8)
at TLSWrap.ssl.onhandshakedone (node:_tls_wrap:727:12) {
name: 'OAuthCallbackError',
code: 'SELF_SIGNED_CERT_IN_CHAIN'
},
providerId: 'facebook',
message: 'self signed certificate in certificate chain'
}
(3) Browser:
Related
When trying to run truffle migrate --network bsc, truffle usually (not always) manages to deploy the migrations contract, then fails with an error: header not found.
Error [ERR_UNHANDLED_ERROR]: Unhandled error. ({ code: -32000, message: 'header not found' })
at new NodeError (node:internal/errors:363:5)
at Web3ProviderEngine.emit (node:events:354:17)
at D:\Contracts\novaria\node_modules\web3-provider-engine\index.js:54:14
at afterRequest (D:\Contracts\novaria\node_modules\web3-provider-engine\index.js:148:21)
at D:\Contracts\novaria\node_modules\web3-provider-engine\index.js:174:21
at D:\Contracts\novaria\node_modules\web3-provider-engine\index.js:232:9
at D:\Contracts\novaria\node_modules\async\internal\once.js:12:16
at replenish (D:\Contracts\novaria\node_modules\async\internal\eachOfLimit.js:61:25)
at D:\Contracts\novaria\node_modules\async\internal\eachOfLimit.js:71:9
at eachLimit (D:\Contracts\novaria\node_modules\async\eachLimit.js:43:36)
at D:\Contracts\novaria\node_modules\async\internal\doLimit.js:9:16
at end (D:\Contracts\novaria\node_modules\web3-provider-engine\index.js:211:5)
at Request._callback (D:\Contracts\novaria\node_modules\web3-provider-engine\subproviders\rpc.js:70:28)
at Request.self.callback (D:\Contracts\novaria\node_modules\request\request.js:185:22)
at Request.emit (node:events:365:28)
at Request.<anonymous> (D:\Contracts\novaria\node_modules\request\request.js:1154:10)
at Request.emit (node:events:365:28)
at IncomingMessage.<anonymous> (D:\Contracts\novaria\node_modules\request\request.js:1076:12)
at Object.onceWrapper (node:events:471:28)
at IncomingMessage.emit (node:events:377:35)
at endReadableNT (node:internal/streams/readable:1312:12)
at processTicksAndRejections (node:internal/process/task_queues:83:21)
Here's the config for bsc network:
bsc: {
provider: () => { return new HDWalletProvider(mnemonic, `https://bsc-dataseed2.binance.org/`)},
network_id: 56,
confirmations: 10,
timeoutBlocks: 200,
skipDryRun: true,
},
compilers: {
solc: {
version: "0.8.7", // Fetch exact version from solc-bin (default: truffle's version)
// docker: true, // Use "0.5.1" you've installed locally with docker (default: false)
settings: { // See the solidity docs for advice about optimization and evmVersion
optimizer: {
enabled: true,
runs: 200
},
Deploying to testnet and development works without issue. I have in the past deployed to bsc with truffle (been a while though). I've tried changing RPC urls, and messed around with timeout and confirmations (pretty sure that doesn't make a difference for this error). After searching the internet for solutions, the only answer that seems to have worked for people is to change the RPC, but I haven't had any luck with that. Does anyone have any suggestions?
I had the same problem today. Fixed it by using the Websocket endpoint wss://bsc-ws-node.nariox.org:443 from the smart chain docs https://docs.binance.org/smart-chain/developer/rpc.html
I'm working with AWS Aurora Serverless V1 (with Postgres engine) and I'm trying to connect using node-postgres. I was able to connect without SSL perfectly, but when I add the SSL config at the pg client I keep receiving this error:
{
"message": "unable to get local issuer certificate",
"stack": "Error: unable to get local issuer certificate\n at TLSSocket.onConnectSecure (_tls_wrap.js:1497:34)\n at TLSSocket.emit (events.js:315:20)\n at TLSSocket.EventEmitter.emit (domain.js:467:12)\n at TLSSocket._finishInit (_tls_wrap.js:932:8)\n at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:706:12)"
}
This is how the SSL config object is been declared
const ca = `-----BEGIN CERTIFICATE-----
MIIEBjCCAu6gAwIBAgIJAMc0ZzaSUK51MA0GCSqGSIb3DQEBCwUAMIGPMQswCQYD
VQQGEwJVUzEQMA4GA1UEBwwHU2VhdHRsZTETMBEGA1UECAwKV2FzaGluZ3RvbjEi
MCAGA1UECgwZQW1hem9uIFdlYiBTZXJ2aWNlcywgSW5jLjETMBEGA1UECwwKQW1h
em9uIFJEUzEgMB4GA1UEAwwXQW1hem9uIFJEUyBSb290IDIwMTkgQ0EwHhcNMTkw
ODIyMTcwODUwWhcNMjQwODIyMTcwODUwWjCBjzELMAkGA1UEBhMCVVMxEDAOBgNV
BAcMB1NlYXR0bGUxEzARBgNVBAgMCldhc2hpbmd0b24xIjAgBgNVBAoMGUFtYXpv
biBXZWIgU2VydmljZXMsIEluYy4xEzARBgNVBAsMCkFtYXpvbiBSRFMxIDAeBgNV
BAMMF0FtYXpvbiBSRFMgUm9vdCAyMDE5IENBMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEArXnF/E6/Qh+ku3hQTSKPMhQQlCpoWvnIthzX6MK3p5a0eXKZ
oWIjYcNNG6UwJjp4fUXl6glp53Jobn+tWNX88dNH2n8DVbppSwScVE2LpuL+94vY
0EYE/XxN7svKea8YvlrqkUBKyxLxTjh+U/KrGOaHxz9v0l6ZNlDbuaZw3qIWdD/I
6aNbGeRUVtpM6P+bWIoxVl/caQylQS6CEYUk+CpVyJSkopwJlzXT07tMoDL5WgX9
O08KVgDNz9qP/IGtAcRduRcNioH3E9v981QO1zt/Gpb2f8NqAjUUCUZzOnij6mx9
McZ+9cWX88CRzR0vQODWuZscgI08NvM69Fn2SQIDAQABo2MwYTAOBgNVHQ8BAf8E
BAMCAQYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUc19g2LzLA5j0Kxc0LjZa
pmD/vB8wHwYDVR0jBBgwFoAUc19g2LzLA5j0Kxc0LjZapmD/vB8wDQYJKoZIhvcN
AQELBQADggEBAHAG7WTmyjzPRIM85rVj+fWHsLIvqpw6DObIjMWokpliCeMINZFV
ynfgBKsf1ExwbvJNzYFXW6dihnguDG9VMPpi2up/ctQTN8tm9nDKOy08uNZoofMc
NUZxKCEkVKZv+IL4oHoeayt8egtv3ujJM6V14AstMQ6SwvwvA93EP/Ug2e4WAXHu
cbI1NAbUgVDqp+DRdfvZkgYKryjTWd/0+1fS8X1bBZVWzl7eirNVnHbSH2ZDpNuY
0SBd8dj5F6ld3t58ydZbrTHze7JJOd8ijySAp4/kiu9UfZWuTPABzDa/DSdz9Dk/
zPW4CXXvhLmE02TA9/HeCw3KEHIwicNuEfw=
-----END CERTIFICATE-----`
module.exports = {
rejectUnauthorized: true,
ca,
checkServerIdentity: (host, cert) => {
const error = tls.checkServerIdentity(host, cert)
if (
error &&
!cert.subject.CN.endsWith('.rds.amazonaws.com')
) {
return error
}
}
}
I am downloading the certificate directly from Amazon https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.SSL.html
Aurora Serverless docs say that SSL is enforced by default, so I think I'm doing all the neccesary things to make the connection right, but it isn't working though. Maybe there is something about "serverless connections" that work differently from classic ones and I'm not understanding it.
Windows 10 Pro
MySQL8.0
node.js v14.15.5
openssl 1.1.1c
I'm trying to connect to a MySQL database using node, I'm able to connect without TLS just fine. I used openssl to create a private key and self signed certificate. When I try to use TLS in my node app, I keep getting the following error:
$ NODE_TLS_REJECT_UNAUTHORIZED=0 node index.js
(node:15480) Warning: Setting the NODE_TLS_REJECT_UNAUTHORIZED environment variable to '0' makes TLS connections and HTTPS requests insecure by disabling certificate verification.
(Use `node --trace-warnings ...` to show where the warning was created)
Error: self signed certificate in certificate chain
at TLSSocket.onConnectSecure (_tls_wrap.js:1497:34)
at TLSSocket.emit (events.js:315:20)
at TLSSocket._finishInit (_tls_wrap.js:932:8)
at TLSWrap.ssl.onhandshakedone (_tls_wrap.js:706:12) {
code: 'SELF_SIGNED_CERT_IN_CHAIN'
}
TypeError: Cannot read property 'sql' of undefined
at C:\Users\gregb\Desktop\PROGRAMMING\VS Code Workspace\xdevapi2\index.js:40:32
at processTicksAndRejections (internal/process/task_queues.js:93:5)
[]
[]
Index.js
let mysqlx = require('#mysql/xdevapi');
let fs = require('fs');
require('dotenv').config();
let rows = [];
let columns = [];
// Works without TLS
// let config = {
// host: 'localhost',
// port: 33060,
// user: 'root',
// database: 'user',
// password: process.env.password
// };
const config = {
host: 'localhost',
port: 33060,
user: 'root',
database: 'user',
password: process.env.password,
ssl: true,
tls: {
rejectUnauthorized: false,
key: fs.readFileSync('./privatekey2.pem'),
cert: fs.readFileSync('./example.crt'),
ca: './cacert.pem'
}
};
(async function () {
let session;
try {
session = await mysqlx.getSession(config);
} catch(err) {
console.log(err);
}
try {
let result = await session.sql('SELECT "firstName" AS c1, "lastName" AS c2')
.execute(row => rows.push(row), column => columns = columns.concat(column));
session.close();
} catch(err) {
console.log(err);
}
console.log(rows); // [['foo', 'bar']]
console.log(columns.map(column => column.getColumnLabel())); // ['c1', 'c2']
})();
I also tried:
NODE_TLS_REJECT_UNAUTHORIZED='0' node index.js
How I used openssl:
Create a public/private key file pair:
openssl genrsa -out privkey2.pem 4096
Split into public/private:
openssl ssh-keygen -t rsa -b 4096 -f privatekey2.pem
Create a cert
openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes -keyout privatekey2.pem -out example.crt
The problem does not seem to be related to the certificate you are using. It should be related to the fact that you provide a path for the certificate authority file (ca). You do this when you want the client to verify that the server certificate was signed using a certificate in the CA chain, which only works if rejectUnauthorized is true, which is automatically set once you provide that valid CA file path, thus, your custom rejectUnauthorized: false is ignored.
Which begs the question, Is the server certificate signed by the CA you are providing? I suspect it is not, in which case, the error is legitimate.
If so, then it is a bug, and you should report it using the public MySQL issue tracker. However, I ran a few tests and I'm convinced there is no issue, but if you are able to produce a server certificate that was, indeed, signed by that particular CA, which allows to reproduce the same exact scenario, maybe we can dig some dirt.
Disclaimer: I'm the lead developer of MySQL X DevAPI Connector for Node.js
I try to login a dummy user with the firebase js sdk localy. I have the default firebase emulator running. After calling the function i get following exception:
Error: Headers X-Client-Version forbidden
at dispatchError (C:\Users\user\Documents\Projekte\Backend\functions\node_modules\jsdom\lib\jsdom\living\xhr\xhr-utils.js:62:19)
at validCORSPreflightHeaders (C:\Users\user\Documents\Projekte\Backend\functions\node_modules\jsdom\lib\jsdom\living\xhr\xhr-utils.js:99:5)
at Request.<anonymous> (C:\Users\user\Documents\Projekte\Backend\functions\node_modules\jsdom\lib\jsdom\living\xhr\xhr-utils.js:367:12)
at Request.emit (events.js:315:20)
at Request.onRequestResponse (C:\Users\user\Documents\Projekte\Backend\functions\node_modules\request\request.js:1059:10)
at ClientRequest.emit (events.js:315:20)
at HTTPParser.parserOnIncomingClient [as onIncoming] (_http_client.js:641:27)
at HTTPParser.parserOnHeadersComplete (_http_common.js:126:17)
at Socket.socketOnData (_http_client.js:509:22)
at Socket.emit (events.js:315:20) undefined
at VirtualConsole.<anonymous> (node_modules/jsdom/lib/jsdom/virtual-console.js:29:45)
at dispatchError (node_modules/jsdom/lib/jsdom/living/xhr/xhr-utils.js:65:53)
at validCORSPreflightHeaders (node_modules/jsdom/lib/jsdom/living/xhr/xhr-utils.js:99:5)
at Request.<anonymous> (node_modules/jsdom/lib/jsdom/living/xhr/xhr-utils.js:367:12)
at Request.onRequestResponse (node_modules/request/request.js:1059:10)
console.log
t {
code: 'auth/network-request-failed',
message: 'A network error (such as timeout, interrupted connection or unreachable host) has occurred.',
a: null
}
at Object.<anonymous> (test/test.ts:275:12)
If i try to connect to my online project it works fine, but i want to perform my testing localy with the emulator.
Example Code:
const app = firebase.initializeApp(firebaseConfig);
app.auth().useEmulator("http://localhost:9099");
app.firestore().settings({
host: "localhost:8080",
ssl: false,
});
test('Example test case', async () => {
try {
const cred: UserCredential = await app.auth().signInWithEmailAndPassword("foo#bar.de", "bla2377");
expect(cred).toBeTruthy();
expect(cred.user).toBeTruthy();
} catch (e) {
console.log(e);
expect(true).toBeFalsy();
}
});
Enviorment Informations:
Operating System version: Windows 10 Home 10.0.18363 Build 18363
Firebase SDK version: 8.2.3
Jest Version: 26.6.3
Node Version: 14
jsdom doesn't support wildcard access-control-allow-headers, which are used by firebase. This answer fixes the exception.
I am using the balance transfer sample.
I have enabled the ORDERER_GENERAL_TLS_CLIENTAUTHREQUIRED=true in orderer container.
While creating a new channel(mychannel) it was throwing error of Handshake failed with fatal error
After the error I configured the client
client.setTlsClientCertAndKey(cert, key);
let adminClient = JSON.parse(
fs.readFileSync(path.join(__dirname, "../fabric-client-kv-org1/admin"))
);
logger.info(adminClient);
client.setTlsClientCertAndKey(
adminClient.enrollment.identity.certificate,
adminClient.enrollment.signingIdentity
);
I am importing admin and then using its signingIdentity and certificate to set the tls client.
Now, it is throwing error as Invalid private key
E0619 17:15:44.135000000 139448 ssl_transport_security.cc:671] Invalid private key.
E0619 17:15:44.136000000 139448 security_connector.cc:1087] Handshaker factory creation failed with TSI_INVALID_ARGUMENT.
E0619 17:15:44.137000000 139448 secure_channel_create.cc:121] Failed to create secure subchannel for secure name 'localhost:7050'
E0619 17:15:44.137000000 139448 secure_channel_create.cc:154] Failed to create subchannel arguments during subchannel creation.
2019-06-19T11:45:47.132Z - error: [Remote.js]: Error: Failed to connect before the deadline URL:grpcs://localhost:7050
2019-06-19T11:45:47.133Z - error: [Orderer.js]: Orderer grpcs://localhost:7050 has an error Error: Failed to connect before the deadline URL:grpcs://localhost:7050
What is the cause of error and Am I using the correct client certificate and key? It is confusing in docs
https://fabric-sdk-node.github.io/tutorial-network-config.html
I figured out the reason for the invalid private key. The signing identity is not the private key.
After registering the user, I am enrolling it and saving its private key and certificate locally.
let req = {
enrollmentID: "admin",
enrollmentSecret: "adminpw",
profile: "tls"
};
const enrollment = await caClient.enroll(req);
client.setTlsClientCertAndKey(
enrollment.certificate,
enrollment.key.toBytes()
);