-
-
Notifications
You must be signed in to change notification settings - Fork 153
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
node-oauth
throws intermittent InternalOAuthErrors on fast connections
#87
Comments
I'm currently in the middle of this and have opened an issue on node-auth. @8bitDesigner I tried with a "Slow 3G" network from chrome but the issue is still there. Not able to pinpoint how to reproduce success & failure scenarios. |
Ah, the bug occurs when doing the Our workaround for the time being has been to use |
Oh, got it! Not sure if I want to walk away from Passport implementation altogether (I use it for multiple social providers). Hitting the Google APIs directly seems to be working just fine (using the token endpoint after getting the code in query params). I was not aware of request.on('error', function(e) {
- callbackCalled= true;
- callback(e);
+ if (e.code !== 'ECONNRESET') {
+ callbackCalled= true;
+ callback(e);
+ }
}); |
Passport's fine, it's just a grand-child dependency in diff --git a/node_modules/oauth/lib/oauth2.js b/node_modules/oauth/lib/oauth2.js
index 77241c4..42dd372 100644
--- a/node_modules/oauth/lib/oauth2.js
+++ b/node_modules/oauth/lib/oauth2.js
@@ -158,6 +158,7 @@ exports.OAuth2.prototype._executeRequest= function( http_library, options, post_
});
});
request.on('error', function(e) {
+ if (callbackCalled) { return }
callbackCalled= true;
callback(e);
}); Basically, what's happening is that the success or error callback is being called first, and then when the connection gets reset, it triggers the error handler. Since the callback has already been called, we can treat it like a no-op. |
Ah shoot, it doesn't look like I linked this in the original issue, but there is a PR to fix this behaviour in |
Yeah, would be great if that PR gets merged. Will be using the patch in the meantime. Thanks 🙌 |
Great find, I am hitting this as well. Thanks for the patch! Looking at the commit history, I do worry |
node-oauth 0.10.0 now contains the aforementioned pull-requests. |
🙇 |
Thank you, mate. |
I just spent quite a bit of time trying to track down this error and bumping |
If anyone is of need of a fix now, I have a working fork. You can use this as a dependency: git+https://github.com/serniebanders/passport-google-oauth2.git |
Workaround for jaredhanson#87
Workaround for jaredhanson/passport-google-oauth2#87 that would also affect this library via the same passport-oauth2 dependency and it's dependency on "oauth".
Override is for passport-google-oauth, which has not updated its dependencies to resolve an Google API issue described jaredhanson/passport-google-oauth2#87.
Override is for passport-google-oauth, which has not updated its dependencies to resolve an Google API issue described [here](jaredhanson/passport-google-oauth2#87).
Override is for passport-google-oauth, which has not updated its dependencies to resolve an Google API issue described in jaredhanson/passport-google-oauth2#87.
Override is for passport-google-oauth, which has not updated its dependencies to resolve an Google API issue described in jaredhanson/passport-google-oauth2#87.
I fixed by adding this override to
|
Hey all, I'm spinning up a new project using Passport and the Google OAuth 2.0 strategy, and I've spent the last day troubleshooting a particularly weird issue. Namely, when try to log in, locally, I get a
InternalOAuthError
the majority of the time, and occasionally get a successful login.My coworker who's on a slower connection, does not have this issue.
After much speelunking through the
node-oauth
codebase, I've found the issue here: https://github.com/ciaranj/node-oauth/blob/master/lib/oauth2.js#L124-L163What's happening is that for some requests, Google responds with an early close (eg: sends a no-content header and immediately closes the connection).
node-oauth
handles this cleanly by immediately triggering the callback (instead of waiting for anend
event). However, when Google's servers then perform a connection reset, anerror
event is triggered, andnode-oauth
naively calls the callback again resulting in anInternalOAuthError
being thrown.So, why post this bug here?
node-oauth
appears to be a dead project (the last commit was in 2017), and this bug is going to impact users ofpassport-google-oauth2
on fast connections. Hopefully by posting this issue here, other folks will be able to quickly diagnose it and find a workaround.The text was updated successfully, but these errors were encountered: