Skip to content
This repository has been archived by the owner on Dec 31, 2020. It is now read-only.

Google Auth Causes Internal Error On Callback #350

Open
tlafargue opened this issue Feb 5, 2020 · 17 comments · May be fixed by #353 or #361
Open

Google Auth Causes Internal Error On Callback #350

tlafargue opened this issue Feb 5, 2020 · 17 comments · May be fixed by #353 or #361

Comments

@tlafargue
Copy link

tlafargue commented Feb 5, 2020

I used to have a working MFG instance. I've always kept it up and a few months ago when I tried to log in it threw an internal error on the /auth/google/callback page after going through Google sign in.

Here is my exact .env file:

# Google consumer credentials for oauth
# - Generate these here https://console.developers.google.com/apis/credentials/oauthclient
#   and make sure to enable the Google+ API
#
# Examples:
GOOGLE_CONSUMER_KEY=173590999145-n4lmi010l8hebitirunsi4v7vnesicp5.apps.googleusercontent.com
GOOGLE_CONSUMER_SECRET=mfq7GUjpUJJpAyCah1gwU0b2
GOOGLE_CALLBACK=http://ec2-52-50-44-43.eu-west-1.compute.amazonaws.com/auth/google/callback
# if you aim to contribute and run the project via npm then use : GOOGLE_CALLBACK=http://localhost:8080/auth/google/callback

# Postgres user and database information
# - These variables should match your Postgres configuration
#
PSQL_HOST=
PSQL_USERNAME=
PSQL_PASSWORD=
PSQL_DATABASE=

# Redis configuration (optional, uses localhost by default)
# REDIS_HOST=
# REDIS_PORT=
# REDIS_PASSWORD=

# AWS keys are encrypted in the database using this user-specified password.
# - Generate a random password and provide it here.
#
# Example:
# ENCRYPTION_PASSWORD=VERYSECURERANDOMPASSWORD123
ENCRYPTION_PASSWORD=e}o.\tGC6yMFcyN,PrI2{o^Teb,o-h1o

# Default url used for unsubscription links, link tracking + pixel tracking links
# - This is usually the domain of the app.
# - Note that this can be overriden on a per-user basis if a user provides a whitelabel url
#   in their settings page
#
# Example:
# PUBLIC_HOSTNAME=http://myappishostedhere.com
PUBLIC_HOSTNAME=http://ec2-52-50-44-43.eu-west-1.compute.amazonaws.com

The logs in docker show this:

app_1       | Error
app_1       |     at /usr/src/app/node_modules/passport-google-oauth20/lib/strategy.js:95:21
app_1       |     at passBackControl (/usr/src/app/node_modules/oauth/lib/oauth2.js:132:9)
app_1       |     at IncomingMessage.<anonymous> (/usr/src/app/node_modules/oauth/lib/oauth2.js:157:7)
app_1       |     at emitNone (events.js:110:20)
app_1       |     at IncomingMessage.emit (events.js:207:7)
app_1       |     at endReadableNT (_stream_readable.js:1045:12)
app_1       |     at _combinedTickCallback (internal/process/next_tick.js:138:11)
app_1       |     at process._tickDomainCallback (internal/process/next_tick.js:218:9)

Finally here is the configuration of my oAuth Client:
image

Google+ API is obviously enabled. I have tried creating other oAuth Clients, even trying on an other Google account and I cannot for the life of me figure out what is wrong.

@khaninejad
Copy link

same here

@wayneclancy
Copy link

Same here

@moringaman
Copy link

Moi aussi :-(

@lrybakova
Copy link

same here

@QuincyLarson
Copy link
Contributor

Thanks for your patience everyone.

I just emailed @AndrewWalsh and asked if he could take a look at this issue. He knows Mail for Good better than anyone, and did most of the initial development.

I personally have been using Mail for Good each week for my email blast to ~3 million subscribers, and haven't had any problems with authentication. But if it is affecting you all, we are going to look into this and try and fix it as quickly as possible.

@lrybakova
Copy link

lrybakova commented May 20, 2020

Dear @QuincyLarson , thank you very much for your involvement!!!

I actually managed to reach out to @Asjas , who has been recently in charge of the Mail for Good. He has been kind enough to do a research, which shown the nature of the problem to be in recent (March 2019) discontinuation of Google+ API. In the same time he noticed that local auth doesn't work with no clear reason.

I believe the information he discovered if passed to @AndrewWalsh might be useful and shorten the research time for him.

Looking forward hearing from you!

@camperbot camperbot pinned this issue May 23, 2020
@raisedadead raisedadead linked a pull request May 23, 2020 that will close this issue
@raisedadead
Copy link
Member

raisedadead commented May 23, 2020

Turns out, we need to do some housekeeping on the dependencies, I was able to patch some of the most critical ones, that were breaking Passport's parsing strategy as fixed wayback here: jaredhanson/passport-google-oauth2@039a31d

If anyone is willing to test the fix in the linked PR, here are the steps:

git clone https://github.com/freeCodeCamp/mail-for-good
git checkout fix/auth
npm install
docker-compose up

@tlafargue
Copy link
Author

@raisedadead I tried out the fix/auth branch with no success. I modified the docker-compose.yml to have the image built from source instead of pulling but I ran into an error upon npm install with the bcrypt dependency. This seems to be due to the fact that the project is using an older version of node (8.2.1) so I went ahead and rebuilt using node version 10.21.0. This did allow the image to be built but I got the following runtime error :

app_1       | TypeError: req.session.touch is not a function
app_1       |     at ServerResponse.end (/node_modules/express-session/index.js:325:21)
app_1       |     at ServerResponse.redirect (/node_modules/express/lib/response.js:947:10)
app_1       |     at isAuth (/server/routes/middleware/auth.js:8:11)
app_1       |     at Layer.handle [as handle_request] (/node_modules/express/lib/router/layer.js:95:5)
app_1       |     at next (/node_modules/express/lib/router/route.js:137:13)
app_1       |     at Route.dispatch (/node_modules/express/lib/router/route.js:112:3)
app_1       |     at Layer.handle [as handle_request] (/node_modules/express/lib/router/layer.js:95:5)
app_1       |     at /node_modules/express/lib/router/index.js:281:22
app_1       |     at param (/node_modules/express/lib/router/index.js:354:14)
app_1       |     at param (/node_modules/express/lib/router/index.js:365:14)
app_1       |     at Function.process_params (/node_modules/express/lib/router/index.js:410:3)
app_1       |     at next (/node_modules/express/lib/router/index.js:275:10)
app_1       |     at _cookieSession (/node_modules/cookie-session/index.js:126:5)
app_1       |     at Layer.handle [as handle_request] (/node_modules/express/lib/router/layer.js:95:5)
app_1       |     at trim_prefix (/node_modules/express/lib/router/index.js:317:13)
app_1       |     at /node_modules/express/lib/router/index.js:284:7

What version of node are you successfully running this on? Anything else I can try? Would also love to know if there are any updates from @QuincyLarson or @AndrewWalsh.
Thank you everyone for the help and the outstanding work on this project. Can't wait to have my instance up and running again.

@raisedadead
Copy link
Member

Ah - that's a bummer.

I used node 8. Can you try npm ci? Like so:

git clone https://github.com/freeCodeCamp/mail-for-good
git checkout fix/auth
npm ci
docker-compose up

If that doesn't work, let me know I will try and investigate.

@tlafargue
Copy link
Author

@raisedadead Hey just to be clear I'm trying to run the app within a docker container so whatever npm command you are telling me to run, I am adding to the Dockerfile. I don't think this should make a difference but maybe I should try running the app outside Docker. My problem is I already have an another app installed on my machine that requires a more recent version of node so I really think Docker is my best option.

Anyways I did try adding npm ci to the Dockerfile and got the same error when trying to install bcrypt:

npm info lifecycle [email protected]~install: [email protected]

> [email protected] install /usr/src/app/node_modules/bcrypt
> node-pre-gyp install --fallback-to-build

node-pre-gyp info it worked if it ends with ok
node-pre-gyp info using [email protected]
node-pre-gyp info using [email protected] | linux | x64
node-pre-gyp WARN Using request for node-pre-gyp https download
node-pre-gyp info This Node instance does not support builds for N-API version 3
node-pre-gyp ERR! install error
node-pre-gyp ERR! stack Error: The N-API version of this Node instance is 1. This module supports N-API version(s) 3. This Node instance cannot run this module.
node-pre-gyp ERR! stack     at Object.module.exports.validate_package_json (/usr/src/app/node_modules/node-pre-gyp/lib/util/napi.js:82:9)
node-pre-gyp ERR! stack     at validate_config (/usr/src/app/node_modules/node-pre-gyp/lib/util/versioning.js:229:10)
node-pre-gyp ERR! stack     at Object.module.exports.evaluate (/usr/src/app/node_modules/node-pre-gyp/lib/util/versioning.js:279:5)
node-pre-gyp ERR! stack     at install (/usr/src/app/node_modules/node-pre-gyp/lib/install.js:241:31)
node-pre-gyp ERR! stack     at Object.self.commands.(anonymous function) [as install] (/usr/src/app/node_modules/node-pre-gyp/lib/node-pre-gyp.js:52:37)
node-pre-gyp ERR! stack     at run (/usr/src/app/node_modules/node-pre-gyp/bin/node-pre-gyp:82:30)
node-pre-gyp ERR! stack     at Object.<anonymous> (/usr/src/app/node_modules/node-pre-gyp/bin/node-pre-gyp:134:1)
node-pre-gyp ERR! stack     at Module._compile (module.js:569:30)
node-pre-gyp ERR! stack     at Object.Module._extensions..js (module.js:580:10)
node-pre-gyp ERR! stack     at Module.load (module.js:503:32)
node-pre-gyp ERR! System Linux 4.19.104-microsoft-standard
node-pre-gyp ERR! command "/usr/local/bin/node" "/usr/src/app/node_modules/.bin/node-pre-gyp" "install" "--fallback-to-build"
node-pre-gyp ERR! cwd /usr/src/app/node_modules/bcrypt
node-pre-gyp ERR! node -v v8.2.1
node-pre-gyp ERR! node-pre-gyp -v v0.14.0
node-pre-gyp ERR! not ok
The N-API version of this Node instance is 1. This module supports N-API version(s) 3. This Node instance cannot run this module.
npm info lifecycle [email protected]~install: Failed to exec install script

@raisedadead
Copy link
Member

Hey just to be clear I'm trying to run the app within a docker container so whatever npm command you are telling me to run, I am adding to the Dockerfile. I don't think this should make a difference but maybe I should try running the app outside Docker. My problem is I already have an another app installed on my machine that requires a more recent version of node so I really think Docker is my best option.

Ah - that's probably why its been breaking for you. If you want to re-use the same machine with Node defaulting to another version, I would recommend using nvm for managing versions. You can default nvm to load the latest version like you want normally, and choose Node 8 for only the session that installs the dependencies on the MFG folder/directory:

cd mail-for-good
nvm use 8

Then follow the steps outside the container. Which will still run MFG in docker but be able to use the patch. If you look at the source for the Dockerfile it doesnt do much:

FROM node:8.2.1-onbuild
# Copying package.json and running
# npm install are automatically handled
# Add source files
COPY . .
# And then compile the frontend
RUN npm run build
CMD ["npm", "start"]
EXPOSE 8080

@raisedadead
Copy link
Member

That said, the node-gyp error might need some build tooling unlreated to MFG's code itself. This can vary depending on the OS you are on. On macOS its Xcode Commandline Tools, on ubuntu its probably build-essential or something like that.

we can dig deeper into that if it does not work for you.

@tlafargue
Copy link
Author

Thanks for taking the time to answer all my questions. So I tried installing node 8 with nvm and after successfully installing the bcrypt module outside the docker container I run into the same error during npm install inside the docker container. I'm on Ubuntu and I do have build-essential installed. After checking the bcrypt package page it says the compatibility for node 8 is >= 1.0.3 < 4.0.0. Strangely enough though I am able to install the package fine outside of docker while using node 8.

@raisedadead
Copy link
Member

Okay seems like you are getting there. Maybe instead of using the FROM node:8.2.1-onbuild you could try alpine (which will let you install deps outside). Once you do install the dependencies outside the container, you can still run the app in the container.

@tlafargue
Copy link
Author

tlafargue commented Jun 22, 2020

Tried node:8.2.1-alpine. Running into an issue because since babel-cli and other dependencies are not installed in the container, it can't run the node-babel command. Furthermore if I try adding npm install babel-cli to the Dockerfile I run into cascading errors of dependencies not being installed every time I add the error-triggering dependency to the Dockerfile.

@rezaa1
Copy link

rezaa1 commented Oct 9, 2020

I get the same error still, anyone managed to get this working:

app_1       |
app_1       | (node:38) DeprecationWarning: Using the automatically created return value from client.query as an event emitter is deprecated and will be removed in [email protected]. Please see the upgrade guide at https://node-postgres.com/guides/upgrading
app_1       | Error
app_1       |     at /usr/src/app/node_modules/passport-google-oauth20/lib/strategy.js:95:21
app_1       |     at passBackControl (/usr/src/app/node_modules/oauth/lib/oauth2.js:132:9)
app_1       |     at IncomingMessage.<anonymous> (/usr/src/app/node_modules/oauth/lib/oauth2.js:157:7)
app_1       |     at emitNone (events.js:91:20)
app_1       |     at IncomingMessage.emit (events.js:188:7)
app_1       |     at endReadableNT (_stream_readable.js:975:12)
app_1       |     at _combinedTickCallback (internal/process/next_tick.js:80:11)
app_1       |     at process._tickDomainCallback (internal/process/next_tick.js:128:9)
app_1       | Error
app_1       |     at /usr/src/app/node_modules/passport-google-oauth20/lib/strategy.js:95:21
app_1       |     at passBackControl (/usr/src/app/node_modules/oauth/lib/oauth2.js:132:9)
app_1       |     at IncomingMessage.<anonymous> (/usr/src/app/node_modules/oauth/lib/oauth2.js:157:7)
app_1       |     at emitNone (events.js:91:20)
app_1       |     at IncomingMessage.emit (events.js:188:7)
app_1       |     at endReadableNT (_stream_readable.js:975:12)
app_1       |     at _combinedTickCallback (internal/process/next_tick.js:80:11)
app_1       |     at process._tickDomainCallback (internal/process/next_tick.js:128:9)


I believe this is related to DeprecationWarning above, if some one can have a look, would be great

@isholaomotayo
Copy link

Hi @tlafargue @rezaa1

I just fixed this issue, took me the good part of today,

First is that the docker images wont work, The issue is cause d by google removing the old Google+ OAuth Method in favor of google sign-in

You will need to follow the development setup to get it working and make some modifications to the code

STEP1 follow the guide here https://github.com/freeCodeCamp/Mail-for-Good/wiki/Setup-for-development

STEP2 this repo has updated code to fix this issue https://github.com/isholaomotayo/mail-for-good?organization=isholaomotayo&organization=isholaomotayo

I am creating a pull request also
Changes include Modification of cookie middleware to express-cookie
Update of outdated packages by running npm audit fix to work with newer versions of node
Change in authentication mechanism to support newer google api

Once this is done your app should run as expected. You may also need ot enable the google people API

@raisedadead raisedadead unpinned this issue Mar 4, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
9 participants