Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

InvalidTokenError: Failed to fetch authorization server metadata #132

Open
4 tasks done
SaiMadhav9494 opened this issue Jan 18, 2024 · 5 comments
Open
4 tasks done

InvalidTokenError: Failed to fetch authorization server metadata #132

SaiMadhav9494 opened this issue Jan 18, 2024 · 5 comments
Labels
bug Something isn't working

Comments

@SaiMadhav9494
Copy link

Checklist

  • I have looked into the Readme and Examples, and have not found a suitable solution or answer.
  • I have searched the issues and have not found a suitable solution or answer.
  • I have searched the Auth0 Community forums and have not found a suitable solution or answer.
  • I agree to the terms within the Auth0 Code of Conduct.

Description

Been using this library to validate the access tokens and recently started to get a 401 error saying Failed to fetch authorization server metadata.

As I started to dig into the library code, found out that the discovery method is failing to fetch the openid and oauth configs.

Note: I have verified my issuer url and seems to be good.

Pasting the error being thrown inside the catch block of the discover method:

AggregateError: 
    at internalConnectMultiple (node:net:1114:18)
    at internalConnectMultiple (node:net:1177:5)
    at Timeout.internalConnectMultipleTimeout (node:net:1687:3)
    at listOnTimeout (node:internal/timers:575:11)
    at processTimers (node:internal/timers:514:7) {
  code: 'ETIMEDOUT',
  [errors]: [
    Error: connect ETIMEDOUT 104.19.167.24:443
        at createConnectionError (node:net:1634:14)
        at Timeout.internalConnectMultipleTimeout (node:net:1685:38)
        at listOnTimeout (node:internal/timers:575:11)
        at processTimers (node:internal/timers:514:7) {
      errno: -110,
      code: 'ETIMEDOUT',
      syscall: 'connect',
      address: '104.19.167.24',
      port: 443
    },
    Error: connect ENETUNREACH 2606:4700::6813:a718:443 - Local (:::0)
        at internalConnectMultiple (node:net:1176:40)
        at Timeout.internalConnectMultipleTimeout (node:net:1687:3)
        at listOnTimeout (node:internal/timers:575:11)
        at processTimers (node:internal/timers:514:7) {
      errno: -101,
      code: 'ENETUNREACH',
      syscall: 'connect',
      address: '2606:4700::6813:a718',
      port: 443
    },
    Error: connect ETIMEDOUT 104.19.168.24:443
        at createConnectionError (node:net:1634:14)
        at Timeout.internalConnectMultipleTimeout (node:net:1685:38)
        at listOnTimeout (node:internal/timers:575:11)
        at processTimers (node:internal/timers:514:7) {
      errno: -110,
      code: 'ETIMEDOUT',
      syscall: 'connect',
      address: '104.19.168.24',
      port: 443
    },
    Error: connect ENETUNREACH 2606:4700::6813:a818:443 - Local (:::0)
        at internalConnectMultiple (node:net:1176:40)
        at Timeout.internalConnectMultipleTimeout (node:net:1687:3)
        at listOnTimeout (node:internal/timers:575:11)
        at processTimers (node:internal/timers:514:7) {
      errno: -101,
      code: 'ENETUNREACH',
      syscall: 'connect',
      address: '2606:4700::6813:a818',
      port: 443
    }
  ]
}

Assuming the time out (5000 ms) specified inside the fetch method is causing to fail and throw. Because when I have tried to fetch the openid configs using curl with the specific url https://{issuer_base_url}/.well-known/openid-configuration, I was able to get the configs.

Reproduction

  1. Generate an auth0 access token and append to the authorization header of the request: authorization: Bearer access_token.
  2. Use the express-oauth2-jwt-bearer library to validate the token.
import { auth as auth0 } from 'express-oauth2-jwt-bearer';
import { promisify } from 'util';

async validateAuth0Token(req: Request, res: Response) {
    const validateToken = promisify(
      auth0({
        issuerBaseURL: ISSUER_BASE_URL,
        audience: AUDIENCE,
        tokenSigningAlg: 'RS256',
      }),
    );

    await validateToken(req, res);
  }

Additional context

No response

express-oauth2-jwt-bearer version

1.6.0

Node.js version

20.10.0
@SaiMadhav9494 SaiMadhav9494 added the bug Something isn't working label Jan 18, 2024
@SaiMadhav9494
Copy link
Author

tried removing the timeoutDuration and still getting the same error.

also tried this package and getting the same error. not sure if I need to bring this up with the Auth0 community.

@abhi07sh
Copy link

abhi07sh commented Jul 4, 2024

Any solution for this ?

@walosha
Copy link

walosha commented Jul 5, 2024

same issue

@abhi07sh
Copy link

abhi07sh commented Jul 6, 2024

I solved it by setting NODE_TLS_REJECT_UNAUTHORIZED to 0

@walosha
Copy link

walosha commented Jul 6, 2024

I solved it by setting NODE_TLS_REJECT_UNAUTHORIZED to 0

just again this morning and it worked. no changes made to my app

@marchchad marchchad mentioned this issue Sep 2, 2024
Open
4 tasks
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@walosha @SaiMadhav9494 @abhi07sh