Giters

pelith / node-eauth-server

An OAuth-compatiable service based on Ethereum credentials to authenticate users on a website. See live version at https://eauth.pelith.com/ https://forum.hakka.finance

Home Page:https://eauth.app

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

MediaWiki OAuth2 Client: Server error: `accessTokenExpiresAt` must be a Date instance

rht opened this issue · comments

commented

Thank you for building such a featureful Ethereum provider!

I'm trying to set up eauth as a provider for my MediaWiki instance, using: https://www.mediawiki.org/wiki/Extension:OAuth2_Client.

Relevant configuration on the LocalSettings.php


$wgOAuth2Client['configuration']['authorize_endpoint']     = 'http://localhost:8080/oauth/authorize'; // Authorization URL
$wgOAuth2Client['configuration']['access_token_endpoint']  = 'http://localhost:8080/oauth/token'; // Token URL
$wgOAuth2Client['configuration']['api_endpoint']           = 'http://localhost:8080/oauth/user'; // URL to fetch user JSON
$wgOAuth2Client['configuration']['redirect_uri']           = 'http://localhost:9352/index.php/Special:OAuth2Client/callback'; // URL for OAuth2 server to redirect to

$wgOAuth2Client['configuration']['username'] = 'address'; // JSON path to username

I tried to do the signing with the metamask, but I got error during the GET for /oauth/user with this error:

server_error: Server error: `accessTokenExpiresAt` must be a Date instance
    at new ServerError (/var/www/html/extensions/DataAccounting/node-eauth-server/node_modules/oauth2-server/lib/errors/server-error.js:25:14)
    at AuthenticateHandler.validateAccessToken (/var/www/html/extensions/DataAccounting/node-eauth-server/node_modules/oauth2-server/lib/handlers/authenticate-handler.js:220:11)
    at AuthenticateHandler.<anonymous> (/var/www/html/extensions/DataAccounting/node-eauth-server/node_modules/oauth2-server/lib/handlers/authenticate-handler.js:74:19)
    at PassThroughHandlerContext.finallyHandler (/var/www/html/extensions/DataAccounting/node-eauth-server/node_modules/bluebird/js/release/finally.js:57:23)
    at PassThroughHandlerContext.tryCatcher (/var/www/html/extensions/DataAccounting/node-eauth-server/node_modules/bluebird/js/release/util.js:16:23)
    at Promise._settlePromiseFromHandler (/var/www/html/extensions/DataAccounting/node-eauth-server/node_modules/bluebird/js/release/promise.js:547:31)
    at Promise._settlePromise (/var/www/html/extensions/DataAccounting/node-eauth-server/node_modules/bluebird/js/release/promise.js:604:18)
    at Promise._settlePromise0 (/var/www/html/extensions/DataAccounting/node-eauth-server/node_modules/bluebird/js/release/promise.js:649:10)
    at Promise._settlePromises (/var/www/html/extensions/DataAccounting/node-eauth-server/node_modules/bluebird/js/release/promise.js:729:18)
    at _drainQueueStep (/var/www/html/extensions/DataAccounting/node-eauth-server/node_modules/bluebird/js/release/async.js:93:12)
    at _drainQueue (/var/www/html/extensions/DataAccounting/node-eauth-server/node_modules/bluebird/js/release/async.js:86:9)
    at Async._drainQueues (/var/www/html/extensions/DataAccounting/node-eauth-server/node_modules/bluebird/js/release/async.js:102:5)
    at Immediate.Async.drainQueues [as _onImmediate] (/var/www/html/extensions/DataAccounting/node-eauth-server/node_modules/bluebird/js/release/async.js:15:14)
    at processImmediate (node:internal/timers:464:21) {
  statusCode: 503,
  status: 503,
  code: 503
}

Is this because I am using sqlite as the sequelize dialect, and so the date is not initialized properly? Or is it a problem with the MediaWiki OAuth2 client?

For extra information, here is the output of the access token select

sqlite> SELECT `OAuthAccessToken`.`id`, `OAuthAccessToken`.`access_token` AS `accessToken`, `OAuthAccessToken`.`expires` AS `accessTokenExpiresAt`, `OAuthAccessToken`.`scope`, `User`.`id` AS `User.id`, `User`.`address` AS `User.address`, `OAuthClient`.`id` AS `OAuthClient.id`, `OAuthClient`.`name` AS `OAuthClient.name`, `OAuthClient`.`client_id` AS `OAuthClient.client_id`, `OAuthClient`.`client_secret` AS `OAuthClient.client_secret`, `OAuthClient`.`redirect_uri` AS `OAuthClient.redirect_uri`, `OAuthClient`.`grant_types` AS `OAuthClient.grant_types`, `OAuthClient`.`scope` AS `OAuthClient.scope`, `OAuthClient`.`user_id` AS `OAuthClient.user_id` FROM `oauth_access_tokens` AS `OAuthAccessToken` LEFT OUTER JOIN `user` AS `User` ON `OAuthAccessToken`.`user_id` = `User`.`id` LEFT OUTER JOIN `oauth_clients` AS `OAuthClient` ON `OAuthAccessToken`.`client_id` = `OAuthClient`.`id` WHERE `OAuthAccessToken`.`access_token` = 'c0a0497503f64f5e68a3500a55f9d2063668db54' LIMIT 1;
1|c0a0497503f64f5e68a3500a55f9d2063668db54|2021-08-29 10:29:13.724 +00:00|openid email profile|1|0xREDACTEDOFCOURSE|1||pkc|pkc|http://localhost:9352/index.php/Special:OAuth2Client/callback|||
commented

I fixed it! After

node-eauth-server/components/oauth/oauth_models.js

Line 121 in 3e94ee8

var token = accessToken.toJSON();
, I added

      token.accessTokenExpiresAt = new Date(token.accessTokenExpiresAt);

Do you think this is a general solution? Should I make a PR for this?

commented

Ping @hung-pelith @Gilg4mesh (sorry to ping you; just to make sure you see this issue). It would be great if you agree on the fix, so that I can use your updated Docker image.

commented

PR welcome,
I'll review it(#17) today to make sure the time format is correct.

commented

SQLite stores Datetime as strings, so it caused the format error.
Thanks for your pull request.

commented

The Docker image is currently updated.

commented

Thank you for the review and the Docker image update! I see, right, I was using Sqlite3 to make it easier to test the system. But with the Docker image, I can use docker-compose to have a Docker-only MariaDB instance.