Axios cookiejar support error

[dsebastien]

Describe the problem

I'm currently trying to integrate Auth0 with my NestJS application. While following one of the tutorials, I've created a Passport strategy to handle JWT tokens.

That strategy uses jwks-rsa and the passportJwtSecret function. I've pointed it to the jwks.json file on my Auth0 tenant, but at runtime it seems to fail to retrieve the JWKS file.

It fails with this error:

 +6681ms
  jwks Requests to the JWKS endpoint available for the next minute: 4 +7s
  jwks Fetching signing key for '...' +0ms
  jwks Fetching keys from '...' +0ms

/home/sebastien/wks/didowi/node_modules/axios-cookiejar-support/lib/index.js:58
    const mergedConfig = mergeConfig(_defaults.default, mergeConfig(this.defaults, config));
                                                                         ^
TypeError: Cannot read property 'defaults' of undefined
    at request (/home/sebastien/wks/didowi/node_modules/axios-cookiejar-support/lib/index.js:58:74)
    at exports.default (/home/sebastien/wks/didowi/node_modules/jwks-rsa/lib/wrappers/request.js:33:22)
    at JwksClient.getKeys (/home/sebastien/wks/didowi/node_modules/jwks-rsa/lib/JwksClient.js:107:29)
    at JwksClient.getSigningKeys (/home/sebastien/wks/didowi/node_modules/jwks-rsa/lib/JwksClient.js:133:12)
    at JwksClient.getSigningKey (/home/sebastien/wks/didowi/node_modules/jwks-rsa/lib/JwksClient.js:44:13)
    at /home/sebastien/wks/didowi/node_modules/jwks-rsa/lib/wrappers/rateLimit.js:29:16
    at afterTokensRemoved (/home/sebastien/wks/didowi/node_modules/limiter/lib/rateLimiter.js:87:7)
    at processTicksAndRejections (internal/process/task_queues.js:76:11)

Apparently it's due to an issue between axios-cookiejar-support & Axios, which I don't really understand.

I'm posting the issue here because I don't know where to start looking, and my use case is about JWKS and not Axios. I looked at the issue trackers of both projects and couldn't find any similar issue there.

I've tried adding both axios & axios-cookiejar-support to my package.json file, but it didn't help.

What was the expected behavior?

No error ;-)

Reproduction

It's hard for me to provide a reproduction at this point. I hope that the description will suffice.

Environment

• Version of this library used: 1.12.2
• Which framework are you using, if applicable: NestJS
• Other modules/plugins/libraries that might be involved: axios 0.21.1, axios-cookiejar-support 1.0.1
• Any other relevant information you think would be useful:

[dsebastien]

I can reproduce the issue in my main.ts if I use the same approach as you here: https://github.com/auth0/node-jwks-rsa/blob/master/src/wrappers/request.js#L6

That is, simply importing request from axios:

import { request } from "axios";
request({
  url: "https://www.google.be",
}).then(r => console.log(r));

Also fails with:

/home/sebastien/wks/didowi/node_modules/axios-cookiejar-support/lib/index.js:58
    const mergedConfig = mergeConfig(_defaults.default, mergeConfig(this.defaults, config));
                                                                         ^
TypeError: Cannot read property 'defaults' of undefined
    at request (/home/sebastien/wks/didowi/node_modules/axios-cookiejar-support/lib/index.js:58:74)
    at Module../apps/gate/src/main.ts (/home/sebastien/wks/didowi/dist/apps/gate/webpack:/apps/gate/src/main.ts:50:8)
    at __webpack_require__ (/home/sebastien/wks/didowi/dist/apps/gate/webpack:/webpack/bootstrap:19:1)
    at Object.0 (/home/sebastien/wks/didowi/dist/apps/gate/main.js:29245:18)
    at __webpack_require__ (/home/sebastien/wks/didowi/dist/apps/gate/webpack:/webpack/bootstrap:19:1)
    at /home/sebastien/wks/didowi/dist/apps/gate/webpack:/webpack/bootstrap:83:1
    at Object.<anonymous> (/home/sebastien/wks/didowi/dist/apps/gate/main.js:87:10)
    at Module._compile (internal/modules/cjs/loader.js:955:30)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:991:10)
    at Module.load (internal/modules/cjs/loader.js:811:32)

If I instead do the following, then it works fine:

const axios = require('axios').default;

axios.request({
  url: "https://www.google.be",
}).then(r => console.log(r));

It seems related to be the (new?) idiomatic way to use Axios: https://github.com/axios/axios#note-commonjs-usage.
Don't ask me more, I'm not using Axios directly :)

[dsebastien]

I think that I've understood where this is coming from. In my app, I use nano, which has recently switched to Axios and has added cookie support through axios-cookiejar-support. Unfortunately, this causes side-effects.

I think that the axios-cookiejar-support library shouldn't crash and burn, so node-jwks-rsa wouldn't need to change. Meanwhile, it might be useful for this library to use the idiomatic way to use Axios so that app-specific customizations are taken into account.

[davidpatrick]

@dsebastien thanks for the investigation and the PR. We want to move away from axios, and any specific request library, and instead use node internals, while allowing for consumers of the library to completely replace how the request is made with a fetcher option. I've raised a PR for it here #218

We could patch 1.x with your PR #216, but let me know if you find it necessary.

[dsebastien]

Good to know; it seems like a good move forward.

I'm stuck with this issue at the moment, so I've locally worked around the issue by modifying the code under node modules. If you could release a minor version with the PR that I've sent, it would be great & would allow me to move forward, while waiting for #218 to land and a larger release to come out.

[houssembenarbia]

Hello @davidpatrick , I had the same problem as dsebastien with the same environment and I am stuck. it will be great if i can have the patch for the suggested solution please.

[davidpatrick]

Hey @houssembenarbia, I'll be releasing a new 1.x patch today. Thanks for raising