-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Migrate from jsonwebtoken to jose to support Vercel environment #54
Comments
Hi @michaelhays As we decided, the JWT Authentication method is not support in browser environments by the security reason, and the The browser check should be handle from this point. So maybe the We will check again this issue. |
Thanks @congminh1254, though this error is actually happening server-side, not in the browser. |
Hello @michaelhays, thanks for posting an issue! Using Node.js v20.11.0 and Bun v1.0.26 I create a very simple project:
{
"name": "t2est-app",
"version": "1.0.0",
"description": "",
"type": "module",
"main": "index.js",
"scripts": {
"test": "echo \"Error: no test specified\" && exit 1"
},
"author": "",
"license": "ISC"
}
import { BoxJwtAuth, JwtConfig } from "box-typescript-sdk-gen";
const auth = new BoxJwtAuth({
config: new JwtConfig({
clientId: "YOUR_CLIENT_ID",
clientSecret: "YOUR_CLIENT_SECRET",
jwtKeyId: "YOUR_JWT_KEY_ID",
privateKey: "YOUR_PRIVATE_KEY",
privateKeyPassphrase: "PASSPHRASE",
enterpriseId: "YOUR_ENTERPRISE_ID",
}),
});
auth.retrieveToken(); When I added the SDK dependency using When trying to run the app with both Can you check if the |
Thanks for your work trying to reproduce it @mhagmajer! Yep, I'm seeing
I'm pretty sure this has to do with how the app is actually built (with Next.js, I'll try to reproduce the same error in a small project, and will share that with you here. |
Here's a project with a reproduction: https://github.com/michaelhays/box-typescript-jsonwebtoken I actually haven't deployed it to Vercel yet, but am still getting an issue when running it locally.
The old library downscopes the token successfully, the but the new library errors with:
|
Thanks @michaelhays, I was able to reproduce the problem and I'm checking why the new library fails when downscoping the token. However, the original problem regarding loading of the |
It only occurs in certain environments, like deploying to Vercel. I'll work on reproducing and testing that once we've figured out why the downscoping is failing with the |
@michaelhays, the reason you are getting const boxJwtConfig = JwtConfig.fromConfigJsonString(process.env.BOX_CONFIG);
const boxJwtAuth = new BoxJwtAuth({ config: boxJwtConfig });
boxJwtAuth.asUser(process.env.BOX_APP_USER_ID); you should do: const boxJwtConfig = JwtConfig.fromConfigJsonString(process.env.BOX_CONFIG);
const boxJwtAuth = await new BoxJwtAuth({ config: boxJwtConfig }).asUser(
process.env.BOX_APP_USER_ID
); Please notice that Using the updated code in your project, I was able to get the token correctly using both the legacy and new SDK. Thanks for providing the sample code. As per the original issue "Cannot find module 'jsonwebtoken'", I wasn't able to reproduce it. If come across a sample project&env settings that cause this problem, please reopen this issue and we'll be happy to dig into it. |
Hey @mhagmajer, thanks so much! Right you are, I made that change and it's working as expected locally :) I deployed to Vercel and am seeing the Vercel is the only environment I'm seeing the error in; it's working as expected every way I've tested locally:
A few things I've tried:
If you'd like, I'm happy to help you get this deployed on Vercel yourself -- it's quite easy, only takes a couple of minutes. (I also don't think I'm able to reopen this issue myself, so you may have to do it on your end) |
Given that we have isolated the problem to the Vercel environment and based on what I found here, I'll suggest to the team migrating our TypeScript library to the jose library which has support for more environments that |
Hi @michaelhays We have just migrate from jsonwebtoken to jose and it's working on Vercel. I will let you know when it's released. Bests, |
Hi @michaelhays New version of TS SDK is released, please try it and let us know if it's working now. Bests, |
Nice this worked!! Just updated my test project and it's working in Vercel: https://github.com/michaelhays/box-typescript-jsonwebtoken Thanks so much team! :) |
Description of the Issue
I'm seeing the following error when trying to authenticate with JWT:
This happens when trying to load
jsonwebtoken
here. I tried adding installingjsonwebtoken
to mypackage.json
file, but the error remained.My application is a Next.js app using the app router, uses
bun install
to install dependencies, and has"type": "module"
inpackage.json
. It seems like this could be a CJS vs ESM issue.This issue has existed since v0.1.8 of
box-typescript-sdk-gen
.Versions Used
Typescript SDK: v0.3.0
Platform: Node.js
Node.js: 20.11.0
The text was updated successfully, but these errors were encountered: