OAuth fails after update

[boostie]

Steps to reproduce

Dear community, I will try to put as much information as possible. I had configured google authentication and recently updated modules after which the Google configured authentication works on the local machine, but does not work on the cloud server running a single (which is a key here) kubernetes node and exposed via the service. Prior to the upgrade, the authentication worked as expected.

Expected behavior

The authentication callback is executed with google data, user created within the database, JWT token received.

Actual behavior

The actual behavior which happens only on the cloud environment is that the google authentication comes back to the callback uri, but the authenticated user is not created via the "users" service by feathers. In addition, there is a missing, there is a weird log message with "undefined.create" within the 'authentication-oauth' module, but even with that issue the local environment create the user correctly. The following is debug output of the local system which passed the authentication and acts as expected:

@feathersjs/authentication/base Strategies parsing HTTP header for authentication information [ 'jwt', 'local' ] +231ms
express:router session : /oauth/google/authenticate +1ms
express-session fetching Tf82ZhBH00zhvBx8GF_89PvIIh7VMGKH +17ms
express-session session found +2ms
express:router trim prefix (/oauth) from url /oauth/google/authenticate +3ms
express:router mounted_app /oauth : /oauth/google/authenticate +0ms
express:router dispatching GET /google/authenticate +6ms
express:router query : /oauth/google/authenticate +0ms
express:router expressInit : /oauth/google/authenticate +1ms
express:router session : /oauth/google/authenticate +0ms
@feathersjs/authentication-oauth/express Calling undefined.create authentication with strategy google +0ms
@feathersjs/authentication/base Running authenticate for strategy google [ 'google' ] +16ms
@feathersjs/authentication-oauth/strategy getProfile of oAuth profile from grant-profile with { ... }
@feathersjs/authentication-oauth/strategy findEntity with query { googleId: 'XXX' } +131ms
@feathersjs/authentication/hooks/authenticate Running authenticate hook on 'users' +0ms
@feathersjs/authentication-oauth/strategy findEntity returning null +16ms
@feathersjs/authentication-oauth/strategy authenticate with (existing) entity null +0ms
@feathersjs/authentication-oauth/strategy createEntity with data { ... }

As you can see after receiving the google response, the system tries to find the user and then create a new one via the provided service.

The following is the debug message from the cloud server.

Fri, 24 Apr 2020 11:50:37 GMT express-session fetching 5pirGL0TKATVbJLMQBNt71_mD948zVuK
Fri, 24 Apr 2020 11:50:37 GMT express-session session found
Fri, 24 Apr 2020 11:50:37 GMT express:router trim prefix (/oauth) from url /oauth/google/authenticate
Fri, 24 Apr 2020 11:50:37 GMT express:router mounted_app /oauth : /oauth/google/authenticate
Fri, 24 Apr 2020 11:50:37 GMT express:router dispatching GET /google/authenticate
Fri, 24 Apr 2020 11:50:37 GMT express:router query : /oauth/google/authenticate
Fri, 24 Apr 2020 11:50:37 GMT express:router expressInit : /oauth/google/authenticate
Fri, 24 Apr 2020 11:50:37 GMT express:router session : /oauth/google/authenticate
2020-04-24T11:50:37.137Z @feathersjs/authentication-oauth/express Calling undefined.create authentication with strategy google
2020-04-24T11:50:37.140Z @feathersjs/authentication/base Running authenticate for strategy google [ 'google' ]
2020-04-24T11:50:37.141Z @feathersjs/authentication-oauth/strategy getProfile of oAuth profile from grant-profile with { ... }
2020-04-24T11:50:37.213Z @feathersjs/authentication-oauth/strategy findEntity with query { googleId: 'XXX' }
2020-04-24T11:50:37.214Z @feathersjs/authentication/hooks/authenticate Running authenticate hook on 'users'
ERROR There is no current user to associate.

The error about comes from queryWithCurrentUser, but I cannot understand why the same flow as it seems works normally on one environment vs. enough. What i have found through additional debugging is that the following information comes in to this hook. The reason I have this hook within find() is to prevent users from searching for others, but maybe this is not what I should be using.

{ authStrategies: [ 'google' ],
  authentication: null,
  executionTimeStart: 1587731021739,
  authenticated: true,
  query: { googleId: '...' } }

Prior to me updating, the following hooks on the find method of users entity worked.

authenticate('jwt'),
queryWithCurrentUser({
idField: 'id',
as: 'id'
})

One thing I still cannot understand is why in the hell it was working locally and not working on the cloud server. And now I am stuck because it seems this problem is a bit deeper than I understand it or there is something I have missed.

System configuration

Tell us about the applicable parts of your setup.

Module versions (especially the part that's not working):

NodeJS version:

node version 10.20.1
feathers package versions:

"@feathersjs/authentication": "^4.3.5",
"@feathersjs/authentication-local": "^4.3.5",
"@feathersjs/authentication-oauth": "^4.3.5",
"@feathersjs/client": "^3.7.3",
"@feathersjs/configuration": "^4.3.4",
"@feathersjs/errors": "^4.3.4",
"@feathersjs/express": "^4.3.5",
"@feathersjs/feathers": "^4.3.11",
"@feathersjs/rest-client": "^4.3.11",
"@feathersjs/socketio": "^4.3.5",

Operating System:
Ubuntu 18

[boostie]

So this started to work with only authenticate('jwt') on find hook of users, but...this should not be this way because we need to be able to restrict only to self user.

[daffl]

This is a bug in the latest version 4.5.3, tracked in #1926 (see #1886 for discussion) which will be addressed shortly.

[boostie]

Thanks