Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[oauth2client] Fixes mapping of FederatedSignonCertsResponse in verifyIdTokenAsync #211

Merged
merged 1 commit into from
Dec 20, 2017

Conversation

dropdevcoding
Copy link
Contributor

Calling verifyIdTokencurrently causes the following error:

Error: No pem found for envelope: Error: No pem found for envelope: {"alg":"RS256","kid":"0a50b51f9357c0045baa6a7c8cafbfa1604c0edb"}
at OAuth2Client.verifySignedJwtWithCerts (/root/node_modules/google-auth-library/src/auth/oauth2client.ts:670:5)
at OAuth2Client.<anonymous> (/root/node_modules/google-auth-library/src/auth/oauth2client.ts:563:24)
at OAuth2Client.<anonymous> (/root/node_modules/google-auth-library/src/auth/oauth2client.ts:563:24)
at step (/root/node_modules/google-auth-library/build/src/auth/oauth2client.js:57:23)
at Object.next (/root/node_modules/google-auth-library/build/src/auth/oauth2client.js:38:53)
at Object.next (/root/node_modules/google-auth-library/build/src/auth/oauth2client.js:38:53)
at fulfilled (/root/node_modules/google-auth-library/build/src/auth/oauth2client.js:29:58)
at <anonymous>
at <anonymous>
at process._tickDomainCallback (internal/process/next_tick.js:228:7)

since the response of getFederatedSignonCertsAsync is not properly mapped in verifyIdTokenAsync which makes the cert lookup fail in verifySignedJwtWithCerts

This small PR fixes the issue.

@googlebot
Copy link

Thanks for your pull request. It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

📝 Please visit https://cla.developers.google.com/ to sign.

Once you've signed, please reply here (e.g. I signed it!) and we'll verify. Thanks.


  • If you've already signed a CLA, it's possible we don't have your GitHub username or you're using a different email address on your commit. Check your existing CLA data and verify that your email is set on your git commits.
  • If your company signed a CLA, they designated a Point of Contact who decides which employees are authorized to participate. You may need to contact the Point of Contact for your company and ask to be added to the group of authorized contributors. If you don't know who your Point of Contact is, direct the project maintainer to go/cla#troubleshoot. The email used to register you as an authorized contributor must be the email used for the Git commit.
  • In order to pass this check, please resolve this problem and have the pull request author add another comment and the bot will run again. If the bot doesn't comment, it means it doesn't think anything has changed.

@googlebot googlebot added the cla: no This human has *not* signed the Contributor License Agreement. label Dec 20, 2017
@dropdevcoding
Copy link
Contributor Author

I signed it!

@googlebot
Copy link

CLAs look good, thanks!

@googlebot googlebot added cla: yes This human has signed the Contributor License Agreement. and removed cla: no This human has *not* signed the Contributor License Agreement. labels Dec 20, 2017
Copy link
Contributor

@JustinBeckwith JustinBeckwith left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great catch. Thanks for the fix!

@JustinBeckwith JustinBeckwith merged commit 9ba0a39 into googleapis:next Dec 20, 2017
@dropdevcoding
Copy link
Contributor Author

Welcome anytime!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
cla: yes This human has signed the Contributor License Agreement.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants