Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

POST Initial grant request throws 500 #699

Closed
sabineschaller opened this issue Oct 27, 2022 · 6 comments
Closed

POST Initial grant request throws 500 #699

sabineschaller opened this issue Oct 27, 2022 · 6 comments
Labels
pkg: auth Changes in the GNAP auth package. type: bug Something isn't working

Comments

@sabineschaller
Copy link
Member

In local dev setup

POST http://localhost:3006/

with body

{
    "access_token": {
        "access": [
            {
                "type": "incoming-payment",
                "actions": [
                    "create", "read", "list", "complete"
                ]
            }
        ]
    },
    "client": {
        "display": {
            "name": "Timon",
            "uri": "https://example.com"
        },
        "key": {
            "proof": "httpsig",
            "jwk": {
                "alg": "EdDSA",
                "kty": "OKP",
                "use": "sig",
                "crv": "Ed25519",
                "kid": "http://fynbos/keys/12345",
                "x": "test-public-key"
            }
        }
    },
    "interact": {
        "start": [
            "redirect"
        ],
        "finish": {
            "method": "redirect",
            "uri": "http://example.org",
            "nonce": "123"
        }
    }
}

throws 500:

  InternalServerError: response must be null
      at Object.throw (/workspace/node_modules/.pnpm/koa@2.13.4/node_modules/koa/lib/context.js:97:11)
      at /workspace/packages/openapi/dist/middleware.js:22:22
      at processTicksAndRejections (node:internal/process/task_queues:96:5)
      at async bodyParser (/workspace/node_modules/.pnpm/koa-bodyparser@4.3.0/node_modules/koa-bodyparser/index.js:95:5)
      at async session (/workspace/node_modules/.pnpm/koa-session@6.2.0/node_modules/koa-session/index.js:41:7)
@sabineschaller sabineschaller added type: bug Something isn't working pkg: auth Changes in the GNAP auth package. labels Oct 27, 2022
@sabineschaller sabineschaller changed the title Initial grant request throws 500 POST Initial grant request throws 500 Oct 27, 2022
@njlie
Copy link
Contributor

njlie commented Oct 27, 2022

What version of OpenAPI (or what commit of the AS) was this tried on? I have it working on this branch that's pending a merge: https://github.com/interledger/rafiki/tree/nl-use-split-openapi

@sabineschaller
Copy link
Member Author

I tried on main.

@sabineschaller
Copy link
Member Author

I just also tried on your branch but it had the same result

 sabine@Spike  ~/git/coil/rafiki   nl-use-split-openapi  docker logs local-auth-1                                                                                                        1 ↵  3392  20:38:17
{"level":30,"time":1666924659034,"pid":1,"hostname":"863724ce11b1","msg":"creating knex"}
{"level":30,"time":1666924661871,"pid":1,"hostname":"863724ce11b1","msg":"Auth server listening on 3006"}

  InternalServerError: response must be null
      at Object.throw (/workspace/node_modules/.pnpm/koa@2.13.4/node_modules/koa/lib/context.js:97:11)
      at /workspace/packages/openapi/dist/middleware.js:22:22
      at processTicksAndRejections (node:internal/process/task_queues:96:5)
      at async bodyParser (/workspace/node_modules/.pnpm/koa-bodyparser@4.3.0/node_modules/koa-bodyparser/index.js:95:5)
      at async session (/workspace/node_modules/.pnpm/koa-session@6.2.0/node_modules/koa-session/index.js:41:7)

Is something wrong with my grant request? It shouldn't given that error message but I just wanted to make sure.

@njlie
Copy link
Contributor

njlie commented Oct 28, 2022
edited
Loading

I tried this using your grant request. The only things I changed where:

  • client.key.jwk.kid: To localhost so it would point to my mock account provider
  • client.key.jwk.x: To the public key I was using to sign signatures.

I also had to generate signatures to sign the request.

It might be failing httpsig validation. If it got an expected status code, but expects a null body, then it was likely returning a 400 which can be thrown in the signature verification middleware. The only place where it gets thrown in the actual business logic for grant initiation would be if interact is missing in the body, which doesn't look like is the case here.

@wilsonianb
Copy link
Contributor

wilsonianb commented Oct 28, 2022
edited
Loading

I'm seeing that error (in postman with Signature/Signature-Input headers as TODO).
Logging (added here) shows the response as:

local-auth-1          | {
local-auth-1          |   status: 400,
local-auth-1          |   message: 'Bad Request',
local-auth-1          |   header: [Object: null prototype] {
local-auth-1          |     'content-type': 'application/json; charset=utf-8'
local-auth-1          |   },
local-auth-1          |   body: { error: 'invalid_request', message: 'invalid signature headers' }
local-auth-1          | }

Should the OpenAPI spec be updated with such error response bodies for 400?
https://github.com/interledger/open-payments/blob/1e3e118d8b22c5d2942f972e28ebf0f0114d04f5/openapi/auth-server.yaml#L75-L76

@matdehaast matdehaast mentioned this issue Nov 7, 2022
Closed
@wilsonianb wilsonianb mentioned this issue Nov 10, 2022
Open
@sabineschaller
Copy link
Member Author

Fixed:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
pkg: auth Changes in the GNAP auth package. type: bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@wilsonianb @sabineschaller @njlie