Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Failed to obtain access token using Github Authentication #492

binario200 opened this Issue Jun 6, 2016 · 1 comment


None yet
1 participant
Copy link

commented Jun 6, 2016

I got this error when Github try to authorized,
InternalOAuthError: Failed to obtain access token
at Strategy.OAuth2Strategy._createOAuthError (/home/loko/DevOps/forked/my-node-github/node_modules/passport-oauth2/lib/strategy.js:370:17)
at /home/loko/DevOps/forked/my-node-github/node_modules/passport-oauth2/lib/strategy.js:166:45
at /home/loko/DevOps/forked/my-node-github/node_modules/passport-github/lib/strategy.js:75:25
at /home/loko/DevOps/forked/my-node-github/node_modules/oauth/lib/oauth2.js:177:18
at ClientRequest. (/home/loko/DevOps/forked/my-node-github/node_modules/oauth/lib/oauth2.js:148:5)
at emitOne (events.js:96:13)
at ClientRequest.emit (events.js:188:7)
at TLSSocket.socketErrorListener (_http_client.js:306:9)
at emitOne (events.js:96:13)
at TLSSocket.emit (events.js:188:7)

I'm wondering if is because my machine is behind a corporate firewall.

This is my package.json

"name": "securehelloworld",
"version": "1.0.0",
"description": "",
"main": "server.js",
"scripts": {
"test": "echo "Error: no test specified" && exit 1"
"author": "",
"license": "ISC",
"dependencies": {
"express": "^4.13.3",
"express-session": "^1.11.3",
"passport": "^0.3.0",
"passport-github": "^1.0.0"

My server.js:

var express = require('express');
var app = express();
var passport = require('passport');
var GithubStrategy = require('passport-github').Strategy;

passport.use(new GithubStrategy({
clientID: "clienteid",
clientSecret: "secret",
callbackURL: "http://localhost:30000/auth/github/callback"
function(accessToken, refreshToken, profile, done) {
// placeholder for translating profile into your own custom user object.
// for now we will just use the profile object returned by GitHub
return done(null, profile);

// Express and Passport Session
var session = require('express-session');
app.use(session({secret: "tequilaconlimonyunpocoderon"}));

passport.serializeUser(function(user, done) {
// placeholder for custom user serialization
// null is for errors
done(null, user);

passport.deserializeUser(function(user, done) {
// placeholder for custom user deserialization.
// maybe you are getoing to get the user from mongo by id?
// null is for errors
done(null, user);

// we will call this to start the GitHub Login process
app.get('/auth/github', passport.authenticate('github'));

// GitHub will call this URL
passport.authenticate('github', { failureRedirect: '/' }),
function(req, res) {

app.get('/', function (req, res) {
var html = "


// dump the user for debugging
if (req.isAuthenticated()) {
html += "

authenticated as user:

html += "
" + JSON.stringify(req.user, null, 4) + "


app.get('/logout', function(req, res){
console.log('logging out');

// Simple route middleware to ensure user is authenticated.
// Use this route middleware on any resource that needs to be protected. If
// the request is authenticated (typically via a persistent login session),
// the request will proceed. Otherwise, the user will be redirected to the
// login page.
function ensureAuthenticated(req, res, next) {
if (req.isAuthenticated()) { return next(); }

app.get('/protected', ensureAuthenticated, function(req, res) {
res.send("acess granted");

var server = app.listen(30000, function () {
console.log('Example app listening at http://%s:%s',
server.address().address, server.address().port);


This comment has been minimized.

Copy link

commented Jun 8, 2016

Hi, just to let you know the workarround that I used to run this code within a corporate firewall, (in general any code behind a firewall brings some headaches)

The thing is that oauth2.js does not take in consideration the proxy environment variables when it performed the requests. Blocking the web app to get authenticated (receive the access token and the github user info)

You can check the workaround here

@binario200 binario200 closed this Jun 8, 2016

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.