Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

expired jwt token is throwing HttpException when using sockets #14

Closed
alfredvaa opened this issue Jul 28, 2018 · 2 comments
Closed

expired jwt token is throwing HttpException when using sockets #14

alfredvaa opened this issue Jul 28, 2018 · 2 comments
Labels
question Further information is requested

Comments

@alfredvaa
Copy link

I'm submitting a...


[ ] Regression 
[x] Bug report
[ ] Feature request
[x] Documentation issue or request
[ ] Support request => Please do not submit support request here, instead post your question on Stack Overflow.

Current behavior

I am using guards in a Gateway, and together with that, the passport jwt strategy from the documentation example.

Using a custom extractor I am able to send the jwt as a query parameter with the initial socket request to be authenticated:

const fromSocketQueryParameter = (request) => {
  const rawUrl = request.url || request.handshake.url;
  let token = null;
  const parsed_url = url.parse(rawUrl, true);

  if (parsed_url.query && Object.prototype.hasOwnProperty.call(parsed_url.query, 'token')) {
    token = parsed_url.query['token'];
  }
  return token;
}

There is a problem when the token has expired which is that UnauthorizedException is thrown within @nestjs/passport/options.js and that one is extending HttpException. This causes an internal server error to be visible to the client because in @nestjs/websockets all errors that are not WsExceptions is returning internal server error.

Expected behavior

Is it possible to override or catch the error thrown when the jwt token is not valid? I would like to throw a WsException instead.

It would also be useful if this could be handled in the validate action within the strategy, but that one seems to be called after the actual verification of the jwt token, meaning that the error has already been thrown.

Minimal reproduction of the problem with instructions

What is the motivation / use case for changing the behavior?

It is not possible to handle expired access when using sockets, which it should be.

Environment


Nest version: 5.1.0

 
For Tooling issues:
- Node version: 10.6.0  
- Platform: Mac, Ubuntu  

Others:
@kamilmysliwiec kamilmysliwiec added the question Further information is requested label Aug 31, 2018
@kamilmysliwiec
Copy link
Member

See here: https://docs.nestjs.com/techniques/authentication (Inheritance chapter).
You should be able to extend default implementation, override handleRequest() method and throw an expected error easily.

@alfredvaa
Copy link
Author

handleRequest is not called, is that supposed to be? I just took the exact same code as in the article you referred to, and using the guard like this: @UseGuards(JwtAuthGuard)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@alfredvaa @kamilmysliwiec