Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Call resolve on error #18

Closed
apiel opened this issue Sep 5, 2018 · 12 comments
Closed

Call resolve on error #18

apiel opened this issue Sep 5, 2018 · 12 comments
Labels
needs clarification

Comments

@apiel
Copy link

apiel commented Sep 5, 2018

passport/lib/auth.guard.ts

Line 86 in e9d1766

})(request, response, resolve) 

        const createPassportContext = (request, response) => (type, options, callback) => new Promise((resolve, reject) => passport.authenticate(type, options, (err, user, info) => {
            try {
                request.authInfo = info;
                return resolve(callback(err, user, info));
            }
            catch (err) {
                reject(err);
            }
        })(request, response, resolve));

https://github.com/jaredhanson/passport/blob/2327a36e7c005ccc7134ad157b2f258b57aa0912/lib/middleware/authenticate.js#L186

Here authenticate call "next" to trigger an error, but we provide "resolve" as "next" parameter. Shouldn't error call reject?

At least for me it's an issue. I follow the tutorial https://docs.nestjs.com/techniques/authentication and I don't get the 401 Unauthorized.
@apiel
Copy link
Author

apiel commented Sep 5, 2018

Maybe something like this:

const createPassportContext = (request, response) => (type, options, callback) => new Promise((resolve, reject) => {
    const next = (value) => {
        console.log('here we go', value);
        return value instanceof Error ? reject(value) : resolve(value);
    }
    return passport.authenticate(type, options, (err, user, info) => {
        try {
            request.authInfo = info;
            return resolve(callback(err, user, info));
        }
        catch (err) {
            reject(err);
        }
    })(request, response, next)
});

When I do this I get a 500 error, that make much more sense...

@kamilmysliwiec
Copy link
Member

Please, provide a repository which reproduces your issue.
And resolve has to be used, it's not an issue.

@apiel
Copy link
Author

apiel commented Sep 5, 2018

Simply follow this tutorial https://docs.nestjs.com/techniques/authentication step by step :-D

@apiel
Copy link
Author

apiel commented Sep 5, 2018
edited

but actually, you can also try there https://github.com/apiel/wudo
cd backend && yarn && yarn start

http://localhost:3000/users

You will get the response [1234] when you should not be authorize

@romandecker
Copy link

I think the problem is that when you put an unknown strategy into AuthGuard (e.g. @UseGuards(AuthGuard('whatever'))) it won't complain.

@kamilmysliwiec
Copy link
Member

I just pulled your repo and everything works well. I'm getting 401 when the token is not passed through the network, same as expected.

@apiel
Copy link
Author

apiel commented Sep 9, 2018

Yes because in the mid-time, I have been working on it... As @DEX3 described, change @UseGuards(AuthGuard('bearer'))) to @UseGuards(AuthGuard('whatever'))) you will then get no error and have access to the entry point.

Also, can you explain me why you are resolving error? Shouldn't error be rejected in a promise?

https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Promise#Parameters

executor
A function that is passed with the arguments resolve and reject. The executor function is executed immediately by the Promise implementation, passing resolve and reject functions (the executor is called before the Promise constructor even returns the created object). The resolve and reject functions, when called, resolve or reject the promise, respectively. The executor normally initiates some asynchronous work, and then, once that completes, either calls the resolve function to resolve the promise or else rejects it if an error occurred. If an error is thrown in the executor function, the promise is rejected. The return value of the executor is ignored.

@kamilmysliwiec
Copy link
Member

change @UseGuards(AuthGuard('bearer'))) to @UseGuards(AuthGuard('whatever'))) you will then get no error and have access to the entry point

The responsibility for checking whether a strategy exists belongs to passport library (that's why we cannot detect it earlier).

Also, can you explain me why you are resolving error? Shouldn't error be rejected in a promise?

Because the resolved value is eventually passed to the handleRequest method anyway. See:

passport/lib/auth.guard.ts

Line 62 in e9d1766

handleRequest(err, user, info): TUser {

@apiel
Copy link
Author

apiel commented Sep 9, 2018

If I remember correctly, resolve(new error...) is called before handleRequest and handleRequest is not called. You should really try to replace @UseGuards(AuthGuard('bearer'))) to @UseGuards(AuthGuard('whatever'))) , you will understand.

@kamilmysliwiec
Copy link
Member

You're absolutely right! Thank you for pointing me at this issue :) Fixed in 5.0.2

@cojack
Copy link

cojack commented Jan 12, 2019

Close it ;)

@kfrajtak
Copy link

kfrajtak commented Mar 5, 2019

Hi. Was this really fixed? I have followed the guide and got the same error, I am using Nest 5.8.0.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
needs clarification
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@cojack @romandecker @kfrajtak @apiel @kamilmysliwiec