Implemented basic setup of node-oidc-provider from this github example with mongo adapter.
When deployed under a https it got worked earlier, however when tried to deploy the same code in a different server, getting the error for token endpoint request.
added listener to provider and attached logs too.
provider.addListener('server_error', (etx, error) => {
console.error(JSON.stringify(error, null, 2));
});
{
"request": {
"method": "POST",
"url": "/token",
"header": {
"host": "--hosted app url--",
"x-forwarded-proto": "https",
"x-real-ip": "--private-ip--",
"x-forwarded-for": "--private-ip--",
"connection": "close",
"content-length": "311",
"sec-ch-ua": "\"Not A(Brand\";v=\"99\", \"Google Chrome\";v=\"121\", \"Chromium\";v=\"121\"",
"accept": "application/json",
"content-type": "application/x-www-form-urlencoded",
"sec-ch-ua-mobile": "?0",
"user-agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36",
"sec-ch-ua-platform": "\"macOS\"",
"origin": "--requested web app url--",
"sec-fetch-site": "same-site",
"sec-fetch-mode": "cors",
"sec-fetch-dest": "empty",
"referer": "--requested web app url--",
"accept-encoding": "gzip, deflate, br",
"accept-language": "en-GB,en-US;q=0.9,en;q=0.8"
}
},
"response": {
"status": 500,
"message": "Internal Server Error",
"header": {
"content-security-policy": "default-src 'self';base-uri 'self';font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests",
"cross-origin-embedder-policy": "require-corp",
"cross-origin-opener-policy": "same-origin",
"cross-origin-resource-policy": "*",
"x-dns-prefetch-control": "off",
"x-frame-options": "SAMEORIGIN",
"strict-transport-security": "max-age=15552000; includeSubDomains",
"x-download-options": "noopen",
"x-content-type-options": "nosniff",
"origin-agent-cluster": "?1",
"x-permitted-cross-domain-policies": "none",
"referrer-policy": "no-referrer",
"x-xss-protection": "0",
"vary": "Origin",
"access-control-allow-origin": "--requested web app url--",
"access-control-allow-credentials": "true",
"cache-control": "no-store",
"content-type": "application/json; charset=utf-8"
}
},
"app": {
"subdomainOffset": 2,
"proxy": true,
"env": "production"
},
"originalUrl": "/token",
"req": "<original node req>",
"res": "<original node res>",
"socket": "<original node socket>"
}
In the existing server sometimes we are getting
MongoServerError: E11000 duplicate key error collection: basemodels index: payload.grantId_1 dup key: { payload.grantId: "F5DIll55oARfHVxRdgoUWFFe8XbQQ0H8_FijtT3KB9_" }
keyPattern: { 'payload.grantId': 1 },
keyValue: { 'payload.grantId': 'F5DIll55oARfHVxRdgoUWFFe8XbQQ0H8_FijtT3KB9_' },
Error [ERR_HTTP_HEADERS_SENT]: Cannot set headers after they are sent to the client
at new NodeError (node:internal/errors:405:5)
at ServerResponse.setHeader (node:_http_outgoing:648:11)
at Cookies.set (/app/node_modules/cookies/index.js:148:13)
at ContextSession.save (/app/node_modules/koa-session/lib/context.js:341:22)
at ContextSession.commit (/app/node_modules/koa-session/lib/context.js:244:16)
at session (/app/node_modules/koa-session/index.js:46:20)
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
at async cors (/app/node_modules/@koa/cors/index.js:61:32)
Please let me know if I missed anything.