Node.js hostname/IP doesnt match certificates altnames - javascript

I'm writing some node code to do a server side login to Facebook. I'm pretty close to having it completely functioning, but I am having troubles requesting the auth_code.
I'm thinking it might have something to do with the facebook app setting Site URL but nothing I've tried has worked.
I'm using node version 0.8.14.
Here is the code I do my request in:
options =
host: 'graph.facebook.com'
port: 443
path: "/oauth/access_token?" + qs.stringify(
client_id: app_id
redirect_uri: my_url
client_secret: app_secret
code: vars.code)
https.get(options, (face_res)->
console.log face_res
)
In the face_res I get a couple of objects like this:
authorizationError: 'Hostname/IP doesn\'t match certificate\'s altnames'
Any help is greatly appreciated

Ok funny thing is the error I was getting was completely irrelevant. As soon as I added a request.on("data", function(data){}) event listener I was able to see that I was receiving the auth_token as expected.

Related

How can I debug Stanza.js Authentication?

I'm currently attempting to setup an XMPP client using Stanza.js
https://github.com/legastero/stanza
I have a working server that accepts connections from a Gajim client, however when attempting to connect using Stanza.js client.connect method, the server opens up a websocket connection, but no events for authentication, or session started ever fire.
The server logs do not show any plaintext password authentication attempts.
How can I actually see any of the stanza logs to debug this issue?
import * as XMPP from 'stanza';
const config = { credentials: {jid: '[jid]', password: '[password]'}, transports: {websocket: '[socketurl]', bosh: false} };
const client = XMPP.createClient(config)
client.on('raw:*', (data) => {
console.log('data', data)
})
client.connect();
onconnect event does fire, but this is the only event that fires.
Is there a way to manually trigger authentication that isn't expressed in the documentation?
The raw event handler should be able to give you the logging you want - but in your code sample, you are invoking it incorrectly. Try the following.
client.on('raw:*', (direction, data) => {
console.log(direction, data)
})
For reference, the docs state that the callback for the raw data event handler is
(direction: incoming | outgoing, data: string) => void
So the data that you are looking for is in the second argument, but your callback only has one argument (just the direction string "incoming" or "outgoing", although you have named the argument "data").
Once you fix the logging I expect you will see the stream immediately terminates with a stream error. Your config is incorrect. The jid and password should be top level fields. Review the stanza sample code. For the options to createClient - there is no credentials object. Try the following:
const config = { jid: '[jid]', password: '[password]', transports: {websocket: '[socketurl]', bosh: false} };
Since your username and password are hidden behind an incorrect credentials object, stanza.io does not see them and you are effectively trying to connect with no username and password so no authentication is even attempted.
This issue happened to be caused by a configuration problem.
The jabber server was using plain authentication.
Adding an additional line to the client definition file helped.
Also adding
client.on('*', console.log)
offered more complete server logs.
client.sasl.disable('X-OAUTH2')
How can I actually see any of the stanza logs to debug this issue?
If the connection is not encrypted, you can sniff the XMPP traffic with tools like
sudo tcpflow -i lo -Cg port 5222
You can force ejabberd to not allow encryption, so your clients don't use that, and you can read the network traffic.
Alternatively, in ejabbed.yml you can set this, but probably it will generate a lot of log messages:
loglevel: debug

iisnode encountered an error when processing the request. HRESULT: 0x6d HTTP status: 500 HTTP subStatus: 1013

I'm developing a webapp using ReactJS for the frontend and express for the backend. I'm deploying my app to azure.
To test if my requests are going through I wrote two different API requests.
The first one is very simple:
router.get('/test', (req, res) => {
res.send('test was a success');
});
Then in the frontend I have a button which when clicked makes the request and I get the response 'test was a success'. This works every time.
The second test is:
router.post('/test-email', (req, res) => {
let current_template = 'reset';
readHTMLFile(__dirname + '/emails/' + current_template + '.html', function(err, html) {
let htmlSend;
let template = handlebars.compile(html);
let = replacements = {
name: req.body.name
};
htmlSend = template(replacements);
let mailOptions = {
from: 'email#email.com',
to: 'someone#email.com',
subject: 'Test Email',
html: htmlSend
};
transporter.sendMail(mailOptions)
.then(response => {
res.send(response);
})
.catch(console.error);
});
});
Then when I've deployed the app I make a call to each one of these tests. The first one, like I mentioned always succeeds. The second one which is supposed to send a very simple email fails most of the time with the error "iisnode encountered an error when processing the request. HRESULT: 0x6d HTTP status: 500 HTTP subStatus: 1013". The strange thing is that every once in a while the email will send but this happens very rarely. Most times the request will take exactly two minutes before sending a response with an error.
I should note that when in development in localhost both tests work all the time with no issues whatsoever, it's only when in production (deployment to azure) that this happens.
I've been digging around for the last few days and came up with nothing. Any help or directions would be greatly appreciated.
I found out what the problem was. I'm using gmail to send my test emails, by default gmail will block any attempts to use an account if it thinks the app making the request is not secure. This can be easily fixed by simply clicking the link they automatically send you when you make your first attempt. What is not immediately obvious is when you go in production mode they add another level of security which in this case I believe is a captcha, and while you'll be able to send emails in development as soon as you deploy your app this no longer becomes the case.
Anyway, after digging around a little more I found the option to disable the captcha and now my emails send fine!
Link to that option https://accounts.google.com/b/0/DisplayUnlockCaptcha
Hopefully this will help someone.

NodeJS & googleapis, POST request not working?

I've got a problem with google api in NodeJS with hapi. I downloaded files with npm install googleapis and google-auth-library. Everything is setup correctly.
function listData(auth) {
let webmasters = google.webmasters('v3');
webmasters.searchanalytics.query({
auth: auth,
siteUrl: 'http%3A%2F%2Falanmroczek.pl%2F',
startDate: "2016-09-20",
endDate: "2016-10-14"
}, function(err, response) {
if (err) {
console.log('The API returned an error: ' + err);
return;
}
console.log(response);
});
}
I'm authorised to that scope by this app (if not it throws an error, so I'm sure that this part is okey). When I done listing my gmail folders it works perfectly. Wrong may be only this part of code or googleapis. Strange for me is that:
When I console.log request to Google API:
protocol: 'https:',
slashes: true,
auth: null,
host: 'www.googleapis.com',
port: null,
hostname: 'www.googleapis.com',
hash: null,
search: '?startDate=2016-09-20&endDate=2016-10-14',
query: 'startDate=2016-09-20&endDate=2016-10-14',
pathname: '/webmasters/v3/sites/http%3A%2F%2Falanmroczek.pl%2F/searchAnalytics/query',
path: '/webmasters/v3/sites/http%3A%2F%2Falanmroczek.pl%2F/searchAnalytics/query?startDate=2016-09-20&endDate=2016-10-14',
href: 'https://www.googleapis.com/webmasters/v3/sites/http%3A%2F%2Falanmroczek.pl%2F/searchAnalytics/query?startDate=2016-09-20&endDate=2016-10-14' },
Query, path and href looks like normal GET, I have no idea why. I tried to override it but still I get "backend error".
EDIT: Gmail list folders via GET, thats why I pointed out POST.
It's probably issue with googleapis for node.js. It's sending data via GET not required POST and JSON. We have to do it manually.
Backend Errors which are being returned from Google API calls will have 503 as its error code which means "Service Unavailable".
Check the various API's and its status here and ensure the service that you are trying to hit is up and running fine.
https://www.google.com/appsstatus#hl=en&v=status
Hope this helps!
i work on the similar code. This Reference helped me.
Just have a look: NodeJS & Goodgle Express API

How to use IPv6 with NodeJS https.request()

I have written a program that exercises the REST API of an embedded device that my team is developing. The code that issues the https requests looks like this:
var options = {
hostname: hostAddress,
port: hostPort,
path: path,
method: methodName,
headers: {
"Content-Type": "application/json",
"Content-Length": post_data.length
}
};
// Request and callback
var request = https.request(
options,
function onResponse( response ) {
// response code happens in here ...
}
);
This code works just fine when hostAddress is an IPv4 address, e.g. "192.168.1.13". But we've recently added IPv6 support onto the embedded device and that needs to be tested as well. However, the same code above does not work when the hostAddress is an IPv6 address.
The documentation for https.request() [here: https://nodejs.org/api/https.html ] doesn't say anything about IPv6. I have tried using each of the following values for the hostAddress, but without success.
hostAddress = "fe80::9eb6:54ff:fe90:8b70%eth0";
hostAddress = "[fe80::9eb6:54ff:fe90:8b70%eth0]";
hostAddress = "fe80::9eb6:54ff:fe90:8b70";
hostAddress = "[fe80::9eb6:54ff:fe90:8b70]";
I know the IPv6 address is correct -- I copied and pasted it from an ifconfig call on the embedded system host.
Can anyone tell me what I'm missing here?
Node version 0.12 doesn't support IPv6 on DNS binding, and since request utilizes that, it also won't work.
Per this thread, it's scheduled for implementation in v0.13.
Update
As of 2015, this appears to now be implemented in the main nodejs/node project (the re-amalgamation of Node.js and io.js).
http = require('http');
server = http.createServer();
server.listen(9000, '::');

Chrome Extension with G+ Signin - redirect_uri_mismatch

I'm trying to create a Chrome Extension that the user can login to with their Google account. I have based it on this sample code: https://developers.google.com/+/quickstart/javascript and it gets as far as gapi.auth2.init but then 400 errors with Error: redirect_uri_mismatch. The client ID is registered fine.
The API call fails because the redirect_uri is wrong, but what URI do I set for an extension? The API call is made as so:
gapi.auth2.init({
fetch_basic_profile: false,
client_id: '1234_valid_id_1234',
cookie_policy: 'none',
redirect_uri: 'xxx',
scope:'https://www.googleapis.com/auth/plus.login'
}).then(
'xxx' as the uri is just an example, I've tried multitude of options in here, to no avail.
The extension will load a dialogue as if it's going to begin the auth process but then craps out with the 400 error. I don't understand what URI an extension should be providing as a callback here, surely this isn't applicable?
The client ID etc is fine - if I run the sample JS code on just a standard localhost website it all works fine, it's only when trying to use it in an extension that it breaks, because of the lack of callback URI.
https://developers.google.com/identity/sign-in/web/reference
gapi.auth2.init doesn't take redirect_uri param.
Only function that takes redirect_uri is grantOfflineAccess. redirect_uri = "postmessage" should always work.
var auth2 = gapi.auth2.init({
fetch_basic_profile: false,
client_id: '1234_valid_id_1234',
cookie_policy: 'none',
scope:'https://www.googleapis.com/auth/plus.login'
});
// on user click
auth2.grantOfflineAccess({'redirect_uri': 'postmessage'}).then(
function(resp) {
var auth_code = resp.code;
});

Categories

Resources