Resolve localhost request errors

[s2t2]

As described in the README, there is an issue with the way the openid-client package interacts with a locally-running identity-idp instance.

Error:

{ RequestError: connect ECONNREFUSED 127.0.0.1:3000
    at ClientRequest.req.once.err (/Users/username/projects/my-identity-sp/node_modules/openid-client/node_modules/got/index.js:219:22)
    at Object.onceWrapper (events.js:315:30)
    at emitOne (events.js:121:20)
    at ClientRequest.emit (events.js:211:7)
    at Socket.socketErrorListener (_http_client.js:387:9)
    at emitOne (events.js:116:13)
    at Socket.emit (events.js:211:7)
    at emitErrorNT (internal/streams/destroy.js:64:8)
    at _combinedTickCallback (internal/process/next_tick.js:138:11)
    at process._tickCallback (internal/process/next_tick.js:180:9)
  name: 'RequestError',
  code: 'ECONNREFUSED',
  host: 'localhost:3000',
  hostname: 'localhost',
  method: 'GET',
  path: '/.well-known/openid-configuration',
  protocol: 'http:',
  url: 'http://localhost:3000/.well-known/openid-configuration' }

Right now there are certain workarounds for the issue (namely, running identity-idp with rails s -b 0.0.0.0 instead of make run), but this encumbers the full functionality of identity-idp, requiring additional work-arounds for the account creation process and the LOA3 setup process.

I have filed an issue with the openid-client package in hopes of learning more about how to resolve the issue.

[s2t2]

Per guidance, tried using the request package:

Issuer.useRequest();

Produces:

{ Error: connect ECONNREFUSED 127.0.0.1:3000
    at Object._errnoException (util.js:1024:11)
    at _exceptionWithHostPort (util.js:1046:20)
    at TCPConnectWrap.afterConnect [as oncomplete] (net.js:1182:14)
  code: 'ECONNREFUSED',
  errno: 'ECONNREFUSED',
  syscall: 'connect',
  address: '127.0.0.1',
  port: 3000 }

[s2t2]

Note:

--->> cat /etc/hosts
##
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting.  Do not change this entry.
##
127.0.0.1   localhost
255.255.255.255 broadcasthost
::1             localhost

[s2t2]

Finding some helpful conversation in this issue. Need to do some testing around with various versions and configurations of Rails.

[s2t2]

Some basic tests using curl confirm that requests to localhost are resolving, but requests to 127.0.0.1 are not:

 --->> curl localhost:3000
# the expected document
 --->> curl 127.0.0.1:3000
curl: (7) Failed to connect to 127.0.0.1 port 3000: Connection refused

When I retry these same tests using a newly generated rails app, curl localhost:3000 and curl 127.0.0.1 both resolve. This suggests the issue lies in the specific way the identity-idp rails application server is being configured. And it also means my work computer configuration is not the cause of the issue.

[s2t2]

OK, it makes sense that rails s -b 0.0.0.0 wouldn't also run mailcatcher and sidekiq the way that make run does. So one potential workaround would be to run these other services separately (e.g. mailcatcher --http-ip=0.0.0.0

[s2t2]

Weird, now I can't even connect when it is running via 0.0.0.0.

And I am learning that 127.0.0.1 is a better practice than 0.0.0.0 for security reasons. Although neither is working anymore. Not sure why.

[s2t2]

OK, so changing some variables from var to const was the cause of the recent issue. After changing cost back to var (https://github.com/18F/identity-oidc-expressjs/commit/86e3ee337b981a542cb386999ee19a5eca01cb39), now the client app is back to partially working (at least it no longer crashes) when the server is running on 127.0.0.1! 🎉 🎉 🎉

[s2t2]

Manually running all commands listed in the identity-idp's Procfile:

bin/rails s -b 127.0.0.1
bundle exec sidekiq --config config/sidekiq.yml
mailcatcher -f

And now the client app can go through the flow of creating an account. They key was running sidekiq.

[s2t2]

And the LOA3 flow also works!