search

Ylianst / MeshCentral

A complete web-based remote monitoring and management web site. Once setup you can install agents and perform remote desktop session to devices on the local network or over the Internet.
https://meshcentral.com
Apache License 2.0
3.97k stars 535 forks source link

OIDC Client fails to verify JWT token. Internal Server Error #6345

Open DaanSelen opened 2 weeks ago

DaanSelen commented 2 weeks ago

Describe the bug The bug is failing to be able to connect using OIDC general connect setup. We've setup a config with the required fields and it does call our second device for authentication, however when returning to meshcentral, the JWT is put into a JSON.parse() function which errors out.

To Reproduce Steps to reproduce the behavior: Try to login usin Entrust OpenID Connect.

Expected behavior Log into my account succesfully.

Screenshots If applicable, add screenshots to help explain your problem. image

I converted the Byte array to a string and printed it: below. But normally the bytecode is passed directly to JSON.parse() function.

eyJ4NXQiOiI4ajJuMmMzcmpvM0pzanY3ZkJNckVsbUNlSFkiLCJraWQiOiI3MjE1MTQ5MCIsInR5cCI6IkpXVCIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiJkc2VsZW5Ac3lzdGVtZWMubmwiLCJhdWQiOiJkYTQ5NTEzYi04YjBlLTRlZmEtYWE0Yi0zMzY3YWQ2ZGM2ZmMiLCJuYW1lIjoiRGFhbiBTZWxlbiIsImlzcyI6Imh0dHBzOi8vc2lzbmwuZGUudHJ1c3RlZGF1dGguY29tL2FwaS9vaWRjIiwiZ2l2ZW5fbmFtZSI6IkRhYW4iLCJmYW1pb... rest of jwt
Aug 28 13:41:02 thoth node[441762]: ERR: SyntaxError: Unexpected token e in JSON at position 0
Aug 28 13:41:02 thoth node[441762]:     at JSON.parse (<anonymous>)
Aug 28 13:41:02 thoth node[441762]:     at Client.userinfo (/opt/meshcentral/app/node_modules/openid-client/lib/client.js:1292:16)
Aug 28 13:41:02 thoth node[441762]:     at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
Aug 28 13:41:02 thoth node[441762]:     at async /opt/meshcentral/app/node_modules/openid-client/lib/passport_strategy.js:182:24

Server Software (please complete the following information):

Client Device (please complete the following information):

Additional context Add any other context about the problem here.

Your config.json file relevant info:

"authStrategies": {
          "oidc": {
              "issuer": {
                  "issuer": "https://domain.com/api/oidc",
                  "authorization_endpoint": "https://domain.com/api/oidc/authorize",
                  "token_endpoint": "https://domain.com/api/oidc/token",
                  "endsession_endpoint": "https://domain.com/api/oidc/endsession",
                  "jwks_uri": "https://domain.com/api/oidc/jwks"
              },
              "client": {
                  "client_id": "<clientid>",
                  "client_secret": "<cliensecret>",
                  "redirect_uri": "https://remote.domain.com/auth-oidc-callback",
                  "_post_logout_redirect_uri": "https://remote.domain.com/login",
                  "_token_endpoint_auth_method": "client_secret_basic",
                  "_response_types": "authorization_code"
              },
              "custom": {
                  "scope": [ "openid", "profile", "read.EmailAlias" ],
                  "preset": null
              },
              "logouturl": "https://remote.domain.com/logout",
              "newAccounts": false
          }
      }
si458 commented 2 weeks ago

you didnt specify what verison of meshcentral you are running or what nodejs version you are using

DaanSelen commented 2 weeks ago

you didnt specify what verison of meshcentral you are running or what nodejs version you are using

Excuse me, of course!

image With Node version: v18.19.0

si458 commented 2 weeks ago

what is ur oidc provider as im not having issue here? also have you tried removing the "custom" value incase its that?

DaanSelen commented 2 weeks ago

what is ur oidc provider as im not having issue here? also have you tried removing the "custom" value incase its that?

We use Entrust OIDC

si458 commented 1 day ago

is this still an issue? is it possible for you to email myself and let me test with your environment?