search

Ylianst / MeshCentral

A complete web-based remote monitoring and management web site. Once setup you can install agents and perform remote desktop session to devices on the local network or over the Internet.
https://meshcentral.com
Apache License 2.0
4.16k stars 557 forks source link

MeshCentral fails to start with openid-client v6.0.0 #6459

Open justsomemate opened 1 day ago

justsomemate commented 1 day ago

Describe the bug openid-client released version 6.0.0 two days ago as an ESM module, which causes MeshCentral to fail to start (if openid authentication is enabled)

Error [ERR_REQUIRE_ESM]: require() of ES Module /opt/meshcentral/meshcentral/node_modules/openid-client/build/index.js from /opt/meshcentral/meshcentral/webserver.js not supported. Instead change the require of index.js in /opt/meshcentral/meshcentral/webserver.js to a dynamic import() which is available in all CommonJS modules.

See https://github.com/TypeStrong/ts-node#err_require_esm https://github.com/panva/openid-client/releases/tag/v6.0.0

To Reproduce Steps to reproduce the behavior:

  1. Have or add oidc and related configuration under "domains": "authStrategies"
  2. Restart MeshCentral
  3. See error

Expected behavior MeshCentral starts and has the OIDC login button.

Screenshots N/A

Server Software (please complete the following information):

Client Device (please complete the following information): N/A

Remote Device (please complete the following information): N/A

Additional context

Error: Command failed: /usr/bin/node /opt/meshcentral/meshcentral/meshcentral --configfile config.json --launch 6 /opt/meshcentral/meshcentral/webserver.js:7445 let strategy = migrateOldConfigs(Object.assign({ 'client': {}, 'issuer': {}, 'options': {}, 'custom': {}, 'obj': { 'openidClient': require('openid-client') } }, initStrategy)) ^

Error [ERR_REQUIRE_ESM]: require() of ES Module /opt/meshcentral/meshcentral/node_modules/openid-client/build/index.js from /opt/meshcentral/meshcentral/webserver.js not supported. Instead change the require of index.js in /opt/meshcentral/meshcentral/webserver.js to a dynamic import() which is available in all CommonJS modules. at setupDomainAuthStrategy (/opt/meshcentral/meshcentral/webserver.js:7445:144) at setupAllDomainAuthStrategies (/opt/meshcentral/meshcentral/webserver.js:6568:88) at serverStart (/opt/meshcentral/meshcentral/webserver.js:6555:13) at /opt/meshcentral/meshcentral/webserver.js:309:17 at /opt/meshcentral/meshcentral/db.js:2652:115 at /opt/meshcentral/meshcentral/node_modules/mongodb/lib/utils.js:349:28 { code: 'ERR_REQUIRE_ESM' }

Your config.json file

{
  "$schema": "https://raw.githubusercontent.com/Ylianst/MeshCentral/master/meshcentral-config-schema.json",
  "settings": {
    "plugins":{"enabled": false},
    "mongoDb": "**redacted**",
    "cert": "**redacted**",
    "_WANonly": true,
    "_LANonly": true,
    "sessionKey": "**redacted**",
    "port": 443,
    "_aliasPort": 443,
    "redirPort": 80,
    "_redirAliasPort": 80,
    "AgentPong": 300,
    "TLSOffload": false,
    "SelfUpdate": false,
    "AllowFraming": false,
    "WebRTC": false
  },
  "domains": {
    "": {
      "_title": "MyServer",
      "_title2": "Servername",
      "minify": false,
      "NewAccounts": false,
      "localSessionRecording": false,
      "_userNameIsEmail": true,
      "_certUrl": "my.reverse.proxy",
      "userAllowedIP": "10.0.0.0/8,192.168.254.0/24",
      "authStrategies": {
        "oidc": {
          "issuer": {
            "issuer": "https://**redacted**/application/o/meshcentral/",
            "authorization_endpoint": "https://**redacted**/application/o/authorize/",
            "token_endpoint": "https://**redacted**/application/o/token/",
            "endsession_endpoint": "https://**redacted**/application/o/meshcentral/end-session/",
            "jwks_uri": "https://**redacted**/application/o/meshcentral/jwks/"
          },
          "client": {
            "client_id": "**redacted**",
            "client_secret": "**redacted**",
            "redirect_uri": "https://**redacted**/auth-oidc-callback"
          },
          "custom": {
            "scope": ["openid", "profile", "email", "groups"]
          },
          "groups": {
            "recursive": true,
            "required": ["MeshCentral Admin", "MeshCentral Agent"],
            "siteadmin": ["MeshCentral Admin"],
            "revokeAdmin": false,
            "sync": {
              "filter": ["MeshCentral Admin", "MeshCentral Agent"]
            }
          },
          "newAccounts": true
        }
      }
    }
  },
  "letsencrypt": {
    "__comment__": "Requires NodeJS 8.x or better, Go to https://letsdebug.net/ first before>",
    "email": "**redacted**",
    "names": "**redacted**",
    "rsaKeySize": 3072,
    "production": true
  }
}
si458 commented 1 day ago

i was literally just about to post this issue! i was setting up my test environment for docker! in process of pinning the version for the moment

si458 commented 1 day ago

https://github.com/Ylianst/MeshCentral/commit/1e2d736d6d1b42e5eb8f4a42f86d4b5ed5f2d800

si458 commented 1 day ago

fix for the moment is here

  1. stop meshcentral,
  2. cd /folder/to/meshcentral (eg cd /opt/meshcentral)
  3. npm install openid-client@5.7.0
  4. start meshcentral