search

googleworkspace / node-samples

Node samples for Google Workspace APIs.
Apache License 2.0
464 stars 489 forks source link

Sheets Quickstart Error - self signed certificate in certificate chain #76

Open MSherry24 opened 5 years ago

MSherry24 commented 5 years ago

Expected Behavior

I should be able to run the Sheets API Node.js quickstart and authorize my google account to access the API https://developers.google.com/sheets/api/quickstart/nodejs

Actual Behavior

I am unable to authorize my account due to a self signed certificate found in my certificate chain.

Steps to Reproduce the Problem

  1. Complete steps 1 and 2 of the quickstart guide.
  2. Copy and run the provided script in the quickstart guide.
  3. Follow the generated link to login to my google account.
  4. Copy the authorization code and paste it into the terminal.
  5. The following error is displayed in the terminal:

Error while trying to retrieve access token { FetchError: request to https://oauth2.googleapis.com/token failed, reason: self signed certificate in certificate chain at ClientRequest. (C:\xampp\htdocs\SoxFX\SoxFXExpress\node_modules\node-fetch\lib\index.js:1453:11) at ClientRequest.emit (events.js:197:13) at TLSSocket.socketErrorListener (_http_client.js:399:9) at TLSSocket.emit (events.js:197:13) at emitErrorNT (internal/streams/destroy.js:82:8) at emitErrorAndCloseNT (internal/streams/destroy.js:50:3) at processTicksAndRejections (internal/process/next_tick.js:76:17) message: 'request to https://oauth2.googleapis.com/token failed, reason: self signed certificate in certificate chain', type: 'system', errno: 'SELF_SIGNED_CERT_IN_CHAIN', code: 'SELF_SIGNED_CERT_IN_CHAIN', config: { method: 'POST', url: 'https://oauth2.googleapis.com/token', data: 'code=[]&client_id=[]&redirect_uri=[]&grant_type=authorization_code&code_verifier=', headers: { 'Content-Type': 'application/x-www-form-urlencoded', 'User-Agent': 'google-api-nodejs-client/3.1.2', Accept: 'application/json' }, params: [Object: null prototype] {}, paramsSerializer: [Function: paramsSerializer], body: 'code=[]&client_id=[]&client_secret=[]&redirect_uri=[***]&grant_type=authorization_code&code_verifier=', validateStatus: [Function: validateStatus], responseType: 'json' } }

Specifications

sqrrrl commented 5 years ago

Are you on a network behind a firewall/proxy? Have you tried running the same code on a different/open network?

MSherry24 commented 5 years ago

Yes, I am behind a corporate firewall, but I've run the same code on a different machine on the same network and it works fine. It clearly has something to do with my local machine settings rather than the code hosted here. The weird part is that I don't see any self-signed certificates on my machine.

sqrrrl commented 5 years ago

The self-signed cert is likely coming in the response from the proxy/firewall. Maybe a different policy for that machine or you're not authenticated on the network in the same way?

sqrrrl commented 5 years ago

You can also test with a simpler script that just uses built-in node functions.

const https = require('https');

let options = {
  hostname: 'oauth2.googleapis.com',
  port: 443,
  path: '/token',
  method: 'POST'
};

let req = https.request(options, (resp) => {
  resp.on('data', (chunk) => console.log(chunk.toString()));
  resp.on('end', () => console.log('End'));
  resp.on('error', (err) => console.log(err));
});

req.end();