search

magiclabs / magic-admin-js

Magic admin Node.js SDK makes it easy to leverage Decentralized ID tokens to protect routes and restricted resources for your application.
https://docs.magic.link/admin-sdk/node-js
MIT License
75 stars 33 forks source link

Users module failing at retrieving metadata? #68

Closed chiefGui closed 2 years ago

chiefGui commented 2 years ago

✅ Prerequisites

🐛 Description

[Description of the bug.]

🧩 Steps to Reproduce

import { Magic } from '@magic-sdk/admin' // v1.3.0

const mAdmin = new Magic(SECRET_KEY)

export default async function(req, res) {
  const didToken = mAdmin.utils.parseAuthorizationHeader(req.headers.authorization)

  try {
    const issuer = await mAdmin.token.getIssuer(didToken) // works!
    const metadata = await mAdmin.users.getMetadataByIssuer(issuer) // nope.
  } catch (e) {
    console.error(e) // {"code":"SERVICE_ERROR","data":[{"data":{},"error_code":"MISSING_REQUIRED_FIELDS","message":"Missing required fields: ['issuer'].","status":"failed"}]}
  }
}

🤔 Expected behavior

Wanted to retrieve user's metadata.

😮 Actual behavior

Am consistently receiving 400 and no metadata.

💻 Code Sample

import { Magic } from '@magic-sdk/admin' // v1.3.0

const mAdmin = new Magic(SECRET_KEY)

export default async function(req, res) {
  const didToken = mAdmin.utils.parseAuthorizationHeader(req.headers.authorization)

  try {
    const issuer = await mAdmin.token.getIssuer(didToken) // works!
    const metadata = await mAdmin.users.getMetadataByIssuer(issuer) // nope.
  } catch (e) {
    console.error(e) // {"code":"SERVICE_ERROR","data":[{"data":{},"error_code":"MISSING_REQUIRED_FIELDS","message":"Missing required fields: ['issuer'].","status":"failed"}]}
  }
}

🌎 Environment

Software Version(s)
@magic-sdk/admin v1.3.0
Node v15.14.0
yarn v3.1.0
Operating System macOS
chiefGui commented 2 years ago

Weird enough, I tried two things:

await fetch('https://api.magic.link/v1/admin/auth/user/get?issuer=did%3Aethr%SOME_ID_HERE', { method: 'GET', headers: { 'X-Magic-Secret-Key': SECRET_KEY }})

Works ✅ 

const mAdmin = new Magic(SECRET_KEY, {
  endpoint: 'https://api.magic.link',
})

Doesn't work 😢

Notes:

  1. .validate is working properly.
  2. The exact same error occurred with getMetadataByToken as well.
  3. I really don't know what the get method is 🤔 https://github.com/magiclabs/magic-admin-js/blob/731a8cb440533b459eefc70d29d9f027e1db29fa/src/modules/users/index.ts#L31-L35
chiefGui commented 2 years ago

Okay, I just dove deep and yes, it seems it's the SDK with the encodeURIComponent function.

https://github.com/magiclabs/magic-admin-js/blob/731a8cb440533b459eefc70d29d9f027e1db29fa/src/utils/rest.ts#L34

Because fetching the following doesn't work, contrary to the fetch I posted above:

await fetch(`https://api.magic.link/v1/admin/auth/user/get?${encodeURIComponent('issuer=did:ethr:SOME_WEIRD_ID')}`, { method: 'GET', headers: { 'X-Magic-Secret-Key': 'SECRET_KEY' }})

(If I remove encodeURIComponent it works like a charm.)

smithki commented 2 years ago

Thanks for you detailed report and investigation (and further initiative on a fix/PR). This is now released in @magic-sdk/admin@1.3.1