Closed stagefright5 closed 2 years ago
Would you mind creating a small repro project? And also feel free to open a PR, don't forget tests.
Would you mind creating a small repro project? And also feel free to open a PR, don't forget tests.
Opened this PR https://github.com/panva/node-openid-client/pull/501, and all the tests are passing.
Would you mind creating a small repro project? And also feel free to open a PR, don't forget tests.
Opened this PR #501, and all the tests are passing.
And the reproduction project?
I am surprised more haven't hit this issue. A call const issuer = await Issuer.discover('http://localhost:4011');
is causing this very issue. simple node & express, typescript application. Using step debugging it is this line: (url.protocol === 'https:' ? https.request : http.request)(url.href, opts);
. I read the node documents and that should select the other overload of http but instead its choosing the first overload so opts
is being viewed as a callback. the only way i could get it to stop doing that was removing '.href'. That caused node to use the correct overload of the method and it operated as expected. the docs absolutely state the "url" param can be a string or URL object but node is also not adhering to that. this is happening with node v16.16.0 and v16.17.0.
Describe the bug
openid-client
) moduleIssuer.discover
is called, it throws the following errorAnalysis
globalThis.URL
is not the same asrequire('url').URL
globalThis.URL
refers towindow.URL
which is chromium implementationrequire('url').URL
refers to nodejs implementation. So,URL
instance that is being passed for(http || https).request
method inhelpers/request.js
is NOT nodejs's URL instancerequire('https').request
method, I found that, it is compatible with ONLY nodejs's URL instanceProposed Solutions:
require
statement to the top ofhelpers/request.js
modulehttps
module has also implemented (ref: https://github.com/nodejs/node/blob/73d23a20a46e82299964cb1a4eaadaacac9b1de3/lib/https.js#L51)url
parameter as string (url.href
) instead directly passingurl
object to the(http || https).request
method.url
is string, therequest
method will create a url instance as it needsTo Reproduce
Issuer and Client configuration: (inline or gist) - Don't forget to redact your secrets.
Steps to reproduce the behavior:
nodeIntegration
enabledIssuer.discover
APIExpected behavior
Environment:
Additional context Add any other context about the problem here.