search

peburrows / goth

Elixir package for Oauth authentication via Google Cloud APIs
http://hexdocs.pm/goth
MIT License
284 stars 108 forks source link

JWT ArgumentError (JOSE) #95

Closed mthomps4 closed 3 years ago

mthomps4 commented 3 years ago

Unsure what is missing here. Looking for advice.

Deps

      {:goth, "~> 1.3-rc"},
      {:hackney, "~> 1.17"},
      {:google_api_compute, "~> 0.34.0"}

application.ex

  def start(_type, _args) do
    credentials =
      "GOOGLE_APPLICATION_CREDENTIALS_JSON"
      |> System.fetch_env!()
      |> Jason.decode!()

    source = {:service_account, credentials, []}
...
      {Goth, name: Toolbox.Goth, source: source}

Error Trace

** (Mix) Could not start application toolbox: Toolbox.Application.start(:normal, []) returned an error: shutdown: failed to start child: Goth.Server
    ** (EXIT) an exception was raised:
        ** (ArgumentError) argument error: [[], {:jose_jws, {:jose_jws_alg_rsa_pkcs1_v1_5, :RS256}, :undefined, %{"typ" => "JWT"}}, %{"aud" => "https://oauth2.googleapis.com/token,", "exp" => 1616384563, "iat" => 1616380963, "iss" => "name@appid.iam.gserviceaccount.com,", "scope" => "https://www.googleapis.com/auth/cloud-platform"}]
            (jose 1.11.1) src/jwt/jose_jwt.erl:184: :jose_jwt.sign/3
            (goth 1.3.0-rc.0) lib/goth/token.ex:200: Goth.Token.jwt/2
            (goth 1.3.0-rc.0) lib/goth/token.ex:149: Goth.Token.request/1
            (goth 1.3.0-rc.0) lib/goth/token.ex:109: Goth.Token.fetch/1
            (goth 1.3.0-rc.0) lib/goth/server.ex:49: Goth.Server.init/1
wojtekmach commented 3 years ago

Thanks for the report. I could reproduce this error by putting "private_key" => "bad" (or "") instead of a proper private key in the PEM format in my credentials. Could you double-check that your credentials are valid?

mthomps4 commented 3 years ago

Thanks for the quick response.

🤔 I took the JSON file and did a Node stringify It looks ok at first, but on second glance the special characters may be throwing it off \ + \n

\"private_key\":\"-----BEGIN PRIVATE KEY-----\\\MIIEvg...+43\\\\asdf\n ....

Any info on how you got your creds to a full string for ENV? Fairly certain that's it.

mthomps4 commented 3 years ago

Update: Re-stringified.

Noticed that the line breaks had an extra \ find \\n replace with \n

Was able to run {:ok, token} = Goth.fetch(Toolbox.Goth) successfully! 🎉

wojtekmach commented 3 years ago

Great, glad its fixed. Im gonna go ahead and close this but if folks keep running into this we can probably at least improve the error message.