search

pilcrowonpaper / arctic

OAuth 2.0 clients for popular providers
MIT License
1.11k stars 65 forks source link

Apple certificate not reading correctly? #138

Closed nyfever007 closed 5 months ago

nyfever007 commented 5 months ago

Hello. I've spent. hours to figure this out and hope someone can help me out with this. I am using Vercel to host my project and every time validateAuthorizationCode is triggered(no matter how i tried to handle certificate ). I tried to

  1. add context to vercel env.
  2. encode p8 file to .p8.enc to and convert to p8 and read it. 3 finally, i uploaded p8 file directly to project and read it.(which I will not be doing) it returns an error 
    Error: Invalid character: 
at Base64Encoding.decode (file:///var/task/node_modules/oslo/dist/encoding/base64.js:67:27)
at decodeBase64 (file:///var/task/node_modules/oslo/dist/encoding/base64.js:92:19)
at parsePKCS8PEM (file:///var/task/node_modules/arctic/dist/providers/apple.js:64:12)
at Apple.createClientSecret (file:///var/task/node_modules/arctic/dist/providers/apple.js:50:46)
at Apple.validateAuthorizationCode (file:///var/task/node_modules/arctic/dist/providers/apple.js:25:37)
at handleAppleCallback (file:///vercel/path0/src/controllers/oauth.ts:344:21)
at processTicksAndRejections (node:internal/process/task_queues:95:5)

I've done some research and first, and based on following code I am wondering if upgrade/update is need to this. https://github.com/pilcrowOnPaper/arctic/blob/main/src/providers/apple.ts

  1. decodeBase64 is deprecated. I am wondering if this should be 
    
function decodeBase64(base64: string): Uint8Array {
return Uint8Array.from(Buffer.from(base64, 'base64'));
}

function isValidBase64(str: string): boolean { const base64Pattern = /^[a-zA-Z0-9+/=]*$/; return base64Pattern.test(str); }

function parsePKCS8PEM(pkcs8: string): Uint8Array { const base64 = pkcs8 .replace(/-----BEGIN PRIVATE KEY-----/, '') .replace(/-----END PRIVATE KEY-----/, '') .replace(/\r?\n|\r/g, '') // Remove all newlines .trim();

// Validate the Base64 string if (!isValidBase64(base64)) { throw new Error('Invalid Base64 string'); }

return decodeBase64(base64); }



I debugged the project to make sure that p8 file is read correctly.
I also ran parsePKCS8PEM locally to make sure my p8 file is valid base64. 

Any idea?
pilcrowonpaper commented 5 months ago

Yeah adding .replace(/\r?\n|\r/g, '') should fix the issue. Honestly certificate should be Uint8Array but that's breaking change

nyfever007 commented 5 months ago

Yeah adding .replace(/\r?\n|\r/g, '') should fix the issue. Honestly certificate should be Uint8Array but that's breaking change

Yup. i created customApple(since I couldn't PR) and tested it and adding that line indeed resolved the issue. Hope you update this. Thanks!