search

pow-auth / pow_assent

Multi-provider authentication for your Pow enabled app
https://powauth.com
MIT License
321 stars 50 forks source link

Server was unreachable with Assent.HTTPAdapter.Httpc. #173

Closed jagoanmamah closed 4 years ago

jagoanmamah commented 4 years ago

0eb0c6e2-2649-4ffc-9176-2aa08017fcec

danschultzer commented 4 years ago

Can you copy-paste the full error?

It seems like there's an issue with the SSL handshake. Do you have certify and ssl_verify_fun in your deps as outlined in the readme?

defp deps do
  [
    # ...
    {:pow_assent, "~> 0.4.7"},
    {:certifi, "~> 2.4"},
    {:ssl_verify_fun, "~> 1.1"}
  ]
end
jagoanmamah commented 4 years ago 
  defp deps do
    [
      {:phoenix, "~> 1.5", override: true},
      {:phoenix_pubsub, "~> 2.0"},
      {:phoenix_ecto, "~> 4.0"},
      {:ecto_sql, "~> 3.1"},
      {:postgrex, ">= 0.0.0"},
      {:phoenix_html, "~> 2.11"},
      {:phoenix_live_reload, "~> 1.2.1", only: :dev},
      {:gettext, "~> 0.11"},
      {:jason, "~> 1.0"},
      {:plug_cowboy, "~> 2.1"},
      {:pow, "~> 1.0.20"},
      {:swoosh, "~> 0.25"},
      {:phoenix_swoosh, "~> 0.2"},
      {:gen_smtp, "~> 0.13"},
      {:pow_assent, "~> 0.4.7"},
      {:certifi, "~> 2.4"},
      {:ssl_verify_fun, "~> 1.1"},
      {:scrivener_ecto, "~> 2.0"},
      {:scrivener_html, "~> 1.8.1"},
      {:timex, "~> 3.5"}

    ]
  end

Failed with the following error: {:failed_connect, [{:to_address, {'www.googleapis.com', 443}}, {:inet, [:inet], {:tls_alert, {:handshake_failure, 'TLS client: In state wait_cert_cr at ssl_handshake.erl:1840 generated CLIENT ALERT: Fatal - Handshake Failure\n {bad_cert,hostname_check_failed}'}}}]}

URL: https://www.googleapis.com/oauth2/v4/token

danschultzer commented 4 years ago

Hmm, this could be due to many things.

I tested this locally and it works as expected. You can try it yourself running iex -S mix in your app dir and then call the following method:

Assent.Strategy.request(:post, "https://www.googleapis.com/oauth2/v4/token", "", [], [http_adapter: Assent.HTTPAdapter.Httpc])

It should return a Assent.HTTPAdapter.HTTPResponse struct, rather than Assent.RequestError with the handshake error.

Two questions:

  1. What OTP version are you running on?
  2. Do you have any :http_adapter config set? If :ssl key is set it would override the default ssl settings.
jagoanmamah commented 4 years ago

I don't have :http_adapter

Screenshot from 2020-05-15 19-21-15

danschultzer commented 4 years ago

Ok, I can reproduce it now. I was running on OTP 22.2. On OTP 23 it fails. Let me figure out why.

danschultzer commented 4 years ago

Assent v0.1.11 has been released. Run mix deps.update assent and it should be working again with OTP 23 😄