search

stackblitz / webcontainer-core

Dev environments. In your web app.
https://webcontainers.io
MIT License
3.84k stars 152 forks source link

Project fails to log in: Operation Unsupported in node built-in library #1043

Closed drfattytuna closed 1 year ago

drfattytuna commented 1 year ago

Describe the bug

Note: to repro you'll need to create a liveblocks account & add the secret keys, etc.

When I try to load this sample project then Sign In I get an error for an unsupported operation inside the node internal hkdf library, specifically when calling createSecretKey. It seems this is being triggered by the next-auth library.

Here is the error:

error - Error: Unsupported
    at new _0x401f00 (https://githubgqce1z-aen4.w-credentialless.staticblitz.com/blitz.95b70c8d.js:44:238785)
    at createSecretKey (https://githubgqce1z-aen4.w-credentialless.staticblitz.com/blitz.95b70c8d.js:35:230453)
    at https://githubgqce1z-aen4.w-credentialless.staticblitz.com/blitz.95b70c8d.js:35:1224598
    at __node_internal_ (https://githubgqce1z-aen4.w-credentialless.staticblitz.com/blitz.95b70c8d.js:35:1224603)
    at Object.hkdf (https://githubgqce1z-aen4.w-credentialless.staticblitz.com/blitz.95b70c8d.js:35:1224877)
    at eval (file:///home/projects/github-gqce1z/node_modules/@panva/hkdf/dist/node/cjs/runtime/hkdf.js:8:16)
    at new Promise (<anonymous>)
    at hkdf (file:///home/projects/github-gqce1z/node_modules/@panva/hkdf/dist/node/cjs/runtime/hkdf.js:7:31)
    at exports.default (file:///home/projects/github-gqce1z/node_modules/@panva/hkdf/dist/node/cjs/runtime/hkdf.js:16:93)
    at hkdf (file:///home/projects/github-gqce1z/node_modules/@panva/hkdf/dist/node/cjs/index.js:47:34) {
  page: '/api/auth/[...nextauth]'
}

Link to the blitz that caused the error

https://stackblitz.com/github/liveblocks/liveblocks/tree/main/starter-kits/nextjs-starter-kit

Steps to reproduce

  1. Get the project running by creating a .env.local file
  2. Click "Sign In"
  3. Select a user
  4. See the error in the console

Expected behavior

I would expect it to successfully sign in on the test app

Parity with Local

Screenshots

No response

Platform

Additional context

No response

SamVerschueren commented 1 year ago

Thanks for reporting this @drfattytuna 🙏 . I created an internal ticket to add support for crypto.hkdf. We didn't add support for all the crypto APIs yet and hkdf is one of them.

d3lm commented 1 year ago

Hey 👋 We have added support for both hkdf as well as aes-gcm which fixes your example and allows you to use next-auth. However, https://api.liveblocks.io is blocked by CORS which means the dashboard can't be loaded then. I suggest to ping them about this and maybe they can enable CORS for WebContainer. Let us know how that goes. Also, because next-auth tries to redirect to localhost after successfully signing in, which doesn't work because there is no server running on localhost, you have to add a redirect callback, e.g.

redirect({ url, baseUrl }) {
  return url;
}

I am going to close the issue because the original issues with crypto have been fixed.