transistorsoft / background-geolocation-console

A field-testing & analysis server for the Background Geolocation plugin
MIT License
151 stars 157 forks source link

invalid signature JsonWebTokenError: invalid signature #108

Closed spapayan closed 4 years ago

spapayan commented 4 years ago

We are trying to troubleshoot the (purchased) library with the server and facing the following issues: 1) Server raise an error about JWT, but occasionally insert the data, but with an error. Below comes the error messages. Server’s version 3.0.1, library: 3.4.2 2) Documentation issue, for example: findOrCreateTransistorAuthorizationToken(orgname: string, username: string, url?: string) from documentation says you need to proceed with orgname and username parameters, but we can’t find it even in the code. Any assistance would be much appreciated!

invalid signature JsonWebTokenError: invalid signature 2020-05-11T18:48:16.155519+00:00 app[web.1]: at /app/node_modules/jsonwebtoken/verify.js:133:19 2020-05-11T18:48:16.155521+00:00 app[web.1]: at getSecret (/app/node_modules/jsonwebtoken/verify.js:90:14) 2020-05-11T18:48:16.155521+00:00 app[web.1]: at Object.verify (/app/node_modules/jsonwebtoken/verify.js:94:10) 2020-05-11T18:48:16.155521+00:00 app[web.1]: at verifier (/app/src/server/libs/jwt.js:66:22) 2020-05-11T18:48:16.155523+00:00 app[web.1]: at /app/src/server/libs/utils.js:117:21 2020-05-11T18:48:16.155524+00:00 app[web.1]: at Layer.handle [as handle_request] (/app/node_modules/express/lib/router/layer.js:95:5) 2020-05-11T18:48:16.155524+00:00 app[web.1]: at next (/app/node_modules/express/lib/router/route.js:137:13) 2020-05-11T18:48:16.155524+00:00 app[web.1]: at Route.dispatch (/app/node_modules/express/lib/router/route.js:112:3) 2020-05-11T18:48:16.155525+00:00 app[web.1]: at Layer.handle [as handle_request] (/app/node_modules/express/lib/router/layer.js:95:5) 2020-05-11T18:48:16.155526+00:00 app[web.1]: at /app/node_modules/express/lib/router/index.js:281:22 2020-05-11T18:48:16.155526+00:00 app[web.1]: at Function.process_params (/app/node_modules/express/lib/router/index.js:335:12) 2020-05-11T18:48:16.155526+00:00 app[web.1]: at next (/app/node_modules/express/lib/router/index.js:275:10) 2020-05-11T18:48:16.155527+00:00 app[web.1]: at Function.handle (/app/node_modules/express/lib/router/index.js:174:3) 2020-05-11T18:48:16.155527+00:00 app[web.1]: at router (/app/node_modules/express/lib/router/index.js:47:12) 2020-05-11T18:48:16.155527+00:00 app[web.1]: at Layer.handle [as handle_request] (/app/node_modules/express/lib/router/layer.js:95:5) 2020-05-11T18:48:16.155528+00:00 app[web.1]: at trim_prefix (/app/node_modules/express/lib/router/index.js:317:13) 2020-05-11T18:48:16.155528+00:00 app[web.1]: at /app/node_modules/express/lib/router/index.js:284:7 2020-05-11T18:48:16.155529+00:00 app[web.1]: at Function.process_params (/app/node_modules/express/lib/router/index.js:335:12) 2020-05-11T18:48:16.155529+00:00 app[web.1]: at next (/app/node_modules/express/lib/router/index.js:275:10) 2020-05-11T18:48:16.155529+00:00 app[web.1]: at /app/node_modules/express/lib/router/index.js:635:15 2020-05-11T18:48:16.155530+00:00 app[web.1]: at next (/app/node_modules/express/lib/router/index.js:260:14) 2020-05-11T18:48:16.155530+00:00 app[web.1]: at Function.handle (/app/node_modules/express/lib/router/index.js:174:3) 2020-05-11T18:48:16.155810+00:00 app[web.1]: ::ffff:10.34.45.142 - POST /api/locations HTTP/1.1 500 34 - 3.413 ms Error: Can’t set headers after they are sent. 2020-05-11T18:48:16.157531+00:00 app[web.1]: at validateHeader (_http_outgoing.js:491:11) 2020-05-11T18:48:16.157531+00:00 app[web.1]: at ServerResponse.setHeader (_http_outgoing.js:498:3) 2020-05-11T18:48:16.157532+00:00 app[web.1]: at ServerResponse.header (/app/node_modules/express/lib/response.js:771:10) 2020-05-11T18:48:16.157532+00:00 app[web.1]: at ServerResponse.send (/app/node_modules/express/lib/response.js:170:12) 2020-05-11T18:48:16.157532+00:00 app[web.1]: at ServerResponse.json (/app/node_modules/express/lib/response.js:267:15) 2020-05-11T18:48:16.157533+00:00 app[web.1]: at ServerResponse.send (/app/node_modules/express/lib/response.js:158:21) 2020-05-11T18:48:16.157533+00:00 app[web.1]: at /app/src/server/index.js:72:21 2020-05-11T18:48:16.157533+00:00 app[web.1]: at Layer.handle_error (/app/node_modules/express/lib/router/layer.js:71:5) 2020-05-11T18:48:16.157534+00:00 app[web.1]: at trim_prefix (/app/node_modules/express/lib/router/index.js:315:13) 2020-05-11T18:48:16.157534+00:00 app[web.1]: at /app/node_modules/express/lib/router/index.js:284:7 2020-05-11T18:48:16.157535+00:00 app[web.1]: at Function.process_params (/app/node_modules/express/lib/router/index.js:335:12) 2020-05-11T18:48:16.157536+00:00 app[web.1]: at next (/app/node_modules/express/lib/router/index.js:275:10) 2020-05-11T18:48:16.157536+00:00 app[web.1]: at Layer.handle_error (/app/node_modules/express/lib/router/layer.js:67:12) 2020-05-11T18:48:16.157536+00:00 app[web.1]: at trim_prefix (/app/node_modules/express/lib/router/index.js:315:13) 2020-05-11T18:48:16.157537+00:00 app[web.1]: at /app/node_modules/express/lib/router/index.js:284:7 2020-05-11T18:48:16.157537+00:00 app[web.1]: at Function.process_params (/app/node_modules/express/lib/router/index.js:335:12) 2020-05-11T18:48:16.157538+00:00 app[web.1]: at next (/app/node_modules/express/lib/router/index.js:275:10) 2020-05-11T18:48:16.157538+00:00 app[web.1]: at Layer.handle_error (/app/node_modules/express/lib/router/layer.js:67:12) 2020-05-11T18:48:16.157539+00:00 app[web.1]: at trim_prefix (/app/node_modules/express/lib/router/index.js:315:13) 2020-05-11T18:48:16.157539+00:00 app[web.1]: at /app/node_modules/express/lib/router/index.js:284:7 2020-05-11T18:48:16.157539+00:00 app[web.1]: at Function.process_params (/app/node_modules/express/lib/router/index.js:335:12) 2020-05-11T18:48:16.157540+00:00 app[web.1]: at next (/app/node_modules/express/lib/router/index.js:275:10) 2020-05-11T18:35:16.823179+00:00 app[web.1]: Unhandled rejection Error: WHERE parameter “id” has invalid “undefined” value 2020-05-11T18:35:16.823179+00:00 app[web.1]: at PostgresQueryGenerator.whereItemQuery (/app/node_modules/sequelize/lib/dialects/abstract/query-generator.js:2184:13) 2020-05-11T18:35:16.823180+00:00 app[web.1]: at Utils.getComplexKeys.forEach.prop (/app/node_modules/sequelize/lib/dialects/abstract/query-generator.js:2173:25) 2020-05-11T18:35:16.823180+00:00 app[web.1]: at Array.forEach () 2020-05-11T18:35:16.823181+00:00 app[web.1]: at PostgresQueryGenerator.whereItemsQuery (/app/node_modules/sequelize/lib/dialects/abstract/query-generator.js:2171:35) 2020-05-11T18:35:16.823181+00:00 app[web.1]: at PostgresQueryGenerator.whereQuery (/app/node_modules/sequelize/lib/dialects/abstract/query-generator.js:2144:24) 2020-05-11T18:35:16.823181+00:00 app[web.1]: at PostgresQueryGenerator.updateQuery (/app/node_modules/sequelize/lib/dialects/abstract/query-generator.js:435:116) 2020-05-11T18:35:16.823182+00:00 app[web.1]: at QueryInterface.bulkUpdate (/app/node_modules/sequelize/lib/query-interface.js:1038:37) 2020-05-11T18:35:16.823182+00:00 app[web.1]: at Promise.try.then.then.then.results (/app/node_modules/sequelize/lib/model.js:3224:34) 2020-05-11T18:35:16.823183+00:00 app[web.1]: at tryCatcher (/app/node_modules/bluebird/js/release/util.js:16:23) 2020-05-11T18:35:16.823183+00:00 app[web.1]: at Promise._settlePromiseFromHandler (/app/node_modules/bluebird/js/release/promise.js:547:31) 2020-05-11T18:35:16.823184+00:00 app[web.1]: at Promise._settlePromise (/app/node_modules/bluebird/js/release/promise.js:604:18) 2020-05-11T18:35:16.823184+00:00 app[web.1]: at Promise._settlePromise0 (/app/node_modules/bluebird/js/release/promise.js:649:10) 2020-05-11T18:35:16.823184+00:00 app[web.1]: at Promise._settlePromises (/app/node_modules/bluebird/js/release/promise.js:729:18) 2020-05-11T18:35:16.823185+00:00 app[web.1]: at _drainQueueStep (/app/node_modules/bluebird/js/release/async.js:93:12) 2020-05-11T18:35:16.823185+00:00 app[web.1]: at _drainQueue (/app/node_modules/bluebird/js/release/async.js:86:9) 2020-05-11T18:35:16.823185+00:00 app[web.1]: at Async._drainQueues (/app/node_modules/bluebird/js/release/async.js:102:5) 2020-05-11T18:35:16.823186+00:00 app[web.1]: at Immediate.Async.drainQueues (/app/node_modules/bluebird/js/release/async.js:15:14) 2020-05-11T18:35:16.823186+00:00 app[web.1]: at runCallback (timers.js:810:20) 2020-05-11T18:35:16.823186+00:00 app[web.1]: at tryOnImmediate (timers.js:768:5) 2020-05-11T18:35:16.823187+00:00 app[web.1]: at processImmediate [as _immediateCallback] (timers.js:745:5) 2020-05-11T18:35:16.831941+00:00 app[web.1]: Executing (default): INSERT INTO “locations” (“id”,“latitude”,“longitude”,“data”,“recorded_at”,“created_at”) VALUES (DEFAULT,$1,$2,$3,$4,$5) RETURNING *; 2020-05-11T18:35:16.837028+00:00 app[web.1]: ::ffff:10.32.185.71 - POST /api/site/locations HTTP/1.1 200 16 - 28.036 ms

Sigura commented 4 years ago

Hello, Sergey!

Those things may happen after background-geolocation-console reboot when environment variables empty:

  JWT_PRIVATE_KEY,
  JWT_PUBLIC_KEY,

or JWT wrong.

But POST /api/site/locations endpoint support old version API without JWT and ignore it.

UPDATE: You can try /api/locations endpoint with full JWT support.

spapayan commented 4 years ago

Hello, I tried with all of them ('/api/locations', 'v2/locations', '/api/site/locations') but it doesn't work. I've added JWT public and private keys and redeployed server, but result is the same. When the url is '/v2/locations' the logs in heroku is following:

2020-05-12T08:01:09.581429+00:00 app[web.1]: req.url /v2/locations
2020-05-12T08:01:09.582832+00:00 app[web.1]: ::ffff:10.34.14.131 - POST /v2/locations HTTP/1.1 200 669 - 1.503 ms
2020-05-12T08:02:25.997605+00:00 heroku[router]: at=info method=POST path="/v2/locations" host=test-location-server.herokuapp.com request_id=44103f10-7079-4d01-bbdd-66af1494f62c fwd="37.252.81.168" dyno=web.1 connect=1ms service=3ms status=200 bytes=980 protocol=https
2020-05-12T08:02:25.997783+00:00 app[web.1]: req.url /v2/locations
2020-05-12T08:02:25.999078+00:00 app[web.1]: ::ffff:10.11.43.12 - POST /v2/locations HTTP/1.1 200 669 - 1.699 ms
2020-05-12T08:03:38.381279+00:00 heroku[router]: at=info method=POST path="/v2/locations" host=test-location-server.herokuapp.com request_id=db5fccf1-3eb4-4570-8dea-26eb60e071d6 fwd="37.252.81.168" dyno=web.1 connect=0ms service=5ms status=200 bytes=980 protocol=https
2020-05-12T08:03:38.377832+00:00 app[web.1]: req.url /v2/locations
2020-05-12T08:03:38.380661+00:00 app[web.1]: ::ffff:10.32.185.71 - POST /v2/locations HTTP/1.1 200 669 - 3.144 ms
2020-05-12T08:03:53.810269+00:00 heroku[router]: at=info method=POST path="/v2/locations" host=test-location-server.herokuapp.com request_id=a25582bd-7361-48b5-94bb-9bb7390bd124 fwd="37.252.81.168" dyno=web.1 connect=1ms service=7ms status=200 bytes=980 protocol=https
2020-05-12T08:03:53.810088+00:00 app[web.1]: req.url /v2/locations
2020-05-12T08:03:53.814533+00:00 app[web.1]: ::ffff:10.12.200.233 - POST /v2/locations HTTP/1.1 200 669 - 4.794 ms
2020-05-12T08:04:36.140581+00:00 heroku[router]: at=info method=POST path="/v2/locations" host=test-location-server.herokuapp.com request_id=8b3ded34-e98a-42f1-8f27-9a215e251c32 fwd="37.252.81.168" dyno=web.1 connect=1ms service=6ms status=200 bytes=980 protocol=https

But it doesn't add records to DB. And here is logs when the url is '/api/locations':

2020-05-12T08:07:11.891645+00:00 heroku[router]: at=info method=POST path="/api/locations" host=test-location-server.herokuapp.com request_id=8736ebfb-2497-44ef-b56f-5d2ec44fe07e fwd="37.252.81.168" dyno=web.1 connect=1ms service=4ms status=403 bytes=229 protocol=https
2020-05-12T08:07:11.894189+00:00 app[web.1]: invalid signature JsonWebTokenError: invalid signature
2020-05-12T08:07:11.894199+00:00 app[web.1]: at /app/node_modules/jsonwebtoken/verify.js:133:19
2020-05-12T08:07:11.894201+00:00 app[web.1]: at getSecret (/app/node_modules/jsonwebtoken/verify.js:90:14)
2020-05-12T08:07:11.894201+00:00 app[web.1]: at Object.verify (/app/node_modules/jsonwebtoken/verify.js:94:10)
2020-05-12T08:07:11.894202+00:00 app[web.1]: at verifier (/app/src/server/libs/jwt.js:66:22)
2020-05-12T08:07:11.894203+00:00 app[web.1]: at /app/src/server/libs/utils.js:117:21
2020-05-12T08:07:11.894204+00:00 app[web.1]: at Layer.handle [as handle_request] (/app/node_modules/express/lib/router/layer.js:95:5)
2020-05-12T08:07:11.894204+00:00 app[web.1]: at next (/app/node_modules/express/lib/router/route.js:137:13)
2020-05-12T08:07:11.894205+00:00 app[web.1]: at Route.dispatch (/app/node_modules/express/lib/router/route.js:112:3)
2020-05-12T08:07:11.894205+00:00 app[web.1]: at Layer.handle [as handle_request] (/app/node_modules/express/lib/router/layer.js:95:5)
2020-05-12T08:07:11.894206+00:00 app[web.1]: at /app/node_modules/express/lib/router/index.js:281:22
2020-05-12T08:07:11.894206+00:00 app[web.1]: at Function.process_params (/app/node_modules/express/lib/router/index.js:335:12)
2020-05-12T08:07:11.894206+00:00 app[web.1]: at next (/app/node_modules/express/lib/router/index.js:275:10)
2020-05-12T08:07:11.894207+00:00 app[web.1]: at Function.handle (/app/node_modules/express/lib/router/index.js:174:3)
2020-05-12T08:07:11.894207+00:00 app[web.1]: at router (/app/node_modules/express/lib/router/index.js:47:12)
2020-05-12T08:07:11.894208+00:00 app[web.1]: at Layer.handle [as handle_request] (/app/node_modules/express/lib/router/layer.js:95:5)
2020-05-12T08:07:11.894208+00:00 app[web.1]: at trim_prefix (/app/node_modules/express/lib/router/index.js:317:13)
2020-05-12T08:07:11.894208+00:00 app[web.1]: at /app/node_modules/express/lib/router/index.js:284:7
2020-05-12T08:07:11.894209+00:00 app[web.1]: at Function.process_params (/app/node_modules/express/lib/router/index.js:335:12)
2020-05-12T08:07:11.894209+00:00 app[web.1]: at next (/app/node_modules/express/lib/router/index.js:275:10)
2020-05-12T08:07:11.894209+00:00 app[web.1]: at /app/node_modules/express/lib/router/index.js:635:15
2020-05-12T08:07:11.894210+00:00 app[web.1]: at next (/app/node_modules/express/lib/router/index.js:260:14)
2020-05-12T08:07:11.894210+00:00 app[web.1]: at Function.handle (/app/node_modules/express/lib/router/index.js:174:3)
2020-05-12T08:07:11.894558+00:00 app[web.1]: ::ffff:10.12.40.145 - POST /api/locations HTTP/1.1 500 34 - 1.738 ms
2020-05-12T08:07:11.905358+00:00 app[web.1]: Error: Can't set headers after they are sent.
2020-05-12T08:07:11.905360+00:00 app[web.1]: at validateHeader (_http_outgoing.js:491:11)
2020-05-12T08:07:11.905361+00:00 app[web.1]: at ServerResponse.setHeader (_http_outgoing.js:498:3)
2020-05-12T08:07:11.905361+00:00 app[web.1]: at ServerResponse.header (/app/node_modules/express/lib/response.js:771:10)
2020-05-12T08:07:11.905362+00:00 app[web.1]: at ServerResponse.send (/app/node_modules/express/lib/response.js:170:12)
2020-05-12T08:07:11.905362+00:00 app[web.1]: at ServerResponse.json (/app/node_modules/express/lib/response.js:267:15)
2020-05-12T08:07:11.905362+00:00 app[web.1]: at ServerResponse.send (/app/node_modules/express/lib/response.js:158:21)
2020-05-12T08:07:11.905363+00:00 app[web.1]: at /app/src/server/index.js:72:21
2020-05-12T08:07:11.905363+00:00 app[web.1]: at Layer.handle_error (/app/node_modules/express/lib/router/layer.js:71:5)
2020-05-12T08:07:11.905364+00:00 app[web.1]: at trim_prefix (/app/node_modules/express/lib/router/index.js:315:13)
2020-05-12T08:07:11.905364+00:00 app[web.1]: at /app/node_modules/express/lib/router/index.js:284:7
2020-05-12T08:07:11.905365+00:00 app[web.1]: at Function.process_params (/app/node_modules/express/lib/router/index.js:335:12)
2020-05-12T08:07:11.905368+00:00 app[web.1]: at next (/app/node_modules/express/lib/router/index.js:275:10)
2020-05-12T08:07:11.905369+00:00 app[web.1]: at Layer.handle_error (/app/node_modules/express/lib/router/layer.js:67:12)
2020-05-12T08:07:11.905369+00:00 app[web.1]: at trim_prefix (/app/node_modules/express/lib/router/index.js:315:13)
2020-05-12T08:07:11.905370+00:00 app[web.1]: at /app/node_modules/express/lib/router/index.js:284:7
2020-05-12T08:07:11.905370+00:00 app[web.1]: at Function.process_params (/app/node_modules/express/lib/router/index.js:335:12)
2020-05-12T08:07:11.905370+00:00 app[web.1]: at next (/app/node_modules/express/lib/router/index.js:275:10)
2020-05-12T08:07:11.905371+00:00 app[web.1]: at Layer.handle_error (/app/node_modules/express/lib/router/layer.js:67:12)
2020-05-12T08:07:11.905371+00:00 app[web.1]: at trim_prefix (/app/node_modules/express/lib/router/index.js:315:13)
2020-05-12T08:07:11.905372+00:00 app[web.1]: at /app/node_modules/express/lib/router/index.js:284:7
2020-05-12T08:07:11.905372+00:00 app[web.1]: at Function.process_params (/app/node_modules/express/lib/router/index.js:335:12)
2020-05-12T08:07:11.905373+00:00 app[web.1]: at next (/app/node_modules/express/lib/router/index.js:275:10)

In first case I'm configuring BackgroundGeolocation in this way:

BackgroundGeolocation.ready({
  ...config,
  params: BackgroundGeolocation.transistorTrackerParams(pluginInstance),
  url: serverUrl + "/v2/locations",
  authorization: {
    strategy: "JWT",
    accessToken: token.accessToken,
    refreshToken: token.refreshToken,
    refreshUrl: serverUrl + "/v2/refresh_token",
    refreshPayload: {
      refresh_token: "{refreshToken}"
    },
    expires: token.expires,
  },
})

and in second this:

BackgroundGeolocation.ready({
  ...config,
  transistorAuthorizationToken: token,
  params: BackgroundGeolocation.transistorTrackerParams(pluginInstance),
})

All in all I've tried many variations of configuring but either it adds record without device_id and company_id or doesn't add anything at all. Also I should say that by trying to configure it in different random ways once I've discovered that it worked previously and added all the locations, company and device to DB, but I can't get the same result again.

christocracy commented 4 years ago

This is not how you register with the dev server to receive a JWT. You do not deal with params anymore.

BackgroundGeolocation.ready({
  ...config,
  transistorAuthorizationToken: token,
  params: BackgroundGeolocation.transistorTrackerParams(pluginInstance),
})

See the plugin API docs Config.transistorAuthorizationToken.

spapayan commented 4 years ago

I've removed params and now it works. Thanks!

chrisid commented 4 years ago

Hi Chris, any idea why I'm getting this when posting to dev server?

POST /api/locations 406 { "status": 401, "error": "Wrong JWT" }

this is my config:

let orgname = 'chris';
let username = 'chris';
let url = 'http://192.168.1.218:9000';
let device = await getDevice();

let token = await
BackgroundGeolocation.findOrCreateTransistorAuthorizationToken(orgname, username, url);

BackgroundGeolocation.ready({
    ...
    params: BackgroundGeolocation.transistorTrackerParams(device),
    transistorAuthorizationToken: token,
})
christocracy commented 4 years ago

The whole idea behind TransistorAuthorizationToken is to encapsulate everything required to authorize with the demo server with one easy config option. params is no longer required.

You don't need to think about device or params.

chrisid commented 4 years ago

Removed params but still no luck, I see Bearer been passed but it's declined. This is my setup now, App and server sides: (running dev)

let orgname = 'christianpugliese';
let username = 'admin';
let url = 'http:/localhost:9000';
let token = await
BackgroundGeolocation.findOrCreateTransistorAuthorizationToken(orgname, username, url);
BackgroundGeolocation.ready({
    ...
    transistorAuthorizationToken: token,
})
GOOGLE_MAPS_API_KEY=AIzaS...n0A
DATABASE_URL=postgres://postgres:password@localhost:5432/geolocation
SHARED_DASHBOARD=0
ADMIN_TOKEN=admin
PASSWORD=admin