Internal server error

[homerjam]

Following the steps in the video tutorial in the README (adding Authorisation header with bearer token) I get the following:

query MyQuery {
  viewer {
    id
  }
}

{
    "errors": [
        {
            "message": "Internal server error",
            "category": "internal",
            "locations": [
                {
                    "line": 2,
                    "column": 3
                }
            ],
            "path": [
                "viewer"
            ]
        }
    ],
    "data": {
        "viewer": null
    }
}

I'm not sure how to begin debugging this??

I'm using the latest versions of wp-graphql and wp-graphql-jwt-authentication.

Thanks, James

[jasonbahl]

@homerjam first thing to try is add define( 'GRAPHQL_DEBUG', true ); to your WordPress wp-config.php file. That will give you more explicit errors. Many times errors are masked as Internal Server Error for public users as they might leak sensitive implementation details.

Can you post the error you're seeing once you define GRAPHQL_DEBUG?

[homerjam]

Thanks Jason.

That gives the following:

{
"errors": [
{
"debugMessage": "You must be logged in to access viewer fields",
"message": "Internal server error",
"category": "internal",
"locations": [
{
"line": 2,
"column": 3
}
],
"path": [
"viewer"
]
}
],
"data": {
"viewer": null
}
}

curl --location --request POST 'http://localhost:8080/index.php?graphql'; \
--header 'Content-Type: application/json' \
--header 'Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwczpcL1wvbWFtYWdzdHVkaW9zLmNvbSIsImlhdCI6MTU3OTAxNjY0NCwibmJmIjoxNTc5MDE2NjQ0LCJleHAiOjE1NzkwMTY5NDQsImRhdGEiOnsidXNlciI6eyJpZCI6IjEifX19.CDMjzmLK-TO9tLpjk39TTVfbG0_LERdrWQxaZn397ZM' \
--data-raw '{"query":"query MyQuery {\n viewer {\n id\n }\n}\n","variables":{}}'

On 14 Jan 2020, 15:27 +0000, Jason Bahl notifications@github.com, wrote:

@homerjam first thing to try is add define( 'GRAPHQL_DEBUG', true ); to your WordPress wp-config.php file. That will give you more explicit errors. Many times errors are masked as Internal Server Error for public users as they might leak sensitive implementation details. Can you post the error you're seeing once you define GRAPHQL_DEBUG? — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or unsubscribe.

[jasonbahl]

@homerjam was that a fresh token? The authToken has a 5-minute expiration and needs to be refreshed regularly.

In the response headers for every authenticated request is another authToken, so you can use that to add another 5-minutes by replacing your existing authToken with the new one.

If it expires, you can use the refreshToken to get a new authToken.

If you don't think this is an expired token, there's a chance your server setup (nginx/apache) may need configured to allow Authorization headers to be passed through.

[homerjam]

Yep, that one was fresh and I've just tried again to double check.

The Authorization header is getting through - I've verified using PHP's getallheaders.

[jasonbahl]

@homerjam I wonder if it's because the token is coming from a different domain? 🤔

I'm seeing the token was issued by https://mamagstudios.com but according to your post you're trying to use it on http://localhost:8080

[homerjam]

Ah yes, it's a headless setup so the domains are different ie. in WP_HOME and WP_SITEURL

[jasonbahl]

@homerjam ah. This might be a bug then in WPGraphQL JWT Auth plugin. 🤔

[jasonbahl]

Try changing this line to site_url() https://github.com/wp-graphql/wp-graphql-jwt-authentication/blob/master/src/Auth.php#L150

[jasonbahl]

good catch! I think it's a very common case for folks to have WP_HOME and WP_SITEURL different, and I don't think I've tested that scenario enough. Most of the projects I was working on were on completely different domains so these issues weren't apparent for me.

[homerjam]

Hmm. Sadly no joy. I also tried changing the other iss check on line 565.

[jasonbahl]

Did you login and get new tokens after making that change?

[homerjam]

Yeah, ran the login mutation right?

eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJodHRwOlwvXC9sb2NhbGhvc3Q6ODA4MCIsImlhdCI6MTU3OTAyMTM1NCwibmJmIjoxNTc5MDIxMzU0LCJleHAiOjE1NzkwMjE2NTQsImRhdGEiOnsidXNlciI6eyJpZCI6IjEifX19.lqefacDwk_8b4f4Lxnk6b8-pDzamZBG0thFB7otNmpI

[jasonbahl]

Ok, I do see the issuer is now http://localhost:8080. Let me check some things. Give me a few moments.

Also would be happy to hop on a zoom / Google Hangout and work through this together

[flowoow]

try using 127.0.0.1 instead of localhost, had the same issue I believe.

[saleebm]

I'm getting the same result here with the message "You must be logged in to access viewer fields", strange because the X-JWT-Auth and X-JWT-Refresh are coming back.

-Edit- narrowed it down to a plugin conflict, if anyone else perhaps runs GiveWP, the donation plugin, line wp-content/plugins/give/includes/class-give-session.php:186 is somehow causing this issue. It seems that they add this filter if the user is not logged in, and even though this plugin for JWT auth adds a filter to determine_current_user in WordPress, it doesn't resolve the current user anyways from the authentication headers in time.

[robertvorthman]

I had the same issue until I deactivated plugins "The Events Calendar" and "Event Tickets".

[robertvorthman]

I moved define( 'GRAPHQL_JWT_AUTH_SECRET_KEY', '.....') from the bottom of my theme's functions.php to wp-config.php and now the error is gone even though I've reenabled both "The Events Calendar" and "Event Tickets".

[Mikethekidmyers]

Did this get resolved at any point? I'm struggling with the same issue on a page and setting the iss to site_url() didn't work sadly. The token got the correct iss (same as the back-end) but it still throws an error: invalid-jwt | The iss do not match with this server.

[TheSolamipe]

Help with this issue "No session Found" while using mutation