Comments (3)
RyanFrantz
commented on August 17, 2024
I'm experiencing a similar issue, using openid-client in a Deno Fresh route (my OIDC callback endpoint):
An error occurred during route handling or page rendering.
13 | return jwk.d
14 | ? (0, crypto_1.createPrivateKey)({ format: 'jwk', key: jwk })
> 15 | : (0, crypto_1.createPublicKey)({ format: 'jwk', key: jwk });
| ^
16 | }
17 | switch (jwk.kty) {
18 | case 'oct': {
TypeError: Invalid key type
at prepareAsymmetricKey (ext:deno_node/internal/crypto/keys.ts:96:13)
at createPublicKey (ext:deno_node/internal/crypto/keys.ts:114:34)
at parse (file:///Users/rfrantz/salt-api-tokens/node_modules/.deno/[email protected]/node_modules/jose/dist/node/cjs/runtime/jwk_to_key.js:15:44)
at Object.importJWK (file:///Users/rfrantz/salt-api-tokens/node_modules/.deno/[email protected]/node_modules/jose/dist/node/cjs/key/import.js:52:48)
at Object.keyObject (file:///Users/rfrantz/salt-api-tokens/node_modules/.deno/[email protected]/node_modules/openid-client/lib/helpers/keystore.js:243:40)
at Client.validateJWT (file:///Users/rfrantz/salt-api-tokens/node_modules/.deno/[email protected]/node_modules/openid-client/lib/client.js:1071:73)
at Object.runMicrotasks (ext:core/01_core.js:642:26)
at processTicksAndRejections (ext:deno_node/_next_tick.ts:53:10)
at runNextTicks (ext:deno_node/_next_tick.ts:71:3)
at eventLoopTick (ext:core/01_core.js:175:21)
My callback endpoint:
import { Handlers } from "$fresh/server.ts";
import { Issuer } from 'npm:openid-client';
const issuerUrl = 'https://keycloaktest.example.com/auth/realms/foo';
const keycloakIssuer = await Issuer.discover(issuerUrl);
const redirectUri = 'http://localhost:8000/authncb';
const client = new keycloakIssuer.Client({
client_id: 'myclient',
client_secret: '1234',
redirect_uris: [redirectUri],
response_types: ['code'],
});
export const handler: Handlers = {
async GET(req, _ctx) {
// Parse the query parameters sent from the authorization server, to be
// used when processing the code exchange.
const cbParams = client.callbackParams(req);
const checks = {"state": "secret-state-value"};
// This call to .callback() triggers the error above.
const tokenSet = await client.callback(redirectUri, cbParams, checks);
return new Response(); // Simple, empty response, for now.
},
};
Deno version:
β― deno --version
deno 1.44.4 (release, aarch64-apple-darwin)
v8 12.6.228.9
typescript 5.4.5from deno.
RyanFrantz
commented on August 17, 2024
The value of the jwk object:
{
"kid": "lMzPx5WmuRT1nfrylqjO0pNOFzqz-RgLBZUhGrh5YmI",
"kty": "RSA",
"alg": "RS256",
"use": "sig",
"n": "m4iarC5I4LWgOoGKNZV_0GsHNddHYLCH80zw2um-cVHqIJ3BSamDI_9rtljZ5prq_SBy5oM85LbGQHdVLhnjMT4PfHGBHDm2qpzoOPBZbjk-j6tieMWOiLe0QMIeUUfHwJZmkNvPSjjPnZzTwXklt5VYSWpDNcVdGYXLMH7u2VhShUROD-2m2RzFVUF-CHT1AN0sSFrGjm3XPDu1OyR_NZjDOlw6bTcWJi8AsFwFln9xNU_K5P_rvRznUortvOYeOjCMukUUgkU0It2Z1MTQc864GY-DgLyBMnKSqwJ8ioKshhlLodfmBmMZzl1fqwT2fEHFbZOUN8AIA2iVbEhOkQ",
"e": "AQAB",
"x5c": [
"MIICpzCCAY8CBgGQbz6R1DANBgkqhkiG9w0BAQsFADAXMRUwEwYDVQQDDAxFUy1TYWx0c3RhY2swHhcNMjQwNzAxMTY1OTQ5WhcNMzQwNzAxMTcwMTI5WjAXMRUwEwYDVQQDDAxFUy1TYWx0c3RhY2swggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCbiJqsLkjgtaA6gYo1lX/Qawc110dgsIfzTPDa6b5xUeogncFJqYMj/2u2WNnmmur9IHLmgzzktsZAd1UuGeMxPg98cYEcObaqnOg48FluOT6Pq2J4xY6It7RAwh5RR8fAlmaQ289KOM+dnNPBeSW3lVhJakM1xV0Zhcswfu7ZWFKFRE4P7abZHMVVQX4IdPUA3SxIWsaObdc8O7U7JH81mMM6XDptNxYmLwCwXAWWf3E1T8rk/+u9HOdSiu285h46MIy6RRSCRTQi3ZnUxNBzzrgZj4OAvIEycpKrAnyKgqyGGUuh1+YGYxnOXV+rBPZ8QcVtk5Q3wAgDaJVsSE6RAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAB6jPGwfMnqHOJL5Bga0Yz5VKtOnJcABjSNewoQSWwIOLIRxdm1pEcpYK4yxx2InhJhdUMKvHs0iNHYsnwKL9e8oGsJFUKN2/LKCeuB4J55X3qoa8iF9Sslr/SsjFrQH3DVym7Egca6+ze7j+fll/yTNF93OFB3PufGD5kJMyhgjElN6vd48qehT3lYpGqZJo/SeIXVIIk8W3ZfXVhLQtukeKzXr/rmB+mS7hYjBBKzATLl8Pn5MzsxYkUvwUpaejOyIfAHRQMuZZQdVWtn1tiRG4AdJsGc60x//WRyWjibld/LM9oIJ7n0PYCwULoAQTNrQJTo42EvPHiF8hyM0bB8="
],
"x5t": "9Asesbt34tXNfBcEwV5fUe1fCTU",
"x5t#S256": "Q8u2rgvkQ8QNIJJDRMFQCJQV9NKAyDBsTQC293BugzM"
}from deno.
RyanFrantz
commented on August 17, 2024
I'm looking at prepareAsymmetricKey (ext:deno_node/internal/crypto/keys.ts:93) since that conditional gets hit before the exception is thrown. The key parameter passed into prepareAsymmetricKey() is {format: 'jwk', key: {...}}. The value of that nested key is what you see in my previous comment. This code has me hung up, though:
93: } else if (typeof key == "object") {
94: const { key: data, encoding, format, type } = key;
95: if (!isStringOrBuffer(data)) {
96: throw new TypeError("Invalid key type");
97: }
Specifically, line 94, where the key argument is destructured into another object with a key of key. Where did data come from? Is that an implicit way to access key.key from the parameter passed into prepareAsymmetricKey()? I've not seen syntax like that before.
In any case, because data is also an object (whose contents are what's in my previous comment), it fails the test for stringiness.
from deno.
Related Issues (20)
- jsxImportSource freezes lsp when not in workspace
- Cannot use jsr.json as workspace member outside deno publish HOT 7
- 'main' panicked HOT 1
- Support bare specifiers for npm package members in a workspace
- bug(net): http2 protocol error since deno 1.45
- Bug: Command `deno add` logs error for JSR package without default export
- Bug: LSP errors in VSCode opening built-in Typescript/Deno `d.ts` files HOT 1
- Publishing JSR pkg that resolves to npm workspace member that's a JSR dep should error?
- deno compile: node addons gets error `missing symbol called`
- Compilation error during cargo install HOT 4
- `node:tty` -> N.WriteStream.prototype.hasColors is not a function
- File with just `+` does not report syntax error HOT 3
- Websocket behaviour change since 1.44.3 HOT 4
- No way to specify specific abstract socket name with `--allow-read/write`.
- Import error on startup when a Fresh project is a workspace member HOT 3
- Non-zero exit code in a test case causes the test to fail since 1.44.0
- `deno test --watch` should always print the full test output HOT 2
- Deno tries to import "node:process" when a module references the global "process" (in browser) HOT 1
- proposal: add `Deno.ConfigFile` HOT 4
- βclient error (SendRequest)β when fetching certain https URLs over proxy HOT 7
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from deno.