Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix mangling responses #25

Merged
merged 1 commit into from
Jan 5, 2024
Merged

Fix mangling responses #25

merged 1 commit into from
Jan 5, 2024

Conversation

aklarfeld
Copy link
Contributor

@aklarfeld aklarfeld commented Jan 5, 2024
edited
Loading

For some reason, the responses from the google auth API are getting mangled by the Supergood client. I think it has something to do with the responses getting written at the same time. This was causing our own login to fail when we were running the node client on our own instance.

I looked back at the original mswjs interceptor code and noticed that they were cloning the incoming messages so they didn't step on each other:

https://github.com/mswjs/interceptors/blob/122a6533ce57d551dc3b59b3bb43a39026989b70/src/interceptors/ClientRequest/NodeClientRequest.ts#L368

I also noticed we were emitting the same response twice, as on line 125. We had been noticing duplicate events coming through our system and weren't exactly sure where they were coming from. This might be the culprit.

I'm not exactly sure why the responses are getting mangled by Supergood, but cloning them seems to have mitigated the problem.

When I say mangling responses, this is the response passed in when Supergood isn't enabled:

'{\n' +
    ' "issuer": "https://accounts.google.com",\n' +
    ' "authorization_endpoint": "https://accounts.google.com/o/oauth2/v2/auth",\n' +
    ' "device_authorization_endpoint": "https://oauth2.googleapis.com/device/code",\n' +
    ' "token_endpoint": "https://oauth2.googleapis.com/token",\n' +
    ' "userinfo_endpoint": "https://openidconnect.googleapis.com/v1/userinfo",\n' +
    ' "revocation_endpoint": "https://oauth2.googleapis.com/revoke",\n' +
    ' "jwks_uri": "https://www.googleapis.com/oauth2/v3/certs",\n' +
    ' "response_types_supported": [\n' +
    '  "code",\n' +
    '  "token",\n' +
    '  "id_token",\n' +
    '  "code token",\n' +
    '  "code id_token",\n' +
    '  "token id_token",\n' +
    '  "code token id_token",\n' +
    '  "none"\n' +
    ' ],\n' +
    ' "subject_types_supported": [\n' +
    '  "public"\n' +
    ' ],\n' +
    ' "id_token_signing_alg_values_supported": [\n' +
    '  "RS256"\n' +
    ' ],\n' +
    ' "scopes_supported": [\n' +
    '  "openid",\n' +
    '  "email",\n' +
    '  "profile"\n' +
    ' ],\n' +
    ' "token_endpoint_auth_methods_supported": [\n' +
    '  "client_secret_post",\n' +
    '  "client_secret_basic"\n' +
    ' ],\n' +
    ' "claims_supported": [\n' +
    '  "aud",\n' +
    '  "email",\n' +
    '  "email_verified",\n' +
    '  "exp",\n' +
    '  "family_name",\n' +
    '  "given_name",\n' +
    '  "iat",\n' +
    '  "iss",\n' +
    '  "locale",\n' +
    '  "name",\n' +
    '  "picture",\n' +
    '  "sub"\n' +
    ' ],\n' +
    ' "code_challenge_methods_supported": [\n' +
    '  "plain",\n' +
    '  "S256"\n' +
    ' ],\n' +
    ' "grant_types_supported": [\n' +
    '  "authorization_code",\n' +
    '  "refresh_token",\n' +
    '  "urn:ietf:params:oauth:grant-type:device_code",\n' +
    '  "urn:ietf:params:oauth:grant-type:jwt-bearer"\n' +
    ' ]\n' +
    '}\n'
    ```
    
    and this is the mangled response passed back when supergood WAS enabled:
    
    ```
    'de token",\n' +
    '  "code id_token",\n' +
    '  "token id_token",\n' +
    '  "code token id_token",\n' +
    '  "none"\n' +
    ' ],\n' +
    ' "subject_types_supported": [\n' +
    '  "public"\n' +
    ' ],\n' +
    ' "id_token_signing_alg_values_supported": [\n' +
    '  "RS256"\n' +
    ' ],\n' +
    ' "scopes_supported": [\n' +
    '  "openid",\n' +
    '  "email",\n' +
    '  "profile"\n' +
    ' ],\n' +
    ' "token_endpoint_auth_methods_supported": [\n' +
    '  "client_secret_post",\n' +
    '  "client_secret_basic"\n' +
    ' ],\n' +
    ' "claims_supported": [\n' +
    '  "aud",\n' +
    '  "email",\n' +
    '  "email_verified",\n' +
    '  "exp",\n' +
    '  "family_name",\n' +
    '  "given_name",\n' +
    '  "iat",\n' +
    '  "iss",\n' +
    '  "locale",\n' +
    '  "name",\n' +
    '  "picture",\n' +
    '  "sub"\n' +
    ' ],\n' +
    ' "code_challenge_methods_supported": [\n' +
    '  "plain",\n' +
    '  "S256"\n' +
    ' ],\n' +
    ' "grant_types_supported": [\n' +
    '  "authorization_code",\n' +
    '  "refresh_token",\n' +
    '  "urn:ietf:params:oauth:grant-type:device_code",\n' +
    '  "urn:ietf:params:oauth:grant-type:jwt-bearer"\n' +
    ' ]\n' +
    '}\n'
    ```
    
    as you can see the string returned cuts off for some reason

@aklarfeld aklarfeld merged commit 3ee2e71 into master Jan 5, 2024
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@zbenamram zbenamram zbenamram approved these changes

@kurpav kurpav Awaiting requested review from kurpav

@stevenbunting stevenbunting Awaiting requested review from stevenbunting

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@aklarfeld @zbenamram