Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Large error from passportAuth redirect causes HTTP 431 error with no response body #2831

Open
justjake opened this issue Oct 9, 2021 · 1 comment
Labels
good first issue kind/bad-experience kind/bug status/ready-to-work-on
Projects

Comments

@justjake
Copy link

@justjake justjake commented Oct 9, 2021

What is the problem?

Tweet summary: https://twitter.com/jitl/status/1446848491452575746

Prisma's errors are very detailed and helpful, but if they end up in a query param - like for an OAuth error redirect - your app might not be able to actually render anything.

  • Probably passportAuth should truncate errors
  • But also Blitz should have a route or default error page for 431 errors, even if the pathname is too long

Paste all your error logs here:

PASTE_HERE (leave the ``` marks)

Paste all relevant code snippets here:

export default passportAuth({
  successRedirectUrl: "/",
  errorRedirectUrl: "/error",
  strategies: [
    {
      // rewrite of https://github.com/rat9615/passport-notion
      strategy: new NotionStrategy(
        {
          clientID: env("NOTION_CLIENT_ID"),
          clientSecret: env("NOTION_CLIENT_SECRET"),
          callbackURL: "http://localhost:3000/api/auth/notion/callback",
          getProfileURL: `${env("NOTION_BASE_URL")}/v1/users/me`,
          tokenURL: `${env("NOTION_BASE_URL")}/v1/oauth/token`,
          authorizationURL: `${env("NOTION_BASE_URL")}/v1/oauth/authorize?owner=user`,
        },
        async (_req, _accessToken, _unknown, fetchedOauthData, userProfileData, callback) => {
          try {
            const personUser = getPersonUser(userProfileData)
            const email = personUser.person.email

            const { name, avatar_url: avatarUrl } = personUser
            const oauthData = {
              ...fetchedOauthData,
              owner: JSON.stringify(fetchedOauthData.owner),
            }

            const user = await db.user.upsert({
              where: {
                email: personUser.person.email,
              },
              update: {
                name,
                email,
                avatarUrl,
                notionOAuthTokens: {
                  upsert: {
                    where: {
                      bot_id: oauthData.bot_id,
                    },
                    create: oauthData,
                    update: oauthData,
                  },
                },
              },
              create: {
                name,
                email,
                avatarUrl,
                notionOAuthTokens: {
                  create: oauthData,
                },
              },
            })

            callback(
              undefined,
              {
                publicData: {
                  userId: user.id,
                  role: "USER",
                },
              },
              undefined
            )
          } catch (error) {
            console.error("passportAuth verify error:", error)
            callback(error, false, undefined)
          }
        }
      ),
    },
  ],
})

What are detailed steps to reproduce this?

  1. Create a Passport auth
  2. In the verify callback, return an error with a very long message. It's easy to get Prisma to spit out a really long one inside a nested upsert.

Run blitz -v and paste the output here:

macOS Big Sur | darwin-x64 | Node: v12.21.0

blitz: 0.41.0 (global)
blitz: 0.41.0 (local)

  Package manager: yarn 
  System:
    OS: macOS 11.6
    CPU: (12) x64 Intel(R) Core(TM) i9-8950HK CPU @ 2.90GHz
    Memory: 13.53 GB / 32.00 GB
    Shell: 5.8 - /bin/zsh
  Binaries:
    Node: 12.21.0 - /usr/local/bin/node
    Yarn: 1.22.10 - /usr/local/bin/yarn
    npm: 7.20.6 - /usr/local/bin/npm
    Watchman: 2021.06.07.00 - /usr/local/bin/watchman
  npmPackages:
    @prisma/client: 3.2.1 => 3.2.1 
    blitz: 0.41.0 => 0.41.0 
    prisma: 3.2.1 => 3.2.1 
    react: alpha => 18.0.0-alpha-6ecad79cc-20211006 
    react-dom: alpha => 18.0.0-alpha-6ecad79cc-20211006 
    typescript: ~4.3 => 4.3.5 


Please include below any other applicable logs and screenshots that show your problem:

No response

@justjake justjake added kind/bug status/triage labels Oct 9, 2021
@blitzjs-bot blitzjs-bot added this to Triage in Dashboard Oct 9, 2021
@beerose
Copy link
Member

@beerose beerose commented Oct 11, 2021

@beerose beerose added the status/ready-to-work-on label Oct 11, 2021
@blitzjs-bot blitzjs-bot moved this from Triage to Ready to Work On in Dashboard Oct 11, 2021
@flybayer flybayer added the good first issue label Dec 2, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
good first issue kind/bad-experience kind/bug status/ready-to-work-on
Projects
Dashboard
Ready to Work On
Development

No branches or pull requests

4 participants