Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Syntax Error When Getting Person Info in Sandbox Mode #29

Open
TamirShklaz opened this issue Dec 9, 2021 · 5 comments
Open

Syntax Error When Getting Person Info in Sandbox Mode #29

TamirShklaz opened this issue Dec 9, 2021 · 5 comments

Comments

@TamirShklaz
Copy link

TamirShklaz commented Dec 9, 2021
edited
Loading

The Error

Error verifying token from Myinfo {
  name: 'SyntaxError',
  message: 'Unexpected token \u0005 in JSON at position 0',
  stack: 'SyntaxError: Unexpected token \u0005 in JSON at position 0\n' +
    '    at JSON.parse (<anonymous>)\n' +
    '    at /Users/tamirshklaz/Documents/Programming/Strive/WhatsApp/community/node_modules/node-jose/lib/jws/verify.js:91:28\n' +
    '    at Array.map (<anonymous>)\n' +
    '    at JWSVerifier.value (/Users/tamirshklaz/Documents/Programming/Strive/WhatsApp/community/node_modules/node-jose/lib/jws/verify.js:88:25)\n' +
    '    at Object.<anonymous> (/Users/tamirshklaz/Documents/Programming/Strive/WhatsApp/community/node_modules/@govtechsg/singpass-myinfo-oidc-helper/dist/util/JweUtil.js:36:46)\n' +
    '    at Generator.next (<anonymous>)\n' +
    '    at fulfilled (/Users/tamirshklaz/Documents/Programming/Strive/WhatsApp/community/node_modules/@govtechsg/singpass-myinfo-oidc-helper/dist/util/JweUtil.js:5:58)\n' +
    '    at runMicrotasks (<anonymous>)\n' +
    '    at processTicksAndRejections (internal/process/task_queues.js:97:5)'
}

My Environment

I'm using the latest version of NextJS with node v14

I'm setting up the Helper like this

import {MyInfo} from "@govtechsg/singpass-myinfo-oidc-helper";

const fs = require('fs');

let privateKey = fs.readFileSync("./ssl/stg-demoapp-client-privatekey-2018.pem","utf8")
let publicKey = fs.readFileSync("./ssl/staging_myinfo_public_cert.cer","utf8")

export const helper = new MyInfo.Helper({
    clientID: "STG2-MYINFO-SELF-TEST",
    environment: "sandbox",
    singpassEserviceID: "STG2-MYINFO-SELF-TEST",
    clientSecret: "44d953c796cccebcec9bdc826852857ab412fbe2",
    keyToDecryptJWE: privateKey,
    certToVerifyJWS: publicKey,
    privateKeyToSignRequest:  privateKey,
    redirectUri: "http://localhost:3001/callback",
})

The error occurs when I call helper.getPerson()

import {helper} from "./utils";

export default async function getPerson(req, res) {
    const code = req.query.code;
    const token = await getToken(code)
    // Error occurs here
    const person = await helper.getPerson(`Bearer ${token.access_token}`, ["name","mobileno"])
    console.log("PERSON",person)
    res.status(200).json({person})

}


async function getToken(code: string) {
    let token = await helper.getToken(code)
    console.log("ACCESS TOKEN", token.access_token)
    return token
}
@dyihoon90
Copy link
Collaborator

dyihoon90 commented Dec 10, 2021
edited
Loading

const person = await helper.getPerson('Bearer ${token.access_token}', ["name","mobileno"])

Have you tried this without Bearer ?

@TamirShklaz
Copy link
Author

TamirShklaz commented Dec 10, 2021
edited
Loading

Thanks for the quick reply @dyihoon90, If I remove Bearer I get the following error

Requesting {
  method: 'get',
  url: 'https://sandbox.api.myinfo.gov.sg/gov/v3/person/S***1816A/'
}
Responded {
  method: 'get',
  url: 'https://sandbox.api.myinfo.gov.sg/gov/v3/person/S***1816A/'
}
Error verifying person data from Myinfo {
  name: 'Error',
  message: 'Algorithm not allowed: undefined',
  stack: 'Error: Algorithm not allowed: undefined\n' +
    '    at /Users/tamirshklaz/Documents/Programming/Strive/WhatsApp/community/node_modules/node-jose/lib/jwe/decrypt.js:141:37\n' +
    '    at processTicksAndRejections (internal/process/task_queues.js:97:5)\n' +
    '    at async Promise.all (index 0)'
}

I included bearer because in the documentation https://github.com/GovTechSG/singpass-myinfo-oidc-helper under "MyInfoRequest" it says to prefix the access token with Bearer. However, that isn't said for the MyInfoHelper, so not sure if it is needed or not.
image

@teriaiw
Copy link

teriaiw commented Dec 18, 2021

Hello, I am facing the same issue as well with the exact same errors.
error - Error: Algorithm not allowed: undefined

@dyihoon90
Copy link
Collaborator

sorry for the late reply. can provide the library version you all are using?

@Gyunikuchan
Copy link
Collaborator

Hey @TamirShklaz some observations from my end:

  1. The accessToken param should not include the "Bearer " prefix, I'll fix the doc accordingly to make it less confusing
  2. The Algorithm not allowed error seems to be coming from the decryption step

This seems to suggest either a faulty keyToDecryptJWE or you're getting an error response from Myinfo and that failed the decryption stage

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@Gyunikuchan @dyihoon90 @TamirShklaz @teriaiw