Nock: No match for request
codeinaire opened this issue · 6 comments
I'm not exactly sure what is going on, but I keep getting this error:
"Nock: No match for request {
\"method\": \"GET\",
\"url\": \"https://test-app.com/.well-known/jwks.json\",
\"headers\": {
\"host\": \"test-app.com\",
\"accept\": \"application/json\"
}
}"
This is how I'm using createJWKSMock in my tests:
process.env.JWKS_URI = 'https://test-app.com/.well-known/jwks.json';
const jwksMock = createJWKSMock('https://test-app.com/');
jwksMock.start();
const accessToken = jwksMock.token({
aud: [
'https://test-app.com/test/'
],
iss: 'https://test-app.com/',
sub: 'test-user',
scope: 'incorrect scope'
})
console.log('accessToken', accessToken);
const mockedEvent = customMockedEvent({
authorization: `Bearer ${accessToken}`
});
const authInstance = new Auth();
expect(authInstance.checkScopesAndResolve(mockedEvent, ['incorrect scope'])).resolves.toThrow('Error: You are not authorized!');
await jwksMock.stop();
And this is the auth method that is signing the key:
private async getSigningKey(keyId: string): Promise<string> {
console.log('testing');
const client = jwksClient({
cache: true,
rateLimit: true,
jwksRequestsPerMinute: 10,
jwksUri: process.env.JWKS_URI || ''
});
console.log('testing####', client);
const retrieveSigningKey = util.promisify(client.getSigningKey);
console.log('retrieveSigningKey####', retrieveSigningKey);
const retrievedKey = await retrieveSigningKey(keyId);
console.log('retrievedKey####', retrievedKey);
return (retrievedKey as jwksClient.CertSigningKey).publicKey ||
(retrievedKey as jwksClient.RsaSigningKey).rsaPublicKey;
}
I noticed in your examples that you have a server running, but I'm assuming I don't need that b/c I'm just wanting to test the Auth class. Would you have any idea what the issue could be?
I see a trailing "\" in the path. Please open a PR with a test that reproduces your issue if you want me to look into this. Also I think your test is pretty pointless. This library is to test an API that is secured with jtws. What is your usecase?
The Auth class is used to test the scope of those who have signed in via Auth0 in a React client. The token is sent to an Apollo lambda and passed into the Auth class where it decodes the token, gets the scopes, and test's if the user has the correct scope to call a particular resolver.
So, the test makes sense to me and seems appropriate. Does the use case sound appropriate to you?
What trailing "" are you referring to?
Updated my comment. Please add the test in a PR. If you are not able to open the PR please create a demo repository and share the link.
Also you should not recreate the JwksClient on every request. This will trigger a request to the key server on every request to your endpoint. You should create a singleton of the client. I guess it might even be possible to share the cache of several clients in several lambda functions via Redis but the singleton will at least make one lambda function reuse the cache on the second hit.
I don't think the trail "" has anything to do with the URL. I think it's just an escape character for the double quote.
I've created a repo with the minimum require to reproduce the error. Thanks for looking into it!
Thanks for the advice. I'm relatively new to using lambda's and haven't got my head completely around how to best architect them. Making a singleton of the client makes sense. I'd rather do that first than introduce Redis. I'm not familiar with that at all and don't want to add extra complexity for myself.
I'm thinking that I could do a check to see if the Auth instance has already been initialised and if it hasn't initialise it otherwise not. Also, I could use Object.freeze() to prevent further changes.