peburrows/goth

JWT ArgumentError (JOSE)

mthomps4 opened this issue · 4 comments

mthomps4 commented

Unsure what is missing here.
Looking for advice.

Deps

      {:goth, "~> 1.3-rc"},
      {:hackney, "~> 1.17"},
      {:google_api_compute, "~> 0.34.0"}

application.ex

  def start(_type, _args) do
    credentials =
      "GOOGLE_APPLICATION_CREDENTIALS_JSON"
      |> System.fetch_env!()
      |> Jason.decode!()

    source = {:service_account, credentials, []}
...
      {Goth, name: Toolbox.Goth, source: source}

Error Trace

** (Mix) Could not start application toolbox: Toolbox.Application.start(:normal, []) returned an error: shutdown: failed to start child: Goth.Server
    ** (EXIT) an exception was raised:
        ** (ArgumentError) argument error: [[], {:jose_jws, {:jose_jws_alg_rsa_pkcs1_v1_5, :RS256}, :undefined, %{"typ" => "JWT"}}, %{"aud" => "https://oauth2.googleapis.com/token,", "exp" => 1616384563, "iat" => 1616380963, "iss" => "name@appid.iam.gserviceaccount.com,", "scope" => "https://www.googleapis.com/auth/cloud-platform"}]
            (jose 1.11.1) src/jwt/jose_jwt.erl:184: :jose_jwt.sign/3
            (goth 1.3.0-rc.0) lib/goth/token.ex:200: Goth.Token.jwt/2
            (goth 1.3.0-rc.0) lib/goth/token.ex:149: Goth.Token.request/1
            (goth 1.3.0-rc.0) lib/goth/token.ex:109: Goth.Token.fetch/1
            (goth 1.3.0-rc.0) lib/goth/server.ex:49: Goth.Server.init/1
      ```
wojtekmach commented

Thanks for the report. I could reproduce this error by putting "private_key" => "bad" (or "") instead of a proper private key in the PEM format in my credentials. Could you double-check that your credentials are valid?

mthomps4 commented

Thanks for the quick response.

🤔
I took the JSON file and did a Node stringify
It looks ok at first, but on second glance the special characters may be throwing it off \ + \n

\"private_key\":\"-----BEGIN PRIVATE KEY-----\\\MIIEvg...+43\\\\asdf\n ....

Any info on how you got your creds to a full string for ENV?
Fairly certain that's it.

mthomps4 commented

Update:
Re-stringified.

Noticed that the line breaks had an extra \
find \\n replace with \n

Was able to run {:ok, token} = Goth.fetch(Toolbox.Goth) successfully! 🎉

  • 👍1
wojtekmach commented

Great, glad its fixed. Im gonna go ahead and close this but if folks keep running into this we can probably at least improve the error message.