Comments (4)
I just had the exact same error reported here in my instance which is also behind a (corporate) forward proxy.
I was suspicious that the environment variables were not being utilized so I set NODE_DEBUG=https
and confirmed that the outgoing connection to my OIDC IDP issuer is not using the proxy which has been set.
I think this node-openid-client functionality might be relevant to getting this enabled in grist-core.
Perhaps adding something like the following into OIDCConfig.ts would do the trick:
import { ProxyAgent } from 'proxy-agent';
// The correct proxy `Agent` implementation to use will be determined
// via the `http_proxy` / `https_proxy` / `no_proxy` / etc. env vars
const agent = new ProxyAgent();
import { custom } from 'openid-client';
client[custom.http_options] = function (url, options) {
const result = {};
// use HTTP(S)_PROXY
// https://nodejs.org/api/http.html#httprequesturl-options-callback
// e.g. using https://www.npmjs.com/package/proxy-agent
result.agent = agent;
return result;
}
from grist-core.
Since nodejs/undici#2994 (undici is what node uses for its native fetch implementation) that may be changing.
Unfortunately, node-openid-client
uses directly the http
/ https
native module: https://nodejs.org/api/http.html
@fflorent what do you think of telling openid-client about that in the way @plimptm suggests?
That should be pretty much doable, and not very difficult. The harder would be to setup an environment for testing manually (or even better but even harder: setting up an integration test in the CI), that's the reason why I would not flag it good-first-issue
.
from grist-core.
Node has been a bit of an outlier in terms of support for proxy variables. Since nodejs/undici#2994 (undici is what node uses for its native fetch implementation) that may be changing. In the meantime, there is a proxyAgent(url)
method in app/server/lib/ProxyAgent.ts
that can give an agent consistent with other parts of Grist. @fflorent what do you think of telling openid-client
about that in the way @plimptm suggests?
from grist-core.
@fflorent I'm more than willing to help with testing code changes, both using my existing environment and hopefully coming up with a similar test environment.
I took a stab at implementing my own suggestion earlier and built a fresh docker image. It built and started up fine, but the timeout issue did not go away. I probably just didn't do it properly...admittedly my js skills are not the best.
Here is my diff, maybe something obvious will stand out:
diff --git a/app/server/lib/OIDCConfig.ts b/app/server/lib/OIDCConfig.ts
index 86f78bce..9f9e78ee 100644
--- a/app/server/lib/OIDCConfig.ts
+++ b/app/server/lib/OIDCConfig.ts
@@ -52,12 +52,13 @@
import * as express from 'express';
import { GristLoginSystem, GristServer } from './GristServer';
-import { Client, generators, Issuer, UserinfoResponse } from 'openid-client';
+import { Client, generators, Issuer, UserinfoResponse, custom } from 'openid-client';
import { Sessions } from './Sessions';
import log from 'app/server/lib/log';
import { appSettings } from './AppSettings';
import { RequestWithLogin } from './Authorizer';
import { UserProfile } from 'app/common/LoginSessionAPI';
+import { ProxyAgent } from 'proxy-agent';
const CALLBACK_URL = '/oauth2/callback';
@@ -121,6 +122,12 @@ export class OIDCConfig {
redirect_uris: [ this._redirectUrl ],
response_types: [ 'code' ],
});
+ this._client[custom.http_options] = function(url, options) {
+ // use HTTP(S)_PROXY env vars
+ // https://nodejs.org/api/http.html#httprequesturl-options-callback
+ const agent = new ProxyAgent();
+ return { agent };
+ }
if (this._client.issuer.metadata.end_session_endpoint === undefined &&
!this._endSessionEndpoint && !this._skipEndSessionEndpoint) {
throw new Error('The Identity provider does not propose end_session_endpoint. ' +
diff --git a/package.json b/package.json
index bbe1c5e5..c6d83c88 100644
--- a/package.json
+++ b/package.json
@@ -182,6 +182,7 @@
"popper-max-size-modifier": "0.2.0",
"popweasel": "0.1.20",
"prom-client": "14.2.0",
+ "proxy-agent": "6.4.0",
from grist-core.
Related Issues (20)
- Filtered Reference Column not showing all rows in dropdown
- Lists of RecordSets cannot be typed as Reference List HOT 1
- New setup [pyodide sandbox] = warn: Sandbox sending SIGKILL HOT 4
- User deletion API: confirm by giving user's email rather than by their name?
- Clean up code to handle enterprise toggle
- Provide UI for entering an activation key
- The enterprise toggle should be disabled for the grist-oss and grist-ee images HOT 1
- add tests for the enterprise toggle widget
- Trial period when enterprise is enabled should count from the moment enterprise was enabled, not when Grist was installed
- In Forms, selecting a reference from a long list (1000+) is not working HOT 1
- Is it possible to move focus to the column options with the keyboard? HOT 1
- Dark mode overrides choice text color
- Opening of .grist impossible Error: EPERM HOT 1
- Show images from URLs in table widgets HOT 1
- Add time column type HOT 4
- Add parquet format HOT 1
- Formatting in Grist Cells
- Blank values in matching columns of an imported CSV should always match and update existing records with same blank values HOT 1
- Huge sqlite database when writing via API calls HOT 9
- Cannot destructure property 'buildNameConfig' of 'e.FieldConfig' as it is undefined HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from grist-core.