What could be the root cause behind the error encountered while trying to authenticate a JWT?

I've been working on integrating a Google OAuth login feature. Once the user successfully logs in with their Google account, a JWT token is sent to this endpoint on my Express server, where it is then decoded using jsonwebtoken:

app.post('/login/google', express.urlencoded(), async(request, response, next) => {
    try {
        console.log(`${request.method} ${request.url} was called.`);
        let token: string = request.body.credential;
        let decoded = jwt.verify(token, Globals.GoogleSecret, { algorithms: ['RS256'], ignoreExpiration: false });
        response.sendStatus(200);
    }
    catch (error) {
        next(error);
    }
});

The decoded token extracted from the request body appears valid (I even checked it on jwt.io).

The error being caught states:

code: 'ERR_OSSL_PEM_NO_START_LINE'
function: 'get_name'
library: 'PEM routines'
reason: 'no start line'
message: 'error:0909006C:PEM routines:get_name:no start line'

Can someone provide insight into what might be causing this issue and how to resolve it?

Some additional information for clarity:

  • Globals.GoogleSecret is a string set as the Client secret value found under my OAuth 2.0 Client ID Credential in the API Console.
  • I have an Angular web app accessible at http://localhost:4200/.
  • This app sends the Google OAuth credentials to the Express server using 
    data-login_uri="http://localhost:1337/login/google"
    .
  • The development environment is Windows-based, coding done in VSCode.
javascripttypescriptexpressoauthjwt

Answer №1

After some troubleshooting, I managed to get everything working smoothly. Encountering this particular issue really made me rethink my approach. It turned out that the problem stemmed from using the incorrect key. When navigating to the Credentials section in the API Console, you'll notice a small icon located on the right side of your OAuth 2.0 Client ID credentials with a tooltip that reads, Download OAuth client. Upon clicking and examining the JSON file, you'll come across this specific line:

"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",

By visiting the provided URL, you'll be met with a JSON payload containing multiple certificates. Only one will work correctly for decoding and verifying the JWT, so it's essential to test each one until you find the right match. Additionally, I had to adjust the text format of the certificate for the verify function as shown below:

let certificate: string = `-----BEGIN CERTIFICATE-----
MIIDJjCCAg6gAwIBAgIId3xPl4cPKh0wDQYJKoZIhvcNAQEFBQAwNjE0MDIGA1UE
AwwrZmVkZXJhdGVkLXNpZ25vbi5zeXN0ZW0uZ3NlcnZpY2VhY2NvdW50LmNvbTAe
Fw0yMjA2MjQxNTIxNTlaFw0yMjA3MTEwMzM2NTlaMDYxNDAyBgNVBAMMK2ZlZGVy
YXRlZC1zaWdub24uc3lzdGVtLmdzZXJ2aWNlYWNjb3VudC5jb20wggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDLFEiG1xHTWjedvqFec+PVTYVs2Do2gvYo
aQkYHlAtYxXuox3G8f+g6w/+yrvUSc1fOeZRzsW8r1F+hDHLUkYUzqArOQj7CpfA
VWGkLNapbWlxzOgnw5Ne2bWW1Y7rcoXKHY2knooU5Uiceo2g/z9BbAITX+p8RCvJ
6yG/mEE8aC7d7oO4P1LMnSFMYeuKdsRHx3GasZwGup7K+ox0PECKxho/E0Q4BOFI
igaTkm5D10dZC1hkp+jL293SRUWfIemyzemATDiufR5+v8aa8XlX8kasyQ5omynw
3+qm6da0f8Dteg+uMjDYDY1T9k56+3Tt/MpmPCzV3QceaccDs9azAgMBAAGjODA2
MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgeAMBYGA1UdJQEB/wQMMAoGCCsG
AQUFBwMCMA0GCSqGSIb3DQEBBQUAA4IBAQBUYM/QEuMEjqq/NHtd6w5tOL8FOkat
+2d3txRwIhDWaMOyDeM53Tufp1yhRpp3K46NnTkZRE6h4mGN7VPJWSED6s1FQGxA
2C6WkjnDshNxVzOh8+eZt3l8/gfzaR6lfMNH6NYoInl22GoS/46XRE3qY7RO9uVk
j8Uou1L6YdOPFA9buTjLHbJViGpz2vTt67C6ZMRC/exWINs8914buqXH2T99xJJM
T1FVInIpj+AROcjCnONerT/M0hrhTqGZy0WHsEXy7fZX/8EsJ79LXHkcR/tooO1s
ygZ79Xxy/2JDCH3QouXQJOs8iV697+3macsmzm9g/xBKXyllkEq3Q1xh
-----END CERTIFICATE-----`;

The critical step here is to replace all instances of the \n characters with actual newlines. Note that I used backtick template literals ` specifically for this purpose. Furthermore, make sure to eliminate any unnecessary whitespace within the literal, especially if you're copying and pasting the certificate into a code editor. Finally, after making these adjustments, I successfully utilized the following snippet to decode the JWT:

let decoded = jwt.verify(token, certificate, { algorithms: ['RS256'], ignoreExpiration: false });

While I'm unsure if this method is ideal due to my reservations about pinned certificates, it appears to be relatively effective. If you have insights or alternative approaches to share, please don't hesitate to provide feedback either in the comments below or by posting an answer.

Similar questions

If you have not found the answer to your question or you are interested in this topic, then look at other similar questions below or use the search

Utilizing JQuery for retrieving a filename

I have a unique file upload button on my website. To provide the user with visual feedback about their chosen file, I modify the html of a div to display the file name. My jquery code is as follows: $("input[type=file]").change(function() { var filen ...

javascriptjquery

Utilize Angular's Reactive Form feature to track changes in Form Control instances within a Form Array and calculate the total value dynamically

I am currently utilizing Angular Reactive Forms to loop through an array of values and I want to include a total field after the Form Array that automatically updates whenever there are changes in the Form Array control values. Here is some sample data: ...

angulartypescriptsubscriptionangular-reactive-formsformarray

Refreshing JWT Authentication in Angular

I am currently following a tutorial on Egghead.io, which can be found here. However, I am adding a MongoDB to fetch my users which is causing me some issues. I have managed to get everything working except for the part where it mentions that the /me route ...

javascriptangularjsnode.jsmongodbexpress

Import the JSON data into the designated storage unit

$(".btn-primary").click(function(){ runSuccessFunction(jsonObj); }); If I need to update the JSON data in the JSFiddle Code example, how can I reload only the container by clicking a button? I want to run the code every time I make a change to the J ...

javascriptjsonhtml

Is there a way to incorporate the 'window' into middleware when using Express?

I am using middleware to retrieve data from a cookie with the help of vue-cookies. try { if (window.$cookies.get('region')) { res.setHeader('Set-Cookie', [ `region=${window.$cookies.get('region')};pat ...

javascriptvue.jsexpresscookiesvue-cookies

The Angular 11 library module has been successfully imported into the consuming app but it is not being utilized

Currently, I am in the process of creating an Angular library that will encompass services, pipes, and directives to be utilized across various Angular projects within my organization. At this point, I have successfully implemented three services within th ...

angulartypescriptangular-library

What is the best way to change an object into a string in node.js?

Recently, I've delved into the world of node js and I'm eager to create a basic coap client and server using this technology. Successfully, I managed to set up a server hosting a text file, but now I aim to access it from the client. var coap = ...

javascriptnode.jsclient-server

Is it possible to employ a jQuery handler as the selector for the .on() method?

Can a jQuery handler $(...) be used as the selector for .on()? The code snippet below illustrates this: how can I change the circle's color to blue without having a plain text representation of my selector, but still using a handler? // This works. ...

javascriptjquery

angularjs code to dynamically change the selected index of an option in a document

This code snippet demonstrates how to achieve this functionality using pure JavaScript: document.getElementById("mySelect").selectedIndex = "0" <select class="selectpicker" id="mySelect"> <option>English &nbsp;</option> < ...

javascriptangularjs

Secure your TypeScript code by encapsulating it with protection mechanisms and distribute

Currently in the process of constructing an internal TypeScript "library" using webpack 1.14. I've set up an npm package and have it published on a private feed, which is working smoothly (able to utilize classes and interfaces from the library in o ...

typescriptnpmwebpack

Every page on Nextjs displaying identical content across all routes

I recently deployed a Next.js app using docker on AWS infrastructure. While the index page (/) loads correctly, I've noticed that the content of the index is also being loaded for every other route, including api routes, as well as the JavaScript and ...

javascriptamazon-web-servicesdockernext.jsdockerfile

Issue with decorators not functioning in the latest alpha version of Sequelize v7

As I was exploring sequelize v7 (alpha), I encountered multiple errors when trying out basic examples directly from their documentation. For instance, taken straight from the official documentation import { Sequelize, DataTypes, Model, InferAttributes, Inf ...

mysqlnode.jstypescriptsequelize.js

When using react-admin with TypeScript, it is not possible to treat a namespace as a type

Encountering issues while adding files from the react-admin example demo, facing some errors: 'Cannot use namespace 'FilterProps' as a type.' Snippet of code: https://github.com/marmelab/react-admin/blob/master/examples/demo/src/orde ...

typescriptreact-admin

Tips for maintaining the selected radio button state after refreshing the JSP page: Ensuring that the radio button remains selected

I need help with refreshing a page after clicking on one of two radio buttons. I've tried multiple solutions but haven't been successful so far. Can someone assist me? <script> $(document).ready(function() { $(document).on('c ...

javascriptjqueryhtmlspring

Troubleshooting Problem with Retrieving Files Using jQuery Ajax

I am attempting to use ajax to retrieve the contents of a file, but it doesn't seem to be functioning properly. I'm not sure why this is happening, as I have copied the same code from the examples on w3schools.com. $().ready(function(){ ...

javascriptjqueryajaxfile

When trying to set up Plaiceholder in a Next.js/Webpack 5 environment, you may encounter the following issue: "Error: Module not found - Can't resolve 'child_process

While working on my Next.js application, I encountered an issue after installing/importing Plaiceholder for generating placeholder images. The error message I received is: Module not found: Can't resolve 'child_process' Node version: 14.18. ...

javascriptwebpacknext.jsserver-side-rendering

Is it possible to reveal a concealed element or modify the functionality of a hyperlink?

I have a link in the navigation that includes an animated icon of a + turning into an x. When the icon is in the x state, I want users to be able to close it by clicking on the icon or text. However, I am unsure of the best way to approach this. One op ...

javascriptangularjsangular-ui-router

Using JavaScript to assign one object to another object

I am facing an issue where I am trying to assign the local variable UgcItems to uploadedItems, but when I attempt to return the value, it shows as undefined. If I place the console.log inside the .getJSON function, then I get the expected value. However, t ...

javascriptjquery

Developing single-page application frontends without utilizing node or npm

As a backend java developer with experience in spring boot, I am now exploring the world of single page applications. One aspect that appeals to me about SPA frameworks, particularly Vue, is things like model-binding and the use of components and template ...

javascriptjavanode.jsspring-bootnpm

Detecting Specific Web Browsers on My Website: What's the Best Approach?

My website is experiencing compatibility issues with certain browsers, such as Firefox. I want to display a message when users visit the webpage using an unsupported browser, similar to how http://species-in-pieces.com shows a notification saying "Works ...

javascripthtmlcss