⬆️ Use fetch instead of axios (second attempt)#1069
Merged
Conversation
Contributor
Author
rdubigny
force-pushed
the
use-fetch-in-hybridge-rie-second-attempt
branch
from
45640a7 to
a4e953e
Compare
rdubigny
force-pushed
the
use-fetch-in-hybridge-rie-second-attempt
branch
2 times, most recently
from
39a5a9f to
8d8f057
Compare
rdubigny
force-pushed
the
use-fetch-in-hybridge-rie-second-attempt
branch
from
8d8f057 to
55bf731
Compare
Contributor
Author
|
Note: Issue nodejs/undici#4774 has been fixed by nodejs/undici#4775 and landed in Undici 7.24.6. This version will land in Node.js v24.16 via nodejs/node#63263 around mid-May. |
rdubigny
force-pushed
the
use-fetch-in-hybridge-rie-second-attempt
branch
3 times, most recently
from
8a13db0 to
83016ee
Compare
rdubigny
requested review from
BenoitSerrano,
douglasduteil,
gdarquie and
jonathanperret
rdubigny
force-pushed
the
use-fetch-in-hybridge-rie-second-attempt
branch
from
83016ee to
9c12441
Compare
**Problem**
We want to remove `axios` to reduce the number of dependencies, which
will also reduce the attack surface. We also want to standardize our
practices by using `fetch` everywhere.
During the first attempt, we encountered an error in the production
Internet environment with the IdP `FIDGFiP-RIE`.
Here are the details of the error:
```
"type": "OidcClientTokenFailedException",
"method": "GET",
"path": "/api/v2/oidc-callback",
"idpLabel": "Agents de la DGFiP (Réseau Interministériel de l'État)",
"code": "Y020026",
"causes": [
{
"type": "ClientError",
"message": "parsing error occured",
"stack": [
"ClientError: parsing error occured",
" at e (file:///var/www/app/node_modules/openid-client/build/index.js:116:12)",
" at errorHandler (file:///var/www/app/node_modules/openid-client/build/index.js:137:23)",
" at authorizationCodeGrant (file:///var/www/app/node_modules/openid-client/build/index.js:991:9)",
" at process.processTicksAndRejections (node:internal/process/task_queues:103:5)",
" at async OidcClientService.getToken (/var/www/app/dist/instances/app/main.js:8291:22)",
" at async OidcClientController.getOidcCallback (/var/www/app/dist/instances/app/main.js:14396:50)"
]
},
{
"message": "failed to parse \"response\" body as JSON",
"stack": [
"OperationProcessingError: failed to parse \"response\" body as JSON",
" at OPE (file:///var/www/app/node_modules/oauth4webapi/build/index.js:116:12)",
" at getResponseJsonBody (file:///var/www/app/node_modules/oauth4webapi/build/index.js:2496:15)",
" at process.processTicksAndRejections (node:internal/process/task_queues:103:5)",
" at async processGenericAccessTokenResponse (file:///var/www/app/node_modules/oauth4webapi/build/index.js:1216:18)",
" at async processAuthorizationCodeOpenIDResponse (file:///var/www/app/node_modules/oauth4webapi/build/index.js:1417:20)",
" at async authorizationCodeGrant (file:///var/www/app/node_modules/openid-client/build/index.js:980:18)",
" at async OidcClientService.getToken (/var/www/app/dist/instances/app/main.js:8291:22)",
" at async OidcClientController.getOidcCallback (/var/www/app/dist/instances/app/main.js:14396:50)"
],
"type": "OperationProcessingError"
},
{
"message": "terminated",
"stack": [
"TypeError: terminated",
" at Fetch.onAborted (node:internal/deps/undici/undici:12707:53)",
" at Fetch.emit (node:events:508:28)",
" at Fetch.terminate (node:internal/deps/undici/undici:11866:14)",
" at Object.onError (node:internal/deps/undici/undici:12831:38)",
" at Gunzip.emit (node:events:520:35)",
" at emitErrorNT (node:internal/streams/destroy:170:8)",
" at emitErrorCloseNT (node:internal/streams/destroy:129:3)",
" at process.processTicksAndRejections (node:internal/process/task_queues:89:21)"
],
"type": "TypeError"
},
{
"message": "incorrect header check",
"stack": [
"Error: incorrect header check",
" at genericNodeError (node:internal/errors:985:15)",
" at wrappedFn (node:internal/errors:539:14)",
" at Zlib.zlibOnError [as onerror] (node:zlib:190:17)"
],
"type": "Error"
}
],
"message": "parsing error occured",
"idpLoginHintFqdn": "dgfip.finances.gouv.fr",
"levelNumber": 50,
"originalError": {
"name": "ClientError",
"code": "OAUTH_PARSE_ERROR"
},
"statusCode": 400,
"idpName": "FIDGFiP-RIE",
"stackTrace": [
"ClientError: parsing error occured",
" at e (file:///var/www/app/node_modules/openid-client/build/index.js:116:12)",
" at errorHandler (file:///var/www/app/node_modules/openid-client/build/index.js:137:23)",
" at authorizationCodeGrant (file:///var/www/app/node_modules/openid-client/build/index.js:991:9)",
" at process.processTicksAndRejections (node:internal/process/task_queues:103:5)",
" at async OidcClientService.getToken (/var/www/app/dist/instances/app/main.js:8291:22)",
" at async OidcClientController.getOidcCallback (/var/www/app/dist/instances/app/main.js:14396:50)",
"Error: parsing error occured",
" at OidcClientService.getToken (/var/www/app/dist/instances/app/main.js:8313:19)",
" at process.processTicksAndRejections (node:internal/process/task_queues:103:5)",
" at async OidcClientController.getOidcCallback (/var/www/app/dist/instances/app/main.js:14396:50)"
],
"level": "error",
"id": "a47bab91-5c43-47ab-a620-f44b867287cc",
```
**Proposal**
Replace `axios` with `fetch`.
**TODO**
Investigate and fix the issue with the `FIDGFiP-RIE` IdP.
rdubigny
force-pushed
the
use-fetch-in-hybridge-rie-second-attempt
branch
from
9c12441 to
790d7c9
Compare
Contributor
Author
|
We deployed this PR for one hour and did not see any specific error with the FIDGFiP-RIE IdP. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
We want to remove
axiosto reduce the number of dependencies, which will also reduce the attack surface. We also want to standardize our practices by usingfetcheverywhere.During the first attempt, we encountered an error in the production Internet environment with the IdP
FIDGFiP-RIE.Here are the details of the error:
Proposal
Replace
axioswithfetch.Deploy the hyyyperbridge consumer to the production environment on nubo01,
without merging it to main, to observe how it behaves with the
FIDGFiP-RIEIdP.