google-oauth-jwt
google-oauth-jwt copied to clipboard
extrabacon
Unresponsive after some time
Hi,
I am running into an issue and seeking some help here. I am able to authenticate successfully and talk to google APIs (calendar v3 apis). But after 2-3 days things stop working. Request to google APIs never finishes and it just keeps waiting.
But if I restart my node server, everything is back to normal and I start getting response from google APIs, but it starts to hang after 2-3 days again (unless I restart my node server).
Any clue on how to fix it ? Does it has to do with token getting expired after few days and somehow restarting the server fixes it ?
Here is the code to talk to google apis:
var googleAuth = require('google-oauth-jwt');
var request = googleAuth.requestWithJWT();
var url = 'https://www.googleapis.com/calendar/v3/calendars/{cal_id}/events';
request({
url: url,
jwt: {
email: '{SERVICE_ACCOUNT_EMAIL}.gserviceaccount.com',
keyFile: 'google-api-key.pem',
scopes: ['https://www.googleapis.com/auth/calendar.readonly']
}
}, function (err, res, body) {
// Handle response
});
I doubt it would be token expiration, as the default and maximum expiration duration is 1 hour (though the documentation confirming this has disappeared). You should experience multiple refresh cycles in a 2-3 days period.
If you think the module could be the cause, you can try setting the DEBUG variable to "google-oauth-jwt". With this, all authentication calls will be logged so you can diagnose a bit further.
Example:
DEBUG=google-oauth-jwt node myapp.js
It is definitely more than an hour but I found today that it is less than 20 hours too. I will try setting the debug variable.
But this is what documentation of google-oauth-jwt says:
The application requests a token that can be used for authentication in exchange with a valid JWT. The resulting token can then be used for multiple API calls, until it expires and a new token must be obtained by submitting another JWT
Does it not obtain new token automatically ? I am using requestWithJWT request object. And if it doesn't obtain new token automatically, why does server restart help ?
I have restarted the server with debug log enabled. I see that JWT token is requested only for the first request, after that it is reused. Token's TTL is 1 hour, and after that I think it is not requested again.
Looks like here is the problem: https://github.com/extrabacon/google-oauth-jwt/blob/master/lib/token-cache.js#L27
Token is requested only if it hasn't been requested yet for the given email id. After that, it is always used from the cache without checking TTL.
If you agree, can you please fix it, I can send a PR too if that works.
After inspecting more, I find that there is code to handle expired token and request new one. In my debug logs, I see that after one hour, token is refreshed.
google-oauth-jwt token is expired, a new token will be requested +1h
google-oauth-jwt generating jwt for {email_id}
I am going to keep an eye on why after a day or two it stops working.
Token is refreshed automatically when you use the request helper or the TokenCache. Also, this module is being used in production by some of my projects of a couple of years now. It's definitely not perfect (I was still a Node apprentice at the time), but token refresh should work as expected.
If you find an issue, I will gladly help.
I have a solution for this issue. Land here from google-play-billing-validator dependency it was a long road to resolve the problem. https://github.com/extrabacon/google-oauth-jwt/pull/36
