InternalOpenIDError: Failed to verify assertion

[magicmode]

I have been using this 'passport-steam' 2 month ago well, localhost and online Server.

today morning, I found this error in 'localhost'

$ npm run example

> [email protected] example C:\Users\TESTER\Documents\passport-steam-master
> node examples/signon/app.js

InternalOpenIDError: Failed to verify assertion
    at C:\Users\TESTER\Documents\passport-steam-master\node_modules\passport-openid\lib\passport-openid\strategy.js:184:36
    at C:\Users\TESTER\Documents\passport-steam-master\node_modules\openid\openid.js:981:12
    at C:\Users\TESTER\Documents\passport-steam-master\node_modules\openid\openid.js:1105:16
    at C:\Users\TESTER\Documents\passport-steam-master\node_modules\openid\openid.js:1212:14
    at Request._callback (C:\Users\TESTER\Documents\passport-steam-master\node_modules\openid\openid.js:242:7)
    at self.callback (C:\Users\TESTER\Documents\passport-steam-master\node_modules\request\request.js:188:22)
    at emitOne (events.js:96:13)
    at Request.emit (events.js:188:7)
    at Request.onRequestError (C:\Users\TESTER\Documents\passport-steam-master\node_modules\request\request.js:884:8)
    at emitOne (events.js:96:13)

'passport-steam' just run in online server, but 'localhost' is not.

I Don't know what happened. and This Test Code is Clean Code 'passport-steam' I just pull code, and edit 'api-key' , and npm run example..

Somebody can help solve this issue?

and my test enviroment

$ node -v
v6.11.3
package.js
"dependencies": {
"passport-openid": "^0.4.0",
"steam-web": "0.4.0"
},
"devDependencies": {
"ava": "^0.10.0",
"ejs": "^2.4.2",
"express": "^4.14.0",
"express-session": "^1.13.0",
"passport": "^0.3.2"
},

[Eqls]

Have you managed to solve this issue?

[0x346e3730]

Hello,

I'm facing the same issue in local as well.

InternalOpenIDError: Failed to verify assertion at /home/groston1/Bureau/express-vue-mvc-starter/node_modules/passport-openid/lib/passport-openid/strategy.js:184:36 at /home/groston1/Bureau/express-vue-mvc-starter/node_modules/passport-openid/node_modules/openid/openid.js:981:12 at /home/groston1/Bureau/express-vue-mvc-starter/node_modules/passport-openid/node_modules/openid/openid.js:1105:16 at /home/groston1/Bureau/express-vue-mvc-starter/node_modules/passport-openid/node_modules/openid/openid.js:1223:16 at Request._callback (/home/groston1/Bureau/express-vue-mvc-starter/node_modules/passport-openid/node_modules/openid/openid.js:244:7) at Request.self.callback (/home/groston1/Bureau/express-vue-mvc-starter/node_modules/request/request.js:186:22) at emitTwo (events.js:106:13) at Request.emit (events.js:191:7) at Request.<anonymous> (/home/groston1/Bureau/express-vue-mvc-starter/node_modules/request/request.js:1163:10) at emitOne (events.js:96:13)

Did not tried in remote yet.

[devlemire]

I have the same issue as well

[bdefore]

I've encountered this issue as well but strangely on one dev machine but not another, both running identical versions of:

• my project code
• passport-steam (1.0.1)
• node (12.16.3)
• yarn (1.22.4)

Other similarities, both are:

• Running an up to date Linux Manjaro
• Behind the same router, set to distinct static internal IPs.
• Run on port 8888 locally (using netlify-dev)
• Being opened in Chrome 83 on ChromeOS
• Do not block anything with adblockers

The only difference that I can discern between them is that the one that works has several ports forwarded to it in my router configuration and the other does not (well, cannot at the same time). Does passport-steam require further communication on port 80 during verification?

I'd keep digging turning off various ports in my router setup, but, I think I'll surrender and authenticate on the one that works when I need to be logged in, and hope it doesn't stop working in the future. Best of luck working around this frustrating issue.

[bdefore]

I believe I may have discovered the cause of this issue. Both of my dev machines were running Manjaro. I discovered that the succeeding dev machine had NTP active and the failing one did not. I am no longer able to reproduce the issue after enabling NTP on the one that used to fail.

You can test if NTP is active by running timedatctl. You can enable it via command line via timedatectl set-ntp true but there is also a GUI way here: https://wiki.manjaro.org/System_Maintenance#Time_and_Date. I'm not sure why this isn't enabled by default on Manjaro.

That this may boil down to a time mismatch may explain the difficulty in diagnosing the issue. I've had a similar problem with Google auth services.

[brndto]

Took me about 4 hours to figure out what I was doing wrong... posting here in this open issue in case it helps someone because I went through plenty of other issues with the same error which turned out to be unrelated to my own problem. In case anyone else is having issues figuring out the InternalOpenIDError: Failed to verify assertion error, check the URL via console.log(req.url, req.originalUrl) inside the return route as the OpenID error is usually appended to the end of the URL.

In my case I was attempting to use the same domain but on a different port for the realm URL compared to the return URL.

[switz]

does anyone know how to catch this error? it seems to return an error inside the openid library before it reaches my code.