validateIdToken fails on new version

[shaun-pendrigh]

Since upgrading from 4.0.0 to 4.1.2, validateIdToken fails with the following message:

SyntaxError: Unexpected token u in JSON at position 0
    at JSON.parse (<anonymous>)
    at C:\Users\SPendrigh\Documents\Development\Officejs\sample\node_modules\intuit-oauth\src\OAuthClient.js:479:33
    at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
    at async C:\Users\SPendrigh\Documents\Development\Officejs\sample\app.js:78:7
    at async C:\Users\SPendrigh\Documents\Development\Officejs\sample\app.js:73:3 {
  error: 'Unexpected token u in JSON at position 0',
  authResponse: '',
  intuit_tid: '',
  originalMessage: 'Unexpected token u in JSON at position 0',
  error_description: ''

I modified the sample program to add the OAuthClient.scopes.OpenId, OAuthClient.scopes.Profile, OAuthClient.scopes.Email scopes and added a call to validateIdToken after the createToken call and recreated the error.

I then forced the intuit-oauth version back to 4.0.0 and ran it again and it worked as expected, confirming it is an issue in the new version.

[rajeshgupta723]

Hi @shaun-pendrigh Thanks, will look into the issue. In the meantime, please feel free to raise a PR for the fix.

[rajeshgupta723]

Hi @shaun-pendrigh Created a new branch release-4.1.3 and this PR: #174 to fix the issue. Please test your use case in this new branch. If all looks good, will merge this PR into master and will release this change. Thanks.

[shaun-pendrigh]

Thanks @rajeshgupta723, will do asap

[shaun-pendrigh]

Hi @rajeshgupta723. The problem does not seem to be resolved. The getKeyFromJWKsURI is still having an error. I have tried to unpack the logic and understand what is going on in order to assist, but I am certainly not an expert in this. I eventually managed to log the response as it is coming back in version 4.0.0 as well as the new 4.1.3 branch.

In version 4.0.0 the response was in the "body" property and it was a valid json string. In the new version 4.1.3 there is no json property, it is undefined. The keys that the response needs are in the "data" property but it does not seem to be in the same json string format as before. So I am unsure of how to process that "data" property in order to pass correctly as an array of keys.

I don't know enough about Axios to understand the response formats. But hopefully what I have found will help you to know the answer.

Version4.0.0 response.log
Version4.1.3 response.log

[rajeshgupta723]

Hi @shaun-pendrigh, thanks for providing the log from diff versions, this was helpful. I've pushed the fix to release-4.1.3 branch. Would you please test and confirm the fix, it that works for you now? Thanks

[shaun-pendrigh]

Hi @rajeshgupta723

I am not sure if I have done anything wrong in the testing as I am guessing you expect this update to fix the issue. However I still see this error:

SyntaxError: Unexpected token o in JSON at position 1 at JSON.parse (<anonymous>) at C:\Users\SPendrigh\Documents\Development\Officejs\oauth-jsclient-release-4.1.3\src\OAuthClient.js:495:33 at process.processTicksAndRejections (node:internal/process/task_queues:95:5) at async C:\Users\SPendrigh\Documents\Development\Officejs\oauth-jsclient-release-4.1.3\sample\app.js:94:3 { error: 'Unexpected token o in JSON at position 1', authResponse: '', intuit_tid: '', originalMessage: 'Unexpected token o in JSON at position 1', error_description: ''

I see your change to getKeyFromJWKsURI has:
const responseBody = JSON.parse(response.data);

But it seems response.data is not valid JSON. Again I am not sure how Axios returns this data. But looking at the log file this data does not have the expected formatting around the property names for example to be valid JSON.

Let me know if there is more I can do to help this process.