-
Notifications
You must be signed in to change notification settings - Fork 233
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
http proxy error after upgrading from 1.6.0 to 1.8.0 #144
Comments
I'm using this great module too and experiencing the same problem, which ended with pinning to 1.7.0. Likely this is because a https request needs to go through the proxy only working with http. This is a reatively old problem axios users are experiencing: As there are working workarounds suggested, I'm not sure when/if this be solved on axios side. Maybe it could be an option, to provide the possibility to inject a complete axios instance, when initializing the jwks-rsa Client? |
We had this problem and we workaround it by overwritting the |
Seems like we have the same problem #142 It's about time to do something here!!! |
This is likely related to migrating from the deprecated |
It appears this is related to axios/axios#925 when using an HTTP proxy to an HTTPS endpoint. The common recommended fix is to configure an const client = jwksClient({
jwksUri: 'https://YOUR-DOMAIN/.well-known/jwks.json',
httpsAgent: new HttpsProxyAgent({
host: '127.0.0.1',
port: '9090',
auth: 'username:password'
})
}); We’d then need to deprecate the current As mentioned earlier, if you are using this library behind a proxy, it’s recommended to stay on v1.7 until we either (hopefully) get a fix on the Axios side or implement a workaround, perhaps as described above. |
Hi, I DID NOT find the current thread in time... and ran into axios/axios#2072 (comment) So, I tried to fix it myself, over v 1.9, with a similar solution as above (using 'https-proxy-agent'). FYI, it works in our environnement. We are using a 'http' proxy, to get our jwks objects from a 'https://domain/path' url. //THIS IS MY WHOLE src/wrappers/request.js REPLACEMENT FILE !
import http from 'http';
import https from 'https';
import httpsProxyAgent from 'https-proxy-agent';
import { request } from 'axios';
export default function(options, cb) {
const requestOptions = {
url: options.uri,
headers: options.headers,
timeout: options.timeout
};
if (options.proxy) {
//Needed because of limitation of Axios with https traffic tunnelled into http corporate proxies
//See : https://github.com/axios/axios/issues/2072
requestOptions.proxy = false; //Oddly, this must be false, since we are using the agent
requestOptions.httpsAgent = new httpsProxyAgent(options.proxy);
}
if (options.agentOptions || options.strictSSL != undefined) {
const agentOptions = {
...(options.strictSSL != undefined) && { rejectUnauthorized: options.strictSSL },
...options.agentOptions
};
requestOptions.httpAgent = new http.Agent(agentOptions);
requestOptions.httpsAgent = new https.Agent(agentOptions);
}
request(requestOptions)
.then(response => cb(null, response))
.catch(err => cb(err));
}; What do you think ? I am not a contributor to this project, and have no Idea how to be. In the meantime, as per @jimmyjames suggestion, we will most probably switch to 1.7, to fix an issue we have in production. Thanks ! |
I have a related problem with the new 1.10.0 version. As now it seems 'https-proxy-agent' is pulled in as a dependency, but in the package.json it is only a devDependency.
|
Thanks for working on this issue. I implemented a solution in #188 |
This library no longer works behind corporate proxy. Our proxy scheme is 'http:https://:80' for both http & https.
Current workaround is to use "1.7.0"
Note: A minor issue with "@" needed to prevent NPE request.js does not check
proxy.auth
for null.The text was updated successfully, but these errors were encountered: