saasmvp OAuth

Appearance

Troubleshooting

An ERROR has occurred if you receive any of these client or server log messages. Expand the appropriate log message by clicking on the right arrow below for an explanation and solution to the problem. There is a logFlag used for both the client and server. Both default to FALSE unless specified and no log messages will be displayed. The client logFlag can be set using the smvpInitAuth function. The server logFlag can be set in the smvp.oauth.json file.

Initialization

[Client Log] Uncaught (in promise) Error: nuxt-saasmvp-oauth: You need to run smvpInitAuth() in your app FIRST

You need to initialize the nuxt-saasmvp-oauth module first using the smvpInitAuth client function before calling any other client function. One way this can be accomplished is to call the smvpInitAuth function using a Vue onMounted life cycle hook.

[Server Log] 2024-05-23T21:45:41.287Z saasmvp OAUTH smvpServerInit.ts: smvp.config.json file NOT FOUND in ./server directory

The smvp.oauth.json file is REQUIRED to be located in the ./server directory for the nuxt-saasmvp-oauth module to properly start.

[Server Log] 2024-05-23T21:09:24.483Z saasmvp OAUTH smvpServerInit.ts: ERROR 'jwtKey' needs to be EXACTLY 256 bits (32 bytes)

This error is detected during smvpServerInit. Make sure the jwtKey length is 256 bits (32 bytes)

[Server Log] 2024-05-23T21:42:16.662Z saasmvp OAUTH smvpServerInit.ts: ERROR 'protected' needs to be an array. If no routes are to be protected, provide an empty array []

The smvp.oauth.json file contains a protected json object that holds an array of strings. Each string in the protected json object specifies a REST API route that is to be authenticated by the nuxt-saasmvp-oauth module's smvp-apiauth.ts server middleware. If no routes need to be protected, you can simply specify the protected json object with an empty array (i.e. [])

[Server Log] 2024-05-23T21:38:17.721Z saasmvp OAUTH smvp-apiauth.ts server middleware: NO ROUTES TO PROTECT

A friendly reminder that you have not specified any REST API Endpoints to protect. You can ignore this message if you have an application that does not require protection of any REST API Endpoints.

[Server Log] 2024-05-23T21:25:03.306Z saasmvp OAUTH smvpServerInit.ts: *** NOT *** INITIALIZED

This error is detected during the nuxt-saasmvp-oauth module's server initialization by smvpServerInit. Make sure at least the jwtKey and protected json object are present in the smvp.oauth.json file.

User Authentication

[Client Log] Thu May 23 2024 17:04:39 GMT-0500 (Central Daylight Time) 'saasmvp OAUTH smvpLogout.ts STATUS: ERROR on Logout'

You should NEVER see this message. If you do, please contact support. We'd appreciate it.

[Client Log] Tue Jan 09 2024 14:13:27 GMT-0600 (Central Standard Time) saasmvp OAUTH smvp-pageauth.ts client middleware: ROUTE: '/pageone' *** UNAUTHORIZED ***

The User has not been authenticated. This is a normal error message that should be received when the User attempts to navigate to a page using the smvp-pageauth client middleware without having been previously authenticated. The ROUTE shown in the message will be the name of the developer defined NUXT 3 page the User is attempting to navigate to.

[Client Log] Wed Jan 10 2024 17:04:48 GMT-0600 (Central Standard Time) saasmvp OAUTH smvp-pageauth.ts client middleware: ROUTE: '/pageone' *** JWT Token Expired ***

The smvp-pageauth client middleware uses the smvpGetOAuthAuthorization client function to validate the User's JWT Access Token BEFORE allowing the User navigation to the page specified by the ROUTE in the error message. The JWT Access Token has expired. Generate a new JWT Access Token using the smvpGetOAuthToken client function.

[Server Log] 2024-01-09T19:45:20.112Z saasmvp OAUTH smvp-user-token.post.ts timestamp out-of-bounds NOW: 1704829520 BOUNDRY: 1704829620

The smvpGetOAuthToken client function requested a JWT Access Token that can not be generated by the Authorization Server smvp-user-token.post.ts REST API Endpoint within 100ms after the timestamp found in the Authorization Grant sent by the smvpGetOAuthToken client function. The 100ms boundary time is used to prevent replay attacks. The NOW and BOUNDRY times are in the Unix Epoch format.

[Server Log] 2024-01-10T20:54:21.378Z saasmvp OAUTH smvp-authorize.posts.ts: NO X-TOKEN in Request Header

The Authorization Server REST API Endpoint smvp-authorize.posts.ts is used by both the smvpGetLoginStatus and smvpGetOAuthAuthorization client functions. If the JWT Access Token (i.e. Bearer Token) is NOT supplied in the X-TOKEN HTTP Header request to the smvp-authorize.posts.ts REST API Endpoint, you will receive this message. HOWEVER, You should never observe this message since the nuxt-saasmvp-oauth module internally controls execution of this interaction.

[Server Log] 2024-01-09T22:26:41.890Z saasmvp OAUTH smvp-authorize.posts.ts: JWT Token Expired

The Authorization Server REST API Endpoint smvp-authorize.posts.ts is used by both the smvpGetLoginStatus and smvpGetOAuthAuthorization client functions. If the JWT Access Token (i.e. Bearer Token) supplied in the X-TOKEN HTTP Header request to the smvp-authorize.posts.ts REST API Endpoint has expired, a new JWT Access Token will need to be generated. If you do not suspect the JWT Access Token has expired, make sure the JWT Access Token has not been modified in any way.

REST API Authentication

[Server Log] 2024-01-10T20:00:48.093Z saasmvp OAUTH smvp-api-token.post.ts timestamp out-of-bounds NOW: 1704916848 BOUNDRY: 1704916948

The smvpGetOAuthApiKey client function requested a JWT Access Token (i.e. Bearer Token) that can not be generated by the Authorization Server smvp-api-token.post.ts REST API Endpoint within boundryTime (default 100ms) after the timestamp found in the Authorization Grant sent by the smvpGetOAuthApiKey client function. The 100ms boundary time is used to prevent replay attacks. The NOW and BOUNDRY times are in the Unix Epoch format.

[Server Log] 2024-01-09T22:48:23.466Z saasmvp OAUTH smvp-apiauth.ts server middleware: API Endpoint Authentication ERROR: NO X-TOKEN in Request Header

The Authorization Server smvp-apiauth.ts server middleware checks for a JWT Access Token (i.e. Bearer Token) in the HTTP(S) X-TOKEN request Header of the developer defined REST API Endpoint. If you receive this message, make sure that your code includes the X-TOKEN Header in your HTTP(S) REST API Endpoint request.

[Server Log] 2024-01-09T20:09:15.713Z saasmvp OAUTH smvp-apiauth.ts server middleware: API Endpoint Authentication ERROR: TOKEN MALFORMED OR EXPIRED

The Authentication Server smvp-apiauth.ts server middleware checks for a valid JWT Access Token (i.e. Bearer Token) for each developer defined REST API Endpoint with an entry in the smvp.oauth.json file's protected json object. If a developer defined REST API Endpoint HTTP(S) request was made with a JWT Access Token that has been modified in any way OR with a JWT Access Token that has expired you will receive this error message.

Released under the MIT License

Copyright © 2024 The saasmvp Project