1

guys since its my org code so I cannot share all my code but the gist of the issue is I have deployed a node.js app on gcp with env: flex (this env:flex is supposed to be configured on app.yaml) and with flex everything was working great but as soon as I moved to env:std that is standard env i started facing a weird error, basically on the authentication part we are using OCKTA and it sends us authorization token and access token which is sent to nodejs app from frontend after checking the cors policy options, but after I changed env:flex I stopped receiving access.token , I console logged it as well, I was getting undefined for that header.

error log:

                                                                        inside authenticate {
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    host: 'nodejs-dot-dev-peso-na-measurement-292414.appspot.com',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    'x-forwarded-for': '165.225.120.97, 169.254.1.1',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    'x-forwarded-proto': 'https',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    forwarded: 'for="165.225.120.97";proto=https',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    'sec-ch-ua': '" Not;A Brand";v="99", "Google Chrome";v="97", "Chromium";v="97"',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    'sec-ch-ua-mobile': '?0',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    authorization: 'Bearer eyJraWQiOiJQUy13Z1E3eGtKNGdOblkyZGFBazJqaTdyYU0xRGVvai1LLVpHZHo2NUFrIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiIwMHV4MThoMTZiRGJucFVMazBoNyIsIm5hbWUiOiJKYWluLCBBa3NoaXRhIiwiZW1haWwiOiJha3NoaXRhLmphaW5Aa2NjLmNvbSIsInZlciI6MSwiaXNzIjoiaHR0cHM6Ly9rY2Mub2t0YXByZXZpZXcuY29tIiwiYXVkIjoiMG9heDF2OTd2OWxTY0YzVDgwaDciLCJpYXQiOjE2NDMyNjYwODcsImV4cCI6MTY0MzI2OTY4NywianRpIjoiSUQuQWlLUXAzVTc5ZHpraVNoSjBMakMzZExHS2dHZHpidnlESVpZYVh5QzNHOCIsImFtciI6WyJwd2QiXSwiaWRwIjoiMG9hOGR4OGU0ZjhxTGY2dlIwaDciLCJub25jZSI6IjhFb1NDRXB0ZWkzcnM5R0ZKT1dGVUM0UzgxWjEzRHdCNW5ZazBNMzV5OHh0UVM1NkNhVWtJSkdSZldRUk5wOXciLCJwcmVmZXJyZWRfdXNlcm5hbWUiOiJha3NoaXRhLmphaW5Aa2NjLmNvbSIsImF1dGhfdGltZSI6MTY0MzI2NjA4NCwiYXRfaGFzaCI6InFJTDlndEtfNUtnWnc0ZWZ3cFBrVFEifQ.ZczIxBpQEopdBl3BT0gob-ZEQiUT5rimQA5Rtpvsp_Ycih_HDBtpG9NyDSp4VQ2Tvu-6vM7b-hv_HLit0YjGNUkYknw50dyQgY2C9h7RGSNJWZ91DjgVC-8xa5ziObEs_rrdyoYUqfC0kqmI6rJW6CIXdbuuZ1sWnTs9ALuUbcZZz6xGoOW_ELAhiWlrfQ7Iosi3BWt5uiZMQF9A0Ki-vppXJcIGcaRl2Avt38K32kv4M1W6jSb2xBlw5aaAQYEG33F0X-9SYgWuu2BAEk-Tm4k49Hbrnpsb0gNjes_VftgBzk4Z4uq18aTi-RtoNSxm1slIPE6zbxk_sVRxO3a_Cg',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    accept: 'application/json, text/plain, */*',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    'access-control-allow-origin': '*',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    'user-agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.99 Safari/537.36',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    'sec-ch-ua-platform': '"Windows"',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    origin: 'https://dev-peso-na-measurement-292414.uc.r.appspot.com',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    'sec-fetch-site': 'cross-site',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    'sec-fetch-mode': 'cors',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    'sec-fetch-dest': 'empty',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    referer: 'https://dev-peso-na-measurement-292414.uc.r.appspot.com/',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    'accept-language': 'en-US,en;q=0.9',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    'x-cloud-trace-context': '363cae52643a42acba9033ded130f622/16994855042067062039',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    'x-client-data': 'CgSM6ZsV',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    'x-appengine-city': 'mumbai',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    'x-appengine-country': 'IN',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    'x-appengine-region': 'mh',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    'x-appengine-citylatlong': '19.075984,72.877656',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    traceparent: '00-363cae52643a42acba9033ded130f622-ebd9da9e3fa9dd17-00',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    'x-appengine-timeout-ms': '599999',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    'x-appengine-https': 'on',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    'x-appengine-user-ip': '165.225.120.97',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    'x-appengine-api-ticket': 'ChBhMTNiNDQ5ZTNmNzM0NDY5GhMIwK7SnKvR9QIVgbf8Ch0aqwKg',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    'accept-encoding': 'gzip, deflate, br',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    'x-appengine-request-log-id': '61f2402a00ff03b8c08da2dcf00001737e6465762d7065736f2d6e612d6d6561737572656d656e742d32393234313400016e6f64656a733a323032323031323174313633363132000100',
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]    'x-appengine-default-version-hostname': 'dev-peso-na-measurement-292414.uc.r.appspot.com'
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]  } undefined
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]  "GET /api/get_region HTTP/1.1" 401
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]  final catch  Error: Access token is required
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]      at /workspace/config/authenticate.js:24:58
                                                                    2022-01-27 06:48:10 nodejs[20220121t163612]      at processTicksAndRejections (internal/process/task_queues.js:97:5)

third last line you can see access token is not getting. and 5 th last line you can see undefined which I console logged on my authentication middleware function. the above error is from cloud shell logs

in env flex it is showing properly(below is the developer console headers which has access token)

                            authority: nodejs-dot-peso-na-measurement-project.uc.r.appspot.com
                        :method: GET
                        :path: /api/get_region
                        :scheme: https
                        accept: application/json, text/plain, */*
                        accept-encoding: gzip, deflate, br
                        accept-language: en-US,en;q=0.9
                        access-control-allow-origin: *
                        access_token: Bearer eyJraWQiOiIyQXB1MTZnOFBvOGg0SWJHWnZjTXhPVk93dTdHbU40QWdOYWdadTF4c29JIiwiYWxnIjoiUlMyNTYifQ.eyJ2ZXIiOjEsImp0aSI6IkFULkRadWlNcnpnSTlwOWhyeDAxV040WjNTUjF1c01nSy0yVDI3X1dtNjBNVzQiLCJpc3MiOiJodHRwczovL2tjYy5va3RhLmNvbSIsImF1ZCI6Imh0dHBzOi8va2NjLm9rdGEuY29tIiwic3ViIjoiYWtzaGl0YS5qYWluQGtjYy5jb20iLCJpYXQiOjE2NDMyNjY3NTMsImV4cCI6MTY0MzI3MDM1MywiY2lkIjoiMG9haGZ0MGFvd2pVV0QyWDExdDciLCJ1aWQiOiIwMHVmbmJqYjg3TWFONWpWMTF0NyIsInNjcCI6WyJvcGVuaWQiLCJwcm9maWxlIiwiZW1haWwiXX0.AuXIGQ4bc3Y_FEx594Evb9Zs8oeQHLMeFVq7hDGYNZW4yNLF2ISXv1W47Qppp6NnvIf-DcgTxbhQ6o8YxiSOJ1PwXkw3tXT5PZjQ6buRZhSEvgQDNgp5eFYfqesC8Un4_r_CPSoL3O1w3cQdkRtB6IZBhGVXsLa4l3qQU1IcSh-mVsxpvVIqw43FcZSaqMsyO93NCRuPxsrBKzfFFKqhrTkvvRGxJhANmOS9Khx0TQbHCVoO8FqI7dcy4DE6IltfC7Vf0gio9eGKftdQwW69N0au37k2x5fSxSF7eFayKt6TOQXDlyLIDIF74c1RJbrCPLfJC9tEPnL6tpS57dhpxQ
                        authorization: Bearer eyJraWQiOiJyeVpMWDA3bjE4MENhRWh3eVgyMVdjS1g3MTFiMExUY2lHcUxEZXpoWGVBIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiIwMHVmbmJqYjg3TWFONWpWMTF0NyIsIm5hbWUiOiJKYWluLCBBa3NoaXRhIiwiZW1haWwiOiJha3NoaXRhLmphaW5Aa2NjLmNvbSIsInZlciI6MSwiaXNzIjoiaHR0cHM6Ly9rY2Mub2t0YS5jb20iLCJhdWQiOiIwb2FoZnQwYW93alVXRDJYMTF0NyIsImlhdCI6MTY0MzI2Njc1NCwiZXhwIjoxNjQzMjcwMzU0LCJqdGkiOiJJRC5uWi1XZVhMLWp5YVFQbGQ4X1JyeVhZREFGdnJiRVY1cE1ELUN0NlM2WmNNIiwiYW1yIjpbInB3ZCJdLCJpZHAiOiIwb2F2bm1wZkpyT2N6eExMRTF0NSIsIm5vbmNlIjoiM0U1NnV4YXBBU0ZqOWt6UmZQamZ1TFk5YXlmRzRNT2ZWS3ZkT2szN0JIWGZPaDZXaHRJajY2aW9XVmYzbElNciIsInByZWZlcnJlZF91c2VybmFtZSI6ImFrc2hpdGEuamFpbkBrY2MuY29tIiwiYXV0aF90aW1lIjoxNjQzMjY1OTc5LCJhdF9oYXNoIjoiczczVjkwWEpleHNoMElILW1XQ2RaQSJ9.Rbqm9Aim-7agCH0vO6tYf3znCPB98aUel2hEnGPMMuWsI6eW5C_bD9L6mkjIFmL4aQ-_vBmOB8U_3THEj6xhTcnShjA_gKLZ6-SyCQvbj1OFyySRJty9cJp1BTqg6Dfh5_caQigoXA_cnhqgEx-1Y05v1PxRwjFsh-tuofh4g-X4KA7kzRnCH5SwCkg3FAyXXnNz54WhuwnZLfO7lGEdYP54P0YbWFuIC6OeCXXymQWE3dCnWfsEU2_SfrxjmUKytd4HVv2wv4cflIrkPH7-tggH__YDYG4KEXLfpBi_raBZPUFU4o7h12Oya6xPjIQP8KbNlBEu205kMdLGjXR_Pg
                        if-none-match: W/"a6-rfBW+MpHeXieUDXFgQiCOIgXVmo"
                        origin: https://peso-na-measurement-project.uc.r.appspot.com
                        referer: https://peso-na-measurement-project.uc.r.appspot.com/
                        sec-ch-ua: " Not;A Brand";v="99", "Google Chrome";v="97", "Chromium";v="97"
                        sec-ch-ua-mobile: ?0
                        sec-ch-ua-platform: "Windows"
                        sec-fetch-dest: empty
                        sec-fetch-mode: cors
                        sec-fetch-site: cross-site

my best guess is since some of the headers is removed in standard env that's why my access token is getting stripped off on some platform level maybe gateway level i dont know plz help!!!

a ref for that- std:env- headers

Abhishek Sah
  • 31
  • 6
  • 1
    It looks like this is your first question, and I think there are a few things you could improve to get better answers: 1. Remove the indentation from the logs (it's annoying to have to scroll horizontally); 2. You're describing what your code does, but it's usually much easier to read the actual code. I understand you can't share you org's code, so what I do in that case is create a minimal example: The smallest possible code that produces the issue. Even better: this process is often enough to help me solve the problem on my own. Cheers! – bastien girschig Feb 05 '22 at 10:42

0 Answers0