Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Cannot destructure property 'header' of '(intermediate value)' as it is undefined.

See original GitHub issue

Describe the problem

  • We’ve got an application deployed on azure web apps
  • A custom domain name bought and then directed to the web app
    • So the current flow is -> User -> my.custom.domain.com -> myapp.azurewebsites.net

Ever since then the authentication just stopped working and application does not maintain the session

Things I’ve tried

  • sameSite -> None, Lax, Strict
  • domain -> undefined and actual domain

Logs:

2022-11-21T19:01:58.754785673Z GET /auth/login?returnTo=%2Fdatasets - 2.185 ms
2022-11-21T19:01:59.146683144Z GET /main.2f8e8e4b02603fe2.js - 1.903 ms
2022-11-21T19:01:59.159137166Z GET /styles.20c473a12ca17461.css - 2.491 ms
2022-11-21T19:02:01.607943571Z 2022-11-21T19:02:01.607Z express-openid-connect:context req.oidc.login() called with returnTo: /datasets
2022-11-21T19:02:01.608528672Z 2022-11-21T19:02:01.608Z express-openid-connect:getLoginState adding default state { returnTo: '/datasets' }
2022-11-21T19:02:01.609209673Z 2022-11-21T19:02:01.608Z express-openid-connect:context response_type includes code, the authorization request will use PKCE
2022-11-21T19:02:01.613158580Z 2022-11-21T19:02:01.612Z express-openid-connect:context redirecting to <REDACTED>connect/authorize?client_id=erm_safet.web&scope=erm_safet.api%20openid%20profile%20offline_access&response_type=code&redirect_uri=<REDACTED>/%2Fauth-callback&acr_values=idp%3Aaad&nonce=Ls3twx7gFR69Sc53EqhVBgnzZLNtKohO65YzFGsvhjU&state=eyJyZXR1cm5UbyI6Ii9kYXRhc2V0cyJ9&code_challenge_method=S256&code_challenge=ZgeQTv329ZcQRp8GxgIvbMx8AqavRCzQqRFAQP_Nzt4
2022-11-21T19:02:01.616395986Z GET /login/aad - 103.127 ms
2022-11-21T19:02:02.517969712Z 2022-11-21T19:02:02.517Z express-openid-connect:auth GET /auth-callback called
2022-11-21T19:02:03.782338201Z GET /auth-callback?code=71B5173A1E14B91FC0735FC2F36FBE0C32F2652450E1E17BE9BCCC1B5C455452-1&scope=erm_safet.api%20openid%20profile%20offline_access&state=eyJyZXR1cm5UbyI6Ii9kYXRhc2V0cyJ9&session_state=kfT8LGkbYLzEWiCFYzcBbFszeQU3mkNuhdKediHSmhM.E3382A8448796BC53C5CF69163E15E52&iss=https%3A%2F%2Ferm-al-authsrv-api-prd.azurewebsites.net - 1263.935 ms
2022-11-21T19:02:04.543347402Z GET /styles.20c473a12ca17461.css - 3.198 ms
2022-11-21T19:02:04.583155488Z GET /main.2f8e8e4b02603fe2.js - 2.200 ms
2022-11-21T19:02:03.882202334Z 2022-11-21T19:02:03.881Z express-openid-connect:appSession reading session from appSession cookie
2022-11-21T19:02:03.883644838Z 2022-11-21T19:02:03.883Z express-openid-connect:appSession unexpected error handling session TypeError: Cannot destructure property 'header' of '(intermediate value)' as it is undefined.
2022-11-21T19:02:03.883665738Z     at /app/node_modules/express-openid-connect/lib/appSession.js:305:17
2022-11-21T19:02:03.883733138Z     at processTicksAndRejections (internal/process/task_queues.js:95:5)
2022-11-21T19:02:03.888739950Z GET /datasets - 5.903 ms
2022-11-21T19:02:04.403848243Z GET /polyfills.2a09318cbf32689f.js - 3.662 ms
2022-11-21T19:02:05.285364178Z GET /840.f03a6f0f8f8e7583.js - 2.332 ms

Configuration

  app.use(auth({
    issuerBaseURL: env.ISSUER_BASE_URL,
    secret: env.SECRET,
    baseURL: env.BASE_URL,
    clientID: env.CLIENT_ID,
    clientSecret: uuid.v4(),
    authRequired: false,
    session: {
      cookie: {
        domain: env.COOKIE_DOMAIN,
        httpOnly: true,
        sameSite: 'None'
      },
      store: new MemoryStore({
        checkPeriod: 24 * 60 * 1000,
      }),
    },
    authorizationParams: {
      response_type: 'code',
      scope: [env.AUTH_SCOPE, 'openid', 'profile', 'offline_access'].join(" "),
      // TODO: make env variable
      acr_values: "idp:aad",
    },
    routes: {
      callback: '/auth-callback',
      login: false,
    },
    // afterCallback: async (req, res, session, decodedState) => {
    //   console.log("Session", session)
    //   // const userProfile = await request(`${issuerBaseURL}/userinfo`);
    //   return {
    //     ...session
    //   };
    // }
  }));

Environment

Azure web app with Linux containers

  • Version of this library used:: 2.10.0
  • Which framework are you using, if applicable: Express
  • Other modules/plugins/libraries that might be involved:
  • Any other relevant information you think would be useful:

Issue Analytics

  • State:closed
  • Created 10 months ago
  • Comments:5 (2 by maintainers)

github_iconTop GitHub Comments

1reaction
ermaugustinascommented, Nov 28, 2022

Thanks for the help @adamjmcgrath I’ll close this for now as you’ve provided me with a solution

0reactions
adamjmcgrathcommented, Nov 28, 2022

I’m really sorry about this, I was in a rush I forgot to add more information. It turned out to be an issue with routing through Application gateway, where the client sessions would be lost on each request. So from my understanding, the auth cookie would exist, but when it would check the session it would be missing the required information causing it to fail.

Yes, this would explain the error you’re seeing

Can cookie-session based approach work with express-openid-connect?

Yes, this is the default for this SDK, just omit the store config property and your session will be a stateless cookie session.

Hmm, this is what my package.json contains

The reason I think you’re not using 2.10.0 is because your stack trace says TypeError: Cannot destructure property 'header' ... at .../appSession.js:305:17

In 2.10.0 the header property is destructured on line 309 (see https://github.com/auth0/express-openid-connect/blob/v2.10.0/lib/appSession.js#L309)

It’s in 2.8.0 and below that the header property is destructured on line 305 (see https://github.com/auth0/express-openid-connect/blob/v2.8.0/lib/appSession.js#L305)

I’ve just npm installed 2.10.0 and confirmed that the code matches the tag

Read more comments on GitHub >

github_iconTop Results From Across the Web

Cannot destructure property 'data' of '(intermediate value)' as it ...
The problem is that, although axios.get may return a promise, the fetchPosts ... fetchPosts(); console.log(myFetch); // will log `undefined`.
Read more >
Cannot destructure property of '(intermediate value)' as it is ...
That you are looking for a fix for this error, i presume that you are trying to destructure either an object or array...
Read more >
Cannot destructure property 'data' of '(intermediate value)' as it ...
Coding example for the question Cannot destructure property 'data' of '(intermediate value)' as it is undefined-Reactjs.
Read more >
Cannot destructure property 'id' of '(intermediate value)' as it is ...
produce()” client-side. Cannot destructure property 'id' of '(intermediate value)' as it is undefined. I have no idea what it is due to ...
Read more >
Initialize a destructured argument - Jacob Paris
TypeError : Cannot destructure property 'serialize' of (intermediate value) as it is undefined. To show why that happens, here's an example of two...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

"undefined is not a function" on jwt.sign

Next page

RFC: Bind OIDC Routes based on baseURL path