`node-oauth` throws intermittent InternalOAuthErrors on fast connections

Hey all, I’m spinning up a new project using Passport and the Google OAuth 2.0 strategy, and I’ve spent the last day troubleshooting a particularly weird issue. Namely, when try to log in, locally, I get a InternalOAuthError the majority of the time, and occasionally get a successful login.

My coworker who’s on a slower connection, does not have this issue.

After much speelunking through the node-oauth codebase, I’ve found the issue here: https://github.com/ciaranj/node-oauth/blob/master/lib/oauth2.js#L124-L163

What’s happening is that for some requests, Google responds with an early close (eg: sends a no-content header and immediately closes the connection). node-oauth handles this cleanly by immediately triggering the callback (instead of waiting for an end event). However, when Google’s servers then perform a connection reset, an error event is triggered, and node-oauth naively calls the callback again resulting in an InternalOAuthError being thrown.

So, why post this bug here? node-oauth appears to be a dead project (the last commit was in 2017), and this bug is going to impact users of passport-google-oauth2 on fast connections. Hopefully by posting this issue here, other folks will be able to quickly diagnose it and find a workaround.