Request timeout using nodejs sdk with oauth client credentials grant flow

Questions OAuth/OIDC
1

We are using the okta nodejs sdk to create a client and send requests using client.http.http(url, request).

We are sending a request to get a users groups.

const url = `${client.baseUrl}/api/v1/users/${user.id}/groups`;
const request = {
  method: 'get',
  headers: {
    'Accept': 'application/json',
    'Content-Type': 'application/json'
  }
};

client.http.http(url, request)
  .then(res => res.text())
  .then(text => {
    console.log(text);
  })
  .catch(err => {
    console.error(err);
  });

However, when we use OAuth to authenticate, and a user has > 25 groups the request times out, and no response is returned. When we use a static api token to make the same request, the request is returned just fine, even when a user has > 25 groups. When a user has less groups, then using OAuth the request works fine.

We were wondering why this behavior is happening. If it is useful, here is a okta request id from one of the failed requests ‘YC21eK6b7NVjyxWYaQvUegAAAoA’.

We also tried making the same request using OAuth and Postman and did not see this behvior.

2

@sophilao Hi Could you please clarify the how the issue is reproduced? You meant the no response in this node.js snippets or no response when group >25?

3

There is no response when listing all groups for a user when the user has more than 25 groups from the node sdk call. But only when the okta client is using OAuth to authenticate, and not when an api token is being used to authenticate.

4

@sophilao Hi According to Okta API doc, the API token is required when you list client resource for a user.

curl --location --request GET ‘https://{Okta}/api/v1/users/userId/groups’
–header ‘Accept: application/json’
–header ‘Content-Type: application/json’
–header ‘Authorization: SSWS 00W6q57oV6PvGQ6Av8Go5AqRoVPV2BcypigrcORkHv’ \

5

I am able to list the groups of users using OAuth to authenticate when a user has less than 25 groups, or when I limit the number of groups returned.

let privateKey = await getPrivateKey();
const client = new okta.Client({
      orgUrl: {oktaBaseUrl},
      authorizationMode: 'PrivateKey',
      clientId: {clientId}
      scopes: ['okta.users.read','okta.groups.read'],
      privateKey: privateKey
});


const url = `${client.baseUrl}/api/v1/users/${user.id}/groups`;
const request = {
  method: 'get',
  headers: {
    'Accept': 'application/json',
    'Content-Type': 'application/json'
  }
};

client.http.http(url, request)
  .then(res => res.text())
  .then(text => {
    console.log(text);
  })
  .catch(err => {
    console.error(err);
  });

const url = {client.baseUrl}/api/v1/users/{user.id}/groups?limit=25;

Returns just fine, but if I use limit=30, there is no response.
I have only seen this issue appear when using the okta node sdk.

6

I figured out why the issue was only happening when we were using an api token. We forgot to include cacheMiddleware: null when generating the OAuth client.

const client = new okta.Client({
        orgUrl: config.oktaHost,
        token: {api_token}
        cacheMiddleware: null
    });

When the response size is too large, there seems to be an infinite loop dealing with the cacheMiddleware.
We asked about this earlier in Okta Help Center (Lightning).

8

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.