Auth0 middleware in nodejs (express) gives Error: aggrinfo ENOTFOUND

Question

I'm using a middleware in my express API to validate against auth0

const checkJwt = jwt({
    // Dynamically provide a signing key based on the kid in the header and the singing keys provided by the JWKS endpoint.
    secret: jwksRsa.expressJwtSecret({
        cache: true,
        rateLimit: true,
        jwksRequestsPerMinute: 5,
        jwksUri: `https://${process.env.AUTH0_DOMAIN}/.well-known/jwks.json`
    }),

    // Validate the audience and the issuer.
    audience: process.env.AUTH0_AUDIENCE,
    issuer: `https://${process.env.AUTH0_DOMAIN}/`,
    algorithms: ['RS256']
});

...

  server.use('/api', checkJwt, routes);

It works on my local dev-machine but when I run it in production I get:

Error: getaddrinfo ENOTFOUND undefined undefined:443
    at errnoException (dns.js:28:10)
    at GetAddrInfoReqWrap.onlookup [as oncomplete] (dns.js:76:26)

I'm running ubuntu 12 in production and mac on dev.

Answer 1

It seems that you forgot to setup AUTH0_DOMAIN environment variable on the production system.

Your code is correct according to example from github ,

but in this example there is section how to run this code with lot of environment variables setup.

DEBUG=express,jwks JWKS_HOST=https://my-authz-server AUDIENCE=urn:my-resource-server ISSUER=https://my-authz-server/ node server.js.

Please check your production configuration before starting an app.

Answer 2

getaddrinfo ENOTFOUND

This is a basic internet transport protocol error arising when the server address requested for can not be connected to. Can be a very simple bug, can be something entirely complex :

• no internet connection on host system
• lack of permission for host system to send request
• lack of permission for client system to accept request (like if part pf a vpc blocked from public domain)

Error: getaddrinfo ENOTFOUND undefined undefined:443

• the undefined undefined shows that the url passed to which the system is trying to connect to is not defined.

I think the problem is with parsing as the codeblock shown is commenting out the uri you are providing, try this please :

const uri  = "https:\/\/"+${process.env.AUTH0_DOMAIN}+"/.well-known/jwks.json"
const checkJwt = jwt({
// Dynamically provide a signing key based on the kid in the header and the singing keys provided by the JWKS endpoint.
secret: jwksRsa.expressJwtSecret({
    cache: true,
    rateLimit: true,
    jwksRequestsPerMinute: 5,
    jwksUri: uri
}),

// Validate the audience and the issuer.
audience: process.env.AUTH0_AUDIENCE,
issuer: `https://${process.env.AUTH0_DOMAIN}/`,
algorithms: ['RS256']
});

Similar edit for issuer in the jwt options