IdentityServer nodejs token issue

Question

I'm trying to authorize my nodejs server in identity server. I'm using passport-openidconnect library in nodejs. My nodejs code:

var express = require('express');
var session = require('express-session');
var RedisStore = require('connect-redis')(session);
var Strategy = require('passport-openidconnect').Strategy;

module.exports.configure = function configure(app, passport) {

    var auth = {
        authorizationURL: 'https://localhost:44333/core/connect/authorize',
        tokenURL: 'https://localhost:44333/core/connect/token',
        userInfoURL: 'https://localhost:44333/core/connect/userinfo',
        clientID: 'NodeJsClient',
        clientSecret: 'fakeSecret',
        callbackURL: '/auth/callback',
        scope: 'openid profile email offline_access',
        responseType: "id_token"
    };

    app.use(session({
            secret: 'someSecret',
            resave: false,
            saveUninitialized: false,
            secure: true,
            store: new RedisStore({
                host: '127.0.0.1',
                port: 6379
            })
        }
    ));

    app.use(passport.initialize());
    app.use(passport.session());

    passport.use(new Strategy(auth, function (iss, sub, profile, jwtClaims, accessToken, refreshToken, params, verified) {
        verified(null, Object.assign({}, profile, {token: accessToken}));
    }));

    passport.serializeUser(function (user, done) {
        done(null, {id: user.id, name: user.displayName, token: user.token});
    });

    passport.deserializeUser(function (user, done) {
        done(null, user);
    });

    app.get('/auth/login', passport.authenticate('openidconnect', {}));

    app.get('/auth/callback', passport.authenticate('openidconnect', {}),
        function (req, res) {
            if (!req.user) {
                throw new Error('user null');
            }
            res.redirect("/");
        }
    );
};

Identity server side:

new Client()
                {
                    ClientId = "NodeJsClient",
                    ClientName = "Nodejs Demo Client",
                    AccessTokenType = AccessTokenType.Jwt,

                    ClientSecrets = new List<Secret>()
                    {
                        new Secret("fakeSecret".Sha256())  
                    },

                    Flow = Flows.AuthorizationCode,
                    RedirectUris = new List<string>() { "http://localhost:5200/auth/callback" },
                    AllowedScopes = new List<string>()
                    {
                        Constants.StandardScopes.OpenId,
                        Constants.StandardScopes.Profile,
                        Constants.StandardScopes.Email,
                        Constants.StandardScopes.Roles,
                        Constants.StandardScopes.Address,
                        Constants.StandardScopes.OfflineAccess
                    },

                    AccessTokenLifetime = 3600
                }

And when i'm trying to authorize after allowing permissions for personal data i have error:

InternalOAuthError: failed to obtain access token

I figured out that there is no token in redirect request to my app. Where is the problem? And do you good documented nodejs library for working with

OpenID Connect

Answer 1

I figured out where is the problem. Iside passport-openidconnect i found more detailed error: "Error: UNABLE_TO_VERIFY_LEAF_SIGNATURE". Solved it as described in this question. At this moment solution completely satisfies me.