TypeError: "secret" is required

Question

I get this error when using express-openid-connect

TypeError: "secret" is required
    at module.exports.get (/home/mathkr/persodev/node_modules/express-openid-connect/lib/config.js:166:11)
    at module.exports (/home/mathkr/persodev/node_modules/express-openid-connect/middleware/auth.js:27:18)
    at Object.<anonymous> (/home/mathkr/persodev/server.js:26:9)

My server.js code is

const express = require('express');
const app = express();
const port = process.env.PORT || 4200;
const {auth, requiresAuth} = require('express-openid-connect');
const dotenv = require('dotenv');
const session = require('express-session');

const sess = {
  secret: 'somethingsecret',
  cookie: {},
  resave: false,
  saveUninitialized: true
};
if (app.get('env') === 'production') {
  sess.cookie.secure = true;
  app.set('trust proxy', 1);
}
app.use(session(sess));

const config = {
  ...(dotenv.config()).parsed,
  authRequired: false,
  auth0Logout: true
};

app.use(auth(config));
app.use(function (req, res, next) {
  res.locals.user = req.oidc.user;
  next();
});

app.get('/profile', requiresAuth(), function (req, res, next) {
  res.render('profile', {
    userProfile: JSON.stringify(req.oidc.user, null, 2),
    title: 'Profile page'
  });
});

app.all('*', function (req, res) {
  res.status(200).send('hello');
});

app.listen(port, () => {
  console.log(`Example app listening at http://localhost:${port}`)
})

Please what's wrong ?

Versions

node 12.18.3
npm 6.14.6
yarn 1.22.4

    "dotenv": "^8.2.0",
    "express": "^4.17.1",
    "express-openid-connect": "^2.0.0",
    "express-session": "^1.17.1",

Answer 1

I encountered the exact same issue when developing my own app with Auth0. The solution is to require dotenv before you require your app. Here's an example configuration:

require('dotenv').config({ path: './path/to/your/.env' });
const app = require('./app');