Adding New Social Provider Twitch fails with "Unexpected token }"

edvard · May 5, 2020, 12:55pm

We added new Social Provider Twitch and hoped that everything will just work. But as always with Auth0, you try to do a simple task and you don’t even realise that you lost yet another finger.

After Logging in with Twitch we were getting redirected to our website with the following error:
error(pin):"invalid_request"
errorDescription(pin):"Invalid response code from the auth0-sandbox: HTTP 400. Unexpected token }"

We installed Real-time Webtask Logs and the error looked like this:

 {
"code": 400,
"message": "Compilation failed: Unexpected token }",
"error": "Unexpected token }",
"stack": "/data/io/9f107b5c-01db-4341-9452-0acbb43c7d91/webtask.js:24\n}\n^\n\nSyntaxError: Unexpected token }\n at createScript (vm.js:80:10)\n at Object.runInThisContext (vm.js:139:10)\n at WebtaskModule.compileWebtask (/data/sandbox/lib/module.js:140:30)\n at defaultJavascriptCompiler (/data/sandbox/lib/compiler.js:135:24)\n at defaultCompiler (/data/sandbox/lib/compiler.js:144:12)\n at /data/sandbox/lib/compiler.js:276:11\n at /data/sandbox/node_modules/async/dist/async.js:3880:24\n at replenish (/data/sandbox/node_modules/async/dist/async.js:1011:17)\n at /data/sandbox/node_modules/async/dist/async.js:1016:9\n at eachOfLimit (/data/sandbox/node_modules/async/dist/async.js:1041:24)"
}

Applying trial and error for several hours we found that the problem was in the default Fetch User Profile Script given by Auth0. It was failing because of a comment at the end of the function.

Original:

function(accessToken, ctx, cb) {
  request.get('https://api.twitch.tv/kraken/user', {
    headers: {
      'Authorization': 'OAuth ' + accessToken,
      'Accept': 'application/vnd.twitchtv.v5+json'
    }
  }, function(e, r, b) {
    if (e) return cb(e);
    if (r.statusCode !== 200) return cb(new Error('StatusCode: ' + r.statusCode));
    var profile = JSON.parse(b);
    profile.id = profile._id;
    delete profile._id;
    profile.links = profile._links;
    delete profile._links;
    return cb(null, profile);
  });
} // endpoint is from old twitch api

Deleting // endpoint is from old twitch api fixed the issue.

Posting this for two reasons:

hoping to save several hours of frustration for some other unlucky lads
hopint Auh0 will get rid of the comment in the default implementation (or even better - fix parser of the function to allow comments or at least throw a meaningful error)

dan.woda · May 6, 2020, 10:15pm

Hi @edvard,

Thanks for pointing this out, can you please link where your found this code? I can’t seem to locate it.

Thanks,
Dan

edvard · May 7, 2020, 8:06am

Sure, the function is here: Extensions → Custom Social Connections → Twitch → Fetch User Profile Script.

I just checked it again and it seems that actually there is no comment in the default implementation provided and one of our developers added it. Sorry for the confusion, this is probably going to be less relevant to others than I thought. But anyway, having a better error message thrown would have saved a lot of hours of guessing for us.

dan.woda · May 7, 2020, 10:11pm

Glad you were able to figure it out!

dan.woda · May 22, 2020, 2:11am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.