Loopback-next: OpenAPI Connector - Call HTTPS REST service with self-signed certificate

Created on 9 Oct 2020  路  6Comments  路  Source: strongloop/loopback-next

Steps to reproduce

  1. Create datasource pointing to OpenAPI definition lb4 datasource
  2. Create OpenAPI proxies lb4 openapi --client pointing to datasource
  3. Create a controller and inject OpenApi service created in step 2
  4. Call any method

Current Behavior

I get following exception:

Unhandled error in GET /user/8f9d1e34-c340-4ebe-af11-fa0c4575f676: 500 FetchError: request to https://localhost:8243/scim2/1.0.0/Users/8f9d1e34-c340-4ebe-af11-fa0c4575f676 failed, reason: unable to verify the first certificate
    at ClientRequest.<anonymous> (D:\DEV_BTC\GIT\Foton\PIX\application\composite-services\perfil-usuario-ms\node_modules\node-fetch\lib\index.js:1461:11)
    at ClientRequest.emit (events.js:315:20)
    at TLSSocket.socketErrorListener (_http_client.js:426:9)
    at TLSSocket.emit (events.js:315:20)
    at emitErrorNT (internal/streams/destroy.js:92:8)
    at emitErrorAndCloseNT (internal/streams/destroy.js:60:3)
    at processTicksAndRejections (internal/process/task_queues.js:84:21)

Expected Behavior

For SOAP and REST Connector there is a parameter to handle self-signed certificate called strictSSL: false. How about OpenAPI Connector? Is there any workaround? Should I turn this issue to feature request?

Additional information

  • LB4

Thank you!

bug
Source
picture emiliobristech

Most helpful comment

@emiliobristech I just fixed loopback-connector-openapi to allow such options, please upgrade to [email protected] and use the following config:

You need to create an instance of https.Agent:

import https from 'https';

const config = {
  name: 'wso2Scim2Api',
  connector: 'openapi',
  spec: './src/openapi-client/wso2-scim2-api.json',
  validate: true,

  authorizations: {
    default: "<API_KEY>",
  }
  positional: true,
  debug: true,
    httpClientOptions: {
      agent: new https.Agent({rejectUnauthorized: false}),
    }
};

See https://github.com/strongloop/loopback-connector-openapi#customize-httphttps-client

picture raymondfeng on 10 Oct 2020
👍2

All 6 comments

@emiliobristech loopback-connector-openapi uses node-fetch behind the scenes. You can configure the datasource settings with agent property per https://www.npmjs.com/package/node-fetch#custom-agent.

raymondfeng picture raymondfeng on 9 Oct 2020

Hi again @raymondfeng thank you for you help! I found some references abou adding property rejectUnauthorized=false to agent configuration but it doesn't work. Here is my DS:

const config = {
    name: 'wso2Scim2Api',
    connector: 'openapi',
    spec: './src/openapi-client/wso2-scim2-api.json',
    validate: true,

    authorizations: {
    default:
        "<API_KEY>",
    },

    positional: true,
    debug: true,
    agent: {
        rejectUnauthorized: false,
    }
};

Is my configuration correct?

emiliobristech picture emiliobristech on 10 Oct 2020

You need to create an instance of https.Agent:
```ts
import https from 'https';

const config = {
name: 'wso2Scim2Api',
connector: 'openapi',
spec: './src/openapi-client/wso2-scim2-api.json',
validate: true,

authorizations: {
default:
    "<API_KEY>",
},

positional: true,
debug: true,
agent: new https.Agent({
    rejectUnauthorized: false,
}),

};

raymondfeng picture raymondfeng on 10 Oct 2020

You need to create an instance of https.Agent:

import https from 'https';

const config = {
  name: 'wso2Scim2Api',
  connector: 'openapi',
  spec: './src/openapi-client/wso2-scim2-api.json',
  validate: true,

  authorizations: {
  default:
      "<API_KEY>",
  },

  positional: true,
  debug: true,
  agent: new https.Agent({
      rejectUnauthorized: false,
  }),
};

I did exactly what you suggested but it doesn't work. Got same exception. What else could it be?

Thanks!

emiliobristech picture emiliobristech on 10 Oct 2020

@emiliobristech I just fixed loopback-connector-openapi to allow such options, please upgrade to [email protected] and use the following config:

You need to create an instance of https.Agent:

import https from 'https';

const config = {
  name: 'wso2Scim2Api',
  connector: 'openapi',
  spec: './src/openapi-client/wso2-scim2-api.json',
  validate: true,

  authorizations: {
    default: "<API_KEY>",
  }
  positional: true,
  debug: true,
    httpClientOptions: {
      agent: new https.Agent({rejectUnauthorized: false}),
    }
};

See https://github.com/strongloop/loopback-connector-openapi#customize-httphttps-client

raymondfeng picture raymondfeng on 10 Oct 2020
👍2

@emiliobristech I just fixed loopback-connector-openapi to allow such options, please upgrade to [email protected] and use the following config:

You need to create an instance of https.Agent:

import https from 'https';

const config = {
  name: 'wso2Scim2Api',
  connector: 'openapi',
  spec: './src/openapi-client/wso2-scim2-api.json',
  validate: true,

  authorizations: {
    default: "<API_KEY>",
  }
  positional: true,
  debug: true,
    httpClientOptions: {
      agent: new https.Agent({rejectUnauthorized: false}),
    }
};

See https://github.com/strongloop/loopback-connector-openapi#customize-httphttps-client

Hey @raymondfeng, now it works perfectly! Thank you and have a good day!

emiliobristech picture emiliobristech on 11 Oct 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

shahulhameedp picture shahulhameedp  路  3Comments
acrodrig picture acrodrig  路  3Comments
HamzaMansouri7 picture HamzaMansouri7  路  3Comments
frodoe7 picture frodoe7  路  3Comments
teambitcodeGIT picture teambitcodeGIT  路  3Comments