Malformed Token on deployment about magic-admin-js HOT 23 CLOSED

This is not an issue with Magic's SDK.

Some Vercel regions don't provide the correct runtime for serverless functions.
https://vercel.com/docs/concepts/functions/edge-functions#runtime-apis

globalThis/global object is supposed to have atob/btoa functions.

We run native Node.js runtime locally so Magic logins work, but as soon as you deploy these functions are no longer provided on Vercel's custom Node.js runtime. That's why it breaks.

Until Vercel fixes their runtime, we can polyfill it. (yarn add atob)

import atob from `atob`

// Somewhere before Magic Admin usage
globalThis.atob = atob;

Now enjoy your weekend!

vercel/next.js#36030

from magic-admin-js.

🚀 PR was released in v1.4.1 🚀

from magic-admin-js.

@VladimirMikulic As this error is Vercel specifically, I think adding engines to package.json will narrow down other use cases with Node.js. Potentially, I can add a polyfill of atob to the SDK, in case the node environment does not provide one. That'll resolve the issue for everyone else.

from magic-admin-js.

Just incase it's relevant and helpful...

I received this malformed DID token error this morning when I cloned my repo on another machine and ran my project locally (not deployed to Vercel).

I tried logging in on my first machine and it worked fine, then I tried logging in on my second machine and got this error. After checking my yarn.lock file very carefully, I realised that both of my projects were exactly the same. I figured that the only possible difference was the node version installed on my machines. Sure enough, the version on the machine where I could login to my project was v16.13.2 whereas the version on the machine where I was getting the Magic error was v14...

I upgraded my node version to 16.13.2 and was able to login with no malformed token error from Magic. So for me at least, this was a local node version issue. Hope that helps someone :)

from magic-admin-js.

That's the case for Vercel as well. (runs on Node.js 14)
Maybe it would make sense for Magic to add engines field in package.json so we get a warning when version < Node.js 16 or polyfill atob themselves.

from magic-admin-js.

I just synced with the team, we don't have any updates recently in the admin-SDK.

Shout out to @VladimirMikulic. Please refer to his answer if you have run into the same issue.
#86 (comment)

Feel free to re-open the ticket if anyone has encountered a subsequent issue

from magic-admin-js.

Which nextjs version are you using @heymartinadams? I am having the same issue, locally everything works fine, on Vercel it doesnt.

from magic-admin-js.

Facing the same issue, we did update next to latest version. 12.1.2

from magic-admin-js.

Indeed, using 12.1.4! Will test earlier versions and update this comment once I have... @RobSchilderr @Edjevw12 The issue seems not to be with next but with @magic-sdk/admin, specifically version 1.4.0. I downgraded next all the way to 12.0.0 and it didn’t resolve the issue, but as soon as I downgraded @magic-sdk/admin to 1.3.4 I was able to log in on the deployment build.

from magic-admin-js.

Indeed, using 12.1.4! Will test earlier versions and update this comment once I have... @RobSchilderr @Edjevw12 The issue seems not to be with next but with @magic-sdk/admin, specifically version 1.4.0. I downgraded next all the way to 12.0.0 and it didn’t resolve the issue, but as soon as I downgraded @magic-sdk/admin to 1.3.4 I was able to log in on the deployment build.

You are right. It does work at @magic-sdk/admin in version1.3.4. So to the maintainers of this package: I had this exact same issue but my @magic-sdk/admin version was 1.0.0 and my next version was at 12.0.7 and also at 12.1.2.

from magic-admin-js.

I've got the Admin SDK running in a Nest.js server (not Next), and am still getting the error...

I have an auth service which handles all of the magic stuff...

@Injectable()
export class AuthService {
  constructor(private readonly usersService: UsersService) {}

  public async login(
    payload: CreateOrLoginUserDto,
    didToken: string
  ): Promise<AuthenticatedUser> {
    console.log(magic().secretApiKey) // sk_live_xxxxx

    const s = magic().token.validate(didToken) 
    // Magic Admin SDK Error: [ERROR_MALFORMED_TOKEN] The DID token is malformed or failed to parse.

    console.log(s)

    const user = await this.usersService.createOrLoginUser({
      ...payload,
      didToken
    })

    return {
      jwt: 'string',
      user
    }
  }
}

from magic-admin-js.

I have the same error running in local :( nextjs and typescript!

from magic-admin-js.

I downgraded the magic version to 1.3.4 and finally works in local ----> Maybe possible solution!

from magic-admin-js.

Hey even if I downgraded the magic link admin SDK to v 1.3.4 not able to login in to the server on the production . Locally everything is working fine .......
The main issue which I am facing that the DID token generated is not vaildated in the back end (Node js v 12.18.0) .

Error code at validation line number 328 https://imgur.com/tNAIWZJ

AWS Server log error https://imgur.com/N3SixsG

On the front end using React version 16

from magic-admin-js.

Thank you so much @VladimirMikulic 👯

from magic-admin-js.

Glad I could help!

from magic-admin-js.

I've got the Admin SDK running in a Nest.js server (not Next), and am still getting the error...

I have an auth service which handles all of the magic stuff...

@Injectable()
export class AuthService {
  constructor(private readonly usersService: UsersService) {}

  public async login(
    payload: CreateOrLoginUserDto,
    didToken: string
  ): Promise<AuthenticatedUser> {
    console.log(magic().secretApiKey) // sk_live_xxxxx

    const s = magic().token.validate(didToken) 
    // Magic Admin SDK Error: [ERROR_MALFORMED_TOKEN] The DID token is malformed or failed to parse.

    console.log(s)

    const user = await this.usersService.createOrLoginUser({
      ...payload,
      didToken
    })

    return {
      jwt: 'string',
      user
    }
  }
}

Does anyone have an idea for my issue?

from magic-admin-js.

@herbievine just polyfill atob on globalThis.

from magic-admin-js.

#for nest js
var atob = require('atob');
globalThis.atob = atob;

from magic-admin-js.

Sorry for the late reply. Taking a look at this now

from magic-admin-js.

Thanks, @Ethella.
It would be helpful if you could add engines file to package.json so people get warned immediately that they are using wrong Node.js version.

"engines": {
  "node": "16.x"
},

This line requires Node.js v16 since atob is not available on previous Node.js versions.
https://github.com/magiclabs/magic-admin-js/blob/master/src/utils/parse-didt.ts#L15
(updated on Feb 17, the previous revision relied on Buffer which is, as far as I know, available in all Node.js versions)

from magic-admin-js.

Thank you, @Ethella!

from magic-admin-js.

I have this issue when user login with their phone number sometimes.

from magic-admin-js.