[BUG] Cannot find module '/www/node_modules/passport-saml/lib/passport-saml'. Please verify that the package.json has a valid "main" entry

[ghost]

Still getting the same error in 2.0.1 that I was in 1.5.0. Anyone else having this issue?

      throw err;
      ^

Error: Cannot find module '/www/node_modules/passport-saml/lib/passport-saml'. Please verify that the package.json has a valid "main" entry
    at tryPackage (internal/modules/cjs/loader.js:321:19)
    at Function.Module._findPath (internal/modules/cjs/loader.js:534:18)
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:880:27)
    at Function.Module._load (internal/modules/cjs/loader.js:743:27)
    at Module.require (internal/modules/cjs/loader.js:965:19)
    at require (internal/modules/cjs/helpers.js:88:18)
    at Object.<anonymous> (/www/dist/backend/index.js:36:36)
    at Module._compile (internal/modules/cjs/loader.js:1076:30)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:1097:10)
    at Module.load (internal/modules/cjs/loader.js:941:32)
    at Function.Module._load (internal/modules/cjs/loader.js:782:14)
    at Function.executeUserEntryPoint [as runMain] (internal/modules/run_main.js:72:12)
    at internal/main/run_main_module.js:17:47 {
  code: 'MODULE_NOT_FOUND',
  path: '/www/node_modules/passport-saml/package.json',
  requestPath: 'passport-saml'
}

[gugu]

can you please share package.json entry, which includes passport-saml module in your project?

[ghost]

Sure, you can view it here. But I think it is talking about passport-saml's package.json file because it's entry isn't specific. I thought it was to be updated in 2.0.0 per this comment: #479 (comment)

[markstos]

@aloswald your problem seems like it might be Babel-specific. Try alterating our "package.json" in your node_modules directory to see if there's a syntax that works for you.

Installed 2.0.1 into a temp directory and unpacked it main in package.json points to ./lib/passport-saml and I confirmed ./lib/passport-saml/index.js exists and contains "exports".

From reviewing man package.json and how module resolution works, our main entry should be valid.

What version of babel are you using? Is it the most recent?

[markstos]

Here's the reference docs for module load order:

https://nodejs.org/api/modules.html#modules_all_together

Notice that there is different path handling for relative and absolute paths. Not only are you using Babel, but your app is attempting to load an absolute path:

   /www/node_modules/passport-saml/lib/passport-saml

Notice from the spec that when you do that, the file system "root" set to "Y", the current directory, not a folder named "/www" at the root of your filesystem.

So while the problem appears to be with our package.json are you sure the issue is not that your app is looking for a folder named "./www/node_modules" relative to the current directory where your app is run, and this doesn't actually exist?

[markstos]

@aloswald You can test the fix in #495 but see my comments there for why I suspect it won't work.

[gugu]

@aloswald can you please update import passport from 'passport-saml' to import { Strategy } from 'passport-saml'. It fixes the problem

[ghost]

@gugu I was using import * as saml from 'passport-saml' then instantiating with saml.Stragegy.

@markstos You are correct, it did not work for me. I will check the pathing when I get a chance, but if that was the case I suspect I would have issues with other libraries too.

[ghost]

@markstos @gugu
I updated to 2.0.2 and did not change anything else in my app. After trying 2.0.2 I was presented with a new error. FYI, I can switch to 1.3.5 and my app works fine, switch to 2.0.2 and it breaks, switch back to 1.3.5 and it works fine. This is a runtime error that occurs when attempting to login. Because of this, and my unfamiliarity with JS, I can only suspect something wrong with passport-saml. Happy to try other suggestions you point me towards.

Here is my new error:

Error: error:0909006C:PEM routines:get_name:no start line
    at Sign.sign (internal/crypto/sig.js:110:29)
    at SAML.signRequest (/www/node_modules/passport-saml/lib/passport-saml/saml.js:193:40)
    at DeflateRaw.requestToUrlHelper [as cb] (/www/node_modules/passport-saml/lib/passport-saml/saml.js:396:26)
    at DeflateRaw.zlibBufferOnEnd (zlib.js:151:10)
    at DeflateRaw.emit (events.js:314:20)
    at DeflateRaw.EventEmitter.emit (domain.js:486:12)
    at endReadableNT (_stream_readable.js:1252:12)
    at processTicksAndRejections (internal/process/task_queues.js:80:21)

[markstos]

@aloswald The error is telling you that there's something wrong with your certificate.

[ghost]

@markstos Yes, I know what the error is telling me. The error is incorrect. There is nothing wrong with the certificate.

[cjbarth]

@aloswald That error isn't being thrown by passport-saml either. It is being thrown by node itself. Please see this test that causes this error to see what is happening: https://github.com/nodejs/node/blob/dae283d96fd31ad0f30840a7e55ac97294f505ac/test/parallel/test-crypto-key-objects.js#L205

[ishanuda]

@markstos @gugu
I updated to 2.0.2 and did not change anything else in my app. After trying 2.0.2 I was presented with a new error. FYI, I can switch to 1.3.5 and my app works fine, switch to 2.0.2 and it breaks, switch back to 1.3.5 and it works fine. This is a runtime error that occurs when attempting to login. Because of this, and my unfamiliarity with JS, I can only suspect something wrong with passport-saml. Happy to try other suggestions you point me towards.

Here is my new error:

Error: error:0909006C:PEM routines:get_name:no start line
    at Sign.sign (internal/crypto/sig.js:110:29)
    at SAML.signRequest (/www/node_modules/passport-saml/lib/passport-saml/saml.js:193:40)
    at DeflateRaw.requestToUrlHelper [as cb] (/www/node_modules/passport-saml/lib/passport-saml/saml.js:396:26)
    at DeflateRaw.zlibBufferOnEnd (zlib.js:151:10)
    at DeflateRaw.emit (events.js:314:20)
    at DeflateRaw.EventEmitter.emit (domain.js:486:12)
    at endReadableNT (_stream_readable.js:1252:12)
    at processTicksAndRejections (internal/process/task_queues.js:80:21)

Hi, @aloswald I also got the same error but with version 1.3.5.
You are saying that the config is working fine with version 1.3.5.
Here is my configurations

Regards

[gugu]

@ishanuda do you use private key from environment variables? how does your private key look like?

1. single line base64
2. multiline with ----- BEGIN PRIVATE KEY ---- and ----- END PRIVATE KEY ----
3. multilite without header/footer
4. binary

[ishanuda]

Hi @gugu,
Thank you very much for your reply.

I am using option 2.

Key is starting like the following

-----BEGIN RSA PRIVATE KEY-----
...
-----END RSA PRIVATE KEY-----

Used the following to parse it in the strategy config.

decryptionPvk: process.env.PRIVATE_KEY

The certificate is starting like the following

-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----

Used the following to parse it in the strategy config.

privateCert: process.env.PRIVATE_CERT

NOTE: also I use the .env file to set the file paths and other configurations in the application.

I tried with '\n\r' replace also but no success.
Thank you very much.

[gugu]

@ishanuda how do you store newlines in process.env.PRIVATE_KEY?

[ishanuda]

Hi @gugu,

I did not manually store new lines in the private key/cert.
Just downloaded the generated key/cert from the online self-signed key generator.
Used the file.
Did not modify/ or open the key/cert files in the text editor.

Regards.

[gugu]

Can you please add console.log(process.env.PRIVATE_KEY) and check if it contains newlines

[gugu]

@ishanuda does this problem reproduce?

[markstos]

Closing this because @aloswald has not provided a clear reproduction, like a failing test for the test suite and @ishanuda was reporting a problem with 1.3.5, not the current version.

If an issue can be reproduced with the current version-- a failing test case for the test suite is ideal-- please comment to re-open.

[ishanuda]

Hello @gugu, @markstos,

Thank you very much and sorry for the delay.

Wish you all a very happy new year.

Yes, it is still there. However, I got it fixed by switching the key and cert as follows. I just did it to check what happens, finally, the error was gone.

Here is what I did.
privateCert: -----BEGIN RSA PRIVATE KEY-----

decryptionPvk: -----BEGIN CERTIFICATE-----

So I would like to know if this is the configuration that needs to be.

NOTE: Also I had to switch the param of the meta XML generator method in order to generate the XML file as it also broke with the current config change.
i.e:
generateServiceProviderMetadata(decryptionCert, signingCert)

There is also another problem with my config, that is I can not SLO with the current configurations.
Once I hit log out, it re-login to the application.
I saw that the condition fails to identify the logoutUrl and re-route to the entry point url.
But the SSO is working fine.

I am using the JWT token as well in order to generate a token for internal communication.
NOTE: I mention this here to know if this is related to this problem.
If not I can open this as a new issue.

My configurations:

export default () => ({
    strategy: {
        issuer: process.env.ISSURE,
        entryPoint: process.env.ENTRY_POINT,
		
        callbackUrl: process.env.CALLBACK_URL,
        redirectUrl: process.env.REDIRECT_URL,
		
        logoutUrl: process.env.LOGOUT_URL,
        logoutCallbackUrl: process.env.LOGOUT_CALLBACK_URL,
		
        privateCert: process.env.PRIVATE_CERT ? fs.readFileSync(process.env.PRIVATE_CERT, 'utf-8') : '',
        decryptionPvk: process.env.PRIVATE_KEY ? fs.readFileSync(process.env.PRIVATE_KEY, 'utf-8') : '',
		
        identifierFormat: process.env.IDENTIFIER_FORMAT,
        authnContext: process.env.AUTHN_CONTEXT === 'true',
        disableRequestedAuthnContext: process.env.DISABLE_REQUESTED_AUTHN_CONTEXT === 'true',
    },
});

Environment details:

Node.JS: v10.16.3
@nestjs/core: ^7.5.1
@nestjs/jwt: ^7.2.0
@nestjs/passport: ^7.1.0
passport: ^0.4.1
passport-jwt: ^4.0.0
passport-saml: ^1.3.4

Tested on Windows and Linux env. The result is the same.

Thank you very much
Regards.

[cjbarth]

@ishanuda Please use a newer version of passport-saml.

[ishanuda]

Hi @cjbarth,

Thank you very much for the information.
I will update the library version and get back to you if the above-mentioned issues exists.

regards.

[ishanuda]

Hi @cjbarth, @gugu, @markstos,

I updated the library.

passport-saml": "^2.0.2
typescript": "^4.0.3

Still the same errors.

This configuration can not switch. It gives the same error: "no start line." mentioned above.

privateCert: -----BEGIN RSA PRIVATE KEY-----

decryptionPvk: -----BEGIN CERTIFICATE-----

Also can not SLO, it re-route to the dashboard after login.

Thank you very much
Regards.