starred/hoppscotch

Fork 0

mirror of https://github.com/hoppscotch/hoppscotch.git synced 2026-04-26 01:06:00 +03:00

[GH-ISSUE #3050] [bug]: Self-host unable to use Azure oauth #996

New issue

Closed

opened 2026-03-16 17:58:58 +03:00 by kerem · 5 comments

kerem commented

2026-03-16 17:58:58 +03:00

Owner

Originally created by @andreufontb on GitHub (May 11, 2023).
Original GitHub issue: https://github.com/hoppscotch/hoppscotch/issues/3050

Is there an existing issue for this?

I have searched the existing issues

Current behavior

With a new setup and everything setup to use Microsoft Auth when I try to login the backend server gets an error, it seems "profile" data is empty

[Nest] 180  - 05/10/2023, 2:01:27 PM   ERROR [ExceptionsHandler] Cannot read properties of undefined (reading 'emails')
TypeError: Cannot read properties of undefined (reading 'emails')
    at MicrosoftStrategy.validate (/usr/src/app/src/auth/strategies/microsoft.strategy.ts:27:15)
    at MicrosoftStrategy.<anonymous> (/usr/src/app/node_modules/.pnpm/@nestjs+passport@9.0.0_@nestjs+common@9.2.1_passport@0.6.0/node_modules/@nestjs/passport/dist/passport/passport.strategy.js:20:55)
    at Generator.next (<anonymous>)
    at /usr/src/app/node_modules/.pnpm/@nestjs+passport@9.0.0_@nestjs+common@9.2.1_passport@0.6.0/node_modules/@nestjs/passport/dist/passport/passport.strategy.js:8:71
    at new Promise (<anonymous>)
    at __awaiter (/usr/src/app/node_modules/.pnpm/@nestjs+passport@9.0.0_@nestjs+common@9.2.1_passport@0.6.0/node_modules/@nestjs/passport/dist/passport/passport.strategy.js:4:12)
    at MicrosoftStrategy.callback [as _verify] (/usr/src/app/node_modules/.pnpm/@nestjs+passport@9.0.0_@nestjs+common@9.2.1_passport@0.6.0/node_modules/@nestjs/passport/dist/passport/passport.strategy.js:17:45)
    at /usr/src/app/node_modules/.pnpm/passport-oauth2@1.6.1/node_modules/passport-oauth2/lib/strategy.js:198:24
    at /usr/src/app/node_modules/.pnpm/passport-microsoft@1.0.0/node_modules/passport-microsoft/lib/strategy.js:117:17
    at passBackControl (/usr/src/app/node_modules/.pnpm/oauth@0.9.15/node_modules/oauth/lib/oauth2.js:134:9)

After some debugging i've found the problem and editing the file: /packages/hoppscotch-backend/src/auth/strategies/microsoft.strategy.ts and adding a dummie param to this funcion like this: async validate(accessToken: string, refreshToken: string, dummie, profile, done) {
Solves the null problem and the function can access to profile data.

But then it seems prisma gets in to a loop creating the user to the database with this error.

[Nest] 180  - 05/11/2023, 6:10:48 AM   ERROR [ExceptionsHandler] Maximum call stack size exceeded
RangeError: Maximum call stack size exceeded
    at BufferList.hasOwnProperty (<anonymous>)
    at getDepth (/usr/src/app/node_modules/.pnpm/@prisma+client@4.8.1_prisma@4.8.1/node_modules/@prisma/client/runtime/index.js:33225:42)
    at getDepth (/usr/src/app/node_modules/.pnpm/@prisma+client@4.8.1_prisma@4.8.1/node_modules/@prisma/client/runtime/index.js:33229:21)
    at getDepth (/usr/src/app/node_modules/.pnpm/@prisma+client@4.8.1_prisma@4.8.1/node_modules/@prisma/client/runtime/index.js:33229:21)
    at getDepth (/usr/src/app/node_modules/.pnpm/@prisma+client@4.8.1_prisma@4.8.1/node_modules/@prisma/client/runtime/index.js:33229:21)
    at getDepth (/usr/src/app/node_modules/.pnpm/@prisma+client@4.8.1_prisma@4.8.1/node_modules/@prisma/client/runtime/index.js:33229:21)
    at getDepth (/usr/src/app/node_modules/.pnpm/@prisma+client@4.8.1_prisma@4.8.1/node_modules/@prisma/client/runtime/index.js:33229:21)
    at getDepth (/usr/src/app/node_modules/.pnpm/@prisma+client@4.8.1_prisma@4.8.1/node_modules/@prisma/client/runtime/index.js:33229:21)
    at getDepth (/usr/src/app/node_modules/.pnpm/@prisma+client@4.8.1_prisma@4.8.1/node_modules/@prisma/client/runtime/index.js:33229:21)
    at getDepth (/usr/src/app/node_modules/.pnpm/@prisma+client@4.8.1_prisma@4.8.1/node_modules/@prisma/client/runtime/index.js:33229:21)

I'm not expert enought to solve this problem by my self and send a PR, sorry...

Steps to reproduce

Create a new self-hostes hoppscotch
Add azure oauth config
Try to signup in to hoppscotch

Environment

Production

Version

Self-hosted

Originally created by @andreufontb on GitHub (May 11, 2023). Original GitHub issue: https://github.com/hoppscotch/hoppscotch/issues/3050 ### Is there an existing issue for this? - [X] I have searched the existing issues ### Current behavior With a new setup and everything setup to use Microsoft Auth when I try to login the backend server gets an error, it seems "profile" data is empty ``` [Nest] 180 - 05/10/2023, 2:01:27 PM ERROR [ExceptionsHandler] Cannot read properties of undefined (reading 'emails') TypeError: Cannot read properties of undefined (reading 'emails') at MicrosoftStrategy.validate (/usr/src/app/src/auth/strategies/microsoft.strategy.ts:27:15) at MicrosoftStrategy.<anonymous> (/usr/src/app/node_modules/.pnpm/@nestjs+passport@9.0.0_@nestjs+common@9.2.1_passport@0.6.0/node_modules/@nestjs/passport/dist/passport/passport.strategy.js:20:55) at Generator.next (<anonymous>) at /usr/src/app/node_modules/.pnpm/@nestjs+passport@9.0.0_@nestjs+common@9.2.1_passport@0.6.0/node_modules/@nestjs/passport/dist/passport/passport.strategy.js:8:71 at new Promise (<anonymous>) at __awaiter (/usr/src/app/node_modules/.pnpm/@nestjs+passport@9.0.0_@nestjs+common@9.2.1_passport@0.6.0/node_modules/@nestjs/passport/dist/passport/passport.strategy.js:4:12) at MicrosoftStrategy.callback [as _verify] (/usr/src/app/node_modules/.pnpm/@nestjs+passport@9.0.0_@nestjs+common@9.2.1_passport@0.6.0/node_modules/@nestjs/passport/dist/passport/passport.strategy.js:17:45) at /usr/src/app/node_modules/.pnpm/passport-oauth2@1.6.1/node_modules/passport-oauth2/lib/strategy.js:198:24 at /usr/src/app/node_modules/.pnpm/passport-microsoft@1.0.0/node_modules/passport-microsoft/lib/strategy.js:117:17 at passBackControl (/usr/src/app/node_modules/.pnpm/oauth@0.9.15/node_modules/oauth/lib/oauth2.js:134:9) ``` After some debugging i've found the problem and editing the file: `/packages/hoppscotch-backend/src/auth/strategies/microsoft.strategy.ts` and adding a dummie param to this funcion like this: ` async validate(accessToken: string, refreshToken: string, dummie, profile, done) {` Solves the null problem and the function can access to profile data. But then it seems prisma gets in to a loop creating the user to the database with this error. ``` [Nest] 180 - 05/11/2023, 6:10:48 AM ERROR [ExceptionsHandler] Maximum call stack size exceeded RangeError: Maximum call stack size exceeded at BufferList.hasOwnProperty (<anonymous>) at getDepth (/usr/src/app/node_modules/.pnpm/@prisma+client@4.8.1_prisma@4.8.1/node_modules/@prisma/client/runtime/index.js:33225:42) at getDepth (/usr/src/app/node_modules/.pnpm/@prisma+client@4.8.1_prisma@4.8.1/node_modules/@prisma/client/runtime/index.js:33229:21) at getDepth (/usr/src/app/node_modules/.pnpm/@prisma+client@4.8.1_prisma@4.8.1/node_modules/@prisma/client/runtime/index.js:33229:21) at getDepth (/usr/src/app/node_modules/.pnpm/@prisma+client@4.8.1_prisma@4.8.1/node_modules/@prisma/client/runtime/index.js:33229:21) at getDepth (/usr/src/app/node_modules/.pnpm/@prisma+client@4.8.1_prisma@4.8.1/node_modules/@prisma/client/runtime/index.js:33229:21) at getDepth (/usr/src/app/node_modules/.pnpm/@prisma+client@4.8.1_prisma@4.8.1/node_modules/@prisma/client/runtime/index.js:33229:21) at getDepth (/usr/src/app/node_modules/.pnpm/@prisma+client@4.8.1_prisma@4.8.1/node_modules/@prisma/client/runtime/index.js:33229:21) at getDepth (/usr/src/app/node_modules/.pnpm/@prisma+client@4.8.1_prisma@4.8.1/node_modules/@prisma/client/runtime/index.js:33229:21) at getDepth (/usr/src/app/node_modules/.pnpm/@prisma+client@4.8.1_prisma@4.8.1/node_modules/@prisma/client/runtime/index.js:33229:21) ``` I'm not expert enought to solve this problem by my self and send a PR, sorry... ### Steps to reproduce 1. Create a new self-hostes hoppscotch 2. Add azure oauth config 3. Try to signup in to hoppscotch ### Environment Production ### Version Self-hosted

kerem

2026-03-16 17:58:58 +03:00

closed this issue
added the
bug

need testing

self-host
labels

kerem commented

2026-03-16 17:59:15 +03:00

Author

Owner

@sydevinfra commented on GitHub (May 15, 2023):

Hello,

Same issue here.
I added the delegated authorizations "email" and "User.ReadBasic.All" just in case (+Admin consent) but I still have the same error message.

Probably unrelated but there is a warning on the App : "Starting November 9th, 2020 end users will no longer be able to grant consent to newly registered multitenant apps without verified publishers."
It should not be an issue since I granted admin consent.

Also probably not a factor, but the site is behind a nginx reverse proxy for https.

@sydevinfra commented on GitHub (May 15, 2023): Hello, Same issue here. I added the delegated authorizations "email" and "User.ReadBasic.All" just in case (+Admin consent) but I still have the same error message. Probably unrelated but there is a warning on the App : "Starting November 9th, 2020 end users will no longer be able to grant consent to newly registered multitenant apps without verified publishers." It should not be an issue since I granted admin consent. Also probably not a factor, but the site is behind a nginx reverse proxy for https.

kerem commented

2026-03-16 17:59:20 +03:00

Author

Owner

@balub commented on GitHub (May 22, 2023):

@andreufontb Can I see the env file you are using?

@balub commented on GitHub (May 22, 2023): @andreufontb Can I see the env file you are using?

kerem commented

2026-03-16 17:59:25 +03:00

Author

Owner

@andreufontb commented on GitHub (May 23, 2023):

Sure,
I have changed my real company's name for "mycompany" and all secrets and passwords to "XXXXXXXXX"
Hoppscotch is deployed on k8s, and with ingress-nginx as a ingress controller for the custom frontend's internal domain name.

#-----------------------Backend Config------------------------------#
## D'aquesta config de backend, no hem de tocar res
## Tot el que vulguem canviar, ho posem com a cariable d'entorn en el Deployment!
# Prisma Config
DATABASE_URL=postgresql://hoppscotch:XXXXXXXXXXX@hoppscotch-postgresql:5432/hoppscotch?connect_timeout=300

# Auth Tokens Config
JWT_SECRET="XXXXXXXXXXX"
TOKEN_SALT_COMPLEXITY=10
MAGIC_LINK_TOKEN_VALIDITY= 3
REFRESH_TOKEN_VALIDITY="604800000" # Default validity is 7 days (604800000 ms) in ms
ACCESS_TOKEN_VALIDITY="86400000" # Default validity is 1 day (86400000 ms) in ms
SESSION_SECRET='XXXXXXXXXXXXX'

# Hoppscotch App Domain Config
REDIRECT_URL="https://hoppscotch.mycompany.lan"
WHITELISTED_ORIGINS = "https://hoppscotch.mycompany.lan,https://hoppscotch-admin.mycompany.lan"

# Google Auth Config
GOOGLE_CLIENT_ID="************************************************"
GOOGLE_CLIENT_SECRET="************************************************"
GOOGLE_CALLBACK_URL="http://localhost:3170/v1/auth/google/callback"
GOOGLE_SCOPE="email,profile"

# Github Auth Config
GITHUB_CLIENT_ID="************************************************"
GITHUB_CLIENT_SECRET="************************************************"
GITHUB_CALLBACK_URL="http://localhost:3170/v1/auth/github/callback"
GITHUB_SCOPE="user:email"

# Microsoft Auth Config
MICROSOFT_CLIENT_ID="XXXXXXXXXXXXXXXXXXXXXXXXXX"
MICROSOFT_CLIENT_SECRET="XXXXXXXXXXXXXXXXXXXXXXXXXX"
MICROSOFT_CALLBACK_URL="https://hoppscotch-backend.mycompany.lan/v1/auth/microsoft/callback"
MICROSOFT_SCOPE="User.Read"

# Mailer config
MAILER_SMTP_URL="smtp://postfix-relay.postfix.svc:25"
MAILER_ADDRESS_FROM='hoppscotch@mycompany.cat'

# Rate Limit Config
RATE_LIMIT_TTL=60 # In seconds
RATE_LIMIT_MAX=100 # Max requests per IP


#-----------------------Frontend Config------------------------------#


# Base URLs
VITE_BASE_URL=https://hoppscotch.mycompany.lan/
VITE_SHORTCODE_BASE_URL=https://hoppscotch.mycompany.lan/
VITE_ADMIN_URL=https://hoppscotch-admin.mycompany.lan/

# Backend URLs
VITE_BACKEND_GQL_URL=https://hoppscotch-backend.mycompany.lan/graphql
VITE_BACKEND_WS_URL=wss://hoppscotch-backend.mycompany.lan/graphql
VITE_BACKEND_API_URL=https://hoppscotch-backend.mycompany.lan/v1

# Terms Of Service And Privacy Policy Links (Optional)
VITE_APP_TOS_LINK=https://docs.hoppscotch.io/support/terms
VITE_APP_PRIVACY_POLICY_LINK=https://docs.hoppscotch.io/support/privacy

@andreufontb commented on GitHub (May 23, 2023): Sure, I have changed my real company's name for "mycompany" and all secrets and passwords to "XXXXXXXXX" Hoppscotch is deployed on k8s, and with ingress-nginx as a ingress controller for the custom frontend's internal domain name. ``` env #-----------------------Backend Config------------------------------# ## D'aquesta config de backend, no hem de tocar res ## Tot el que vulguem canviar, ho posem com a cariable d'entorn en el Deployment! # Prisma Config DATABASE_URL=postgresql://hoppscotch:XXXXXXXXXXX@hoppscotch-postgresql:5432/hoppscotch?connect_timeout=300 # Auth Tokens Config JWT_SECRET="XXXXXXXXXXX" TOKEN_SALT_COMPLEXITY=10 MAGIC_LINK_TOKEN_VALIDITY= 3 REFRESH_TOKEN_VALIDITY="604800000" # Default validity is 7 days (604800000 ms) in ms ACCESS_TOKEN_VALIDITY="86400000" # Default validity is 1 day (86400000 ms) in ms SESSION_SECRET='XXXXXXXXXXXXX' # Hoppscotch App Domain Config REDIRECT_URL="https://hoppscotch.mycompany.lan" WHITELISTED_ORIGINS = "https://hoppscotch.mycompany.lan,https://hoppscotch-admin.mycompany.lan" # Google Auth Config GOOGLE_CLIENT_ID="************************************************" GOOGLE_CLIENT_SECRET="************************************************" GOOGLE_CALLBACK_URL="http://localhost:3170/v1/auth/google/callback" GOOGLE_SCOPE="email,profile" # Github Auth Config GITHUB_CLIENT_ID="************************************************" GITHUB_CLIENT_SECRET="************************************************" GITHUB_CALLBACK_URL="http://localhost:3170/v1/auth/github/callback" GITHUB_SCOPE="user:email" # Microsoft Auth Config MICROSOFT_CLIENT_ID="XXXXXXXXXXXXXXXXXXXXXXXXXX" MICROSOFT_CLIENT_SECRET="XXXXXXXXXXXXXXXXXXXXXXXXXX" MICROSOFT_CALLBACK_URL="https://hoppscotch-backend.mycompany.lan/v1/auth/microsoft/callback" MICROSOFT_SCOPE="User.Read" # Mailer config MAILER_SMTP_URL="smtp://postfix-relay.postfix.svc:25" MAILER_ADDRESS_FROM='hoppscotch@mycompany.cat' # Rate Limit Config RATE_LIMIT_TTL=60 # In seconds RATE_LIMIT_MAX=100 # Max requests per IP #-----------------------Frontend Config------------------------------# # Base URLs VITE_BASE_URL=https://hoppscotch.mycompany.lan/ VITE_SHORTCODE_BASE_URL=https://hoppscotch.mycompany.lan/ VITE_ADMIN_URL=https://hoppscotch-admin.mycompany.lan/ # Backend URLs VITE_BACKEND_GQL_URL=https://hoppscotch-backend.mycompany.lan/graphql VITE_BACKEND_WS_URL=wss://hoppscotch-backend.mycompany.lan/graphql VITE_BACKEND_API_URL=https://hoppscotch-backend.mycompany.lan/v1 # Terms Of Service And Privacy Policy Links (Optional) VITE_APP_TOS_LINK=https://docs.hoppscotch.io/support/terms VITE_APP_PRIVACY_POLICY_LINK=https://docs.hoppscotch.io/support/privacy ```

kerem commented

2026-03-16 17:59:30 +03:00

Author

Owner

@Saintel commented on GitHub (Jun 13, 2023):

Any news there?
We have the same issue :(

@Saintel commented on GitHub (Jun 13, 2023): Any news there? We have the same issue :(

kerem commented

2026-03-16 17:59:35 +03:00

Author

Owner

@liyasthomas commented on GitHub (Jun 27, 2023):