TechQA.

NATS Based Resolver Integration - How to connect fine

305 views Asked by At

I want to use "NATS Based Resolver Integration" from this doc https://docs.nats.io/running-a-nats-service/configuration/securing_nats/auth_intro/jwt/resolver#nats-based-resolver-integration (to process jwt by node self)

But how the node should be connect to NATS (as resolver) if NATS deployed as clear image in docker and will know only nats.config

//nats.config (witch mount to docker as volume and fired)

debug: true
port: 4222
monitor_port: 8222

# Operator named MyOperator
operator: /*operator_jwt*/
# System Account named MyAccount
system_account: ABCDEFGHIJKLMNOPQRSTUVWXYZ55GLMC5TGDAKP56AYY7NIZKDV4AXV7

resolver {
    type: full
    dir: './jwt'
    allow_delete: false
    interval: "2m"
}

resolver_preload: {
    ABCDEFGHIJKLMNOPQRSTUVWXYZ55GLMC5TGDAKP56AYY7NIZKDV4AXV7: /*account_jwt*/,
}

cluster {
  name: "my_c"
  port: 6222
}

websocket:{
    port:8080
    no_tls:true
}

the server try to connect as:

//nestjs app.module.ts (equivalent of import { connect } from "nats")

@Module({
  imports: [
    ClientsModule.register([
      {
        name: 'NATS',
        transport: Transport.NATS,
        options: {
          servers: [process.env.NATS],
          authenticator: jwtAuthenticator(user_jwt_issued_by_resolver_preloaded_account),
            // credsAuthenticator(new TextEncoder().encode(creds)),
          name: 'service-subscriber',
          debug: true,
          verbose: true,}
      },
    ]),
    //...
  ],
  //...
})

but so the server has NatsError: 'Authorization Violation'

and the details view of NATS docker container logs:

[1] 2023/07/20 09:58:39.065386 [DBG] 172.17.0.1:33242 - cid:9 - Client connection created
[1] 2023/07/20 09:58:39.077356 [DBG] 172.17.0.1:33242 - cid:9 - "v2.12.1:nats.js:service-subscriber" - User JWT not valid: not user claim
[1] 2023/07/20 09:58:39.077406 [ERR] 172.17.0.1:33242 - cid:9 - "v2.12.1:nats.js:service-subscriber" - authentication error
[1] 2023/07/20 09:58:39.077446 [DBG] 172.17.0.1:33242 - cid:9 - "v2.12.1:nats.js:service-subscriber" - Client connection closed: Authentication Failure

What should I do to fix it?

nestjs nats.io nats-streaming-server
Original Q&A
1

There are 1 answers

0
Fedor Tykmakov On

jwtAuthenticator was not enough use credsAuthenticator with creds file:

authenticator: credsAuthenticator(new TextEncoder().encode(user_CREDS_issued_by_resolver_preloaded_account))

creds file created by nsc tool:

nsc generate creds -n sys > sys.creds

then you can fails on "Bad JSON" error. See issue https://github.com/nestjs/nest/issues/8055

  • there is closed couse of "fixed in 8.1.2"... but not so, and it happens too on
  "@nestjs/common": "^9.0.0",
  "@nestjs/core": "^9.0.0",
  "@nestjs/microservices": "^9.3.9"

The reason of error is that NATS resolver will fetch you nest app without body at all. That broke NestJs realisation of deserializer.

  • to fix that realy you can add custom to options:
deserializer: new CustomDeserializer()

CustomSerializer:

import {Deserializer} from "@nestjs/microservices";
export class CustomDeserializer implements Deserializer {
    deserialize(value: any, options?: Record<string, any>): any {
        return value.length ? JSON.parse(value.toString()) : {};
    }
}

with this NATS will attach your @MessagePattern('$SYS.REQ.ACCOUNT.*.CLAIMS.LOOKUP', Transport.NATS)async handleClaimsLookup method

P.S. just need to find format how to responce to that some where aside from official docs of nats or nest.

Related Questions in NESTJS

Related Questions in NATS.IO

Related Questions in NATS-STREAMING-SERVER

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Trending Questions