我尝试了各种Oauth2套餐,试图将我的Node应用与Google的oauth2服务连接起来 - 这是我过去成功完成的事情。
现在,无论我尝试什么,我都会得到同样的错误,这是" 禁用SSLv3方法"。我理解这是Node中最近的一个更改,用于禁用SSLv3以防止SSL中的POODLE漏洞。我的测试表明,如果你没有为请求对象提供密钥和证书,那么一切都默认为SSLv3(显然已经损坏)。
事情是 - 没有一个流行的谷歌oauth2软件包似乎允许选项通过你自己的密钥&证书进入请求。我可以修补我自己的密钥,但是,鉴于应该是影响很多人的东西,我觉得我错过了某些东西和/或做错了什么。
任何人遇到这个问题并有更直接的解决方案吗?
这是堆栈跟踪;
server-0 Error: SSLv3 methods disabled
server-0 at Error (native)
server-0 at new SecureContext (_tls_common.js:23:20)
server-0 at Object.createSecureContext (_tls_common.js:42:11)
server-0 at Object.TLSSocket._init.ssl.onclienthello.ssl.oncertcb.exports.connect (_tls_wrap.js:999:48)
server-0 at Agent.createConnection (https.js:80:22)
server-0 at Agent.createSocket (_http_agent.js:172:16)
server-0 at Agent.addRequest (_http_agent.js:141:23)
server-0 at new ClientRequest (_http_client.js:137:16)
server-0 at Object.exports.request (http.js:31:10)
server-0 at Object.exports.request (https.js:197:15)
server-0 at Request.start (MY_LOCAL_PATH/node_modules/google-auth-library/node_modules/request/request.js:799:30)
server-0 at Request.write (MY_LOCAL_PATH/node_modules/google-auth-library/node_modules/request/request.js:1360:10)
server-0 at end (MY_LOCAL_PATH/node_modules/google-auth-library/node_modules/request/request.js:556:16)
server-0 at Immediate._onImmediate (MY_LOCAL_PATH/node_modules/google-auth-library/node_modules/request/request.js:584:7)
server-0 at processImmediate [as _immediateCallback] (timers.js:383:17)
如上所述,如果我提供自己的密钥,我手动进行直接SSL连接没有问题。以下代码工作正常;
var tls = require ('tls');
var fs = require ('fs');
var options = {
host: 'google.com',
port: '443',
key: fs.readFileSync('key.pem'),
cert: fs.readFileSync('cert.pem'),
};
var Stream = tls.connect(options, function () {
console.log('client connected', Stream.authorized ? 'authorized' : 'unauthorized');
process.stdin.pipe(Stream);
process.stdin.resume();
});
Stream.on('data', function (stuff) {
console.log(stuff);
});
Stream.on('end', function () {
console.log('END');
});
Stream.on('error', function (err) {
throw err;
});