getSignedJsonWebToken() yields error:0906D06C:PEM routines:PEM_read_bio:no start line about app.js HOT 12 CLOSED

I had the same issue with my PEM key set in env variable. I could dump the ENV, copy and paste the var into a node console, and everything would work - but somehow I would get this error in my logs.

I'll keep playing with it and post again if I find the solution.

from app.js.

Thank you, much appreciated

from app.js.

Ok found it. Environment variables don't respect \n encoding so you need to explicitly replace them...sigh...

This works for me.

1. Store your private key with \n as the new line, as per the documentation.

GITHUB_APP_PRIVATE_KEY=-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEArwgRs2okqD9NC3IrzYmFx82A66eZzkaa+bFBeDwxh0L6MiuI\n/Ngm+9Yq+
... bla bla bla more stuff ....
yMYPNcQu62afq9oBVV1OY0/U5x454eVk6h\nKOz+TQ10QWEkIgkJGl+8aB3iYPzmzSqoCXYy1tu4
ReT\nhRaYHTbStLF4z29OjqkUMsy3KO6REkWqbsEnLkqvRYSRVsKXLM0K\n-----END RSA PRIVATE KEY-----\n

2. Read the variable and do a global replace

const app = new App({
  id: process.env.GITHUB_APP_ID,
  privateKey: process.env.GITHUB_APP_PRIVATE_KEY.replace(/\\n/g, '\n')
})

Sorry @gr2m had nothing to do with the repo or code.
Also see https://stackoverflow.com/questions/30400341/environment-variables-containing-newlines-in-node

from app.js.

In .env I had my variable as

GITHUB_PRIVATE_KEY="-----BEGIN RSA PRIVATE KEY----- .....-----END RSA PRIVATE KEY-----"

changed it to

GITHUB_PRIVATE_KEY=-----BEGIN RSA PRIVATE KEY----- .....-----END RSA PRIVATE KEY-----

by removing the " characters then did .replace(/\\n/g, '\n') and it fixed

from app.js.

This doesn't seem like an issue with this package, since I have tested the same method as you, and no problem at all with this package or the upstream jsonwebtoken package.

The following is my code that I have tested;

const key = fs.readFileSync('./private-key.pem').toString();

const app = new App({ id: process.env.APP_ID, privateKey: key });
const jwt = app.getSignedJsonWebToken();

It seems as though the docs need updating, you don't need to do anything with the private key string

from app.js.

Having the same issue. Saving to disk is not really an option I'm afraid. Need to read this from an ENV variable.

from app.js.

Unfortunately this issue only comes up when using environment variables. The only thing we can do now is discourage their use until a solution can be found

from app.js.

If someone could provide a reproducible test case that would be great. This package does not read out any environment variables, so the problem seems to be out of scope? Maybe log out the key before passing it to the privateKey and see if it's formatted correctly?

from app.js.

Thanks @tnolet, that's very helpful. As this might be a common mistake, I wonder if we can provide a more helpful error message? Maybe we can recognize the wrong formatting before trying to generate the JWT and throw a helpful error?

from app.js.

@gr2m just add a little callout somewhere in the docs. That should be enough. Don't clutter the code with stuff that doesn't belong there.

from app.js.

If only everyone would read the docs 😭

Maybe the fix is as simple as adding a .replace(/\\n/g, '\n') to the code, with a comment referencing this issue?

from app.js.

This library is being deprecated in favor of https://github.com/octokit/auth-app.js/.

If anyone can reproduce the problem discussed here, I'd very much appreciate a pull request with a failing test to https://github.com/octokit/auth-app.js/ 🙏

from app.js.