I set up a Hyperledger Fabric 2.2 network successfully but unable to query/invoke assets through nodeJs SDK. The node version I am using is 16. I think the issue is with grpc most probably. I was able to create assets when I was using node version 12 but not with version 16
Error snippet
Loaded the network configuration located at /home/harsh/Videos/standardc-backend-master-v3-dlt/fabric-network-setup/fabric-swarm/common-connection-profile.json
Connect to Fabric gateway.
2023-02-13T15:28:45.076Z - info: [NetworkConfig]: buildOrderer - Unable to connect to the committer ord1_standardc_io due to TypeError: Channel credentials must be a ChannelCredentials object
at new ChannelImplementation (/home/harsh/Videos/standardc-backend-master-v3-dlt/node_modules/fabric-common/node_modules/#grpc/grpc-js/build/src/channel.js:102:19)
at new Client (/home/harsh/Videos/standardc-backend-master-v3-dlt/node_modules/fabric-common/node_modules/#grpc/grpc-js/build/src/client.js:65:36)
at new ServiceClientImpl (/home/harsh/Videos/standardc-backend-master-v3-dlt/node_modules/fabric-common/node_modules/#grpc/grpc-js/build/src/make-client.js:58:5)
at Committer.connect (/home/harsh/Videos/standardc-backend-master-v3-dlt/node_modules/fabric-network/node_modules/fabric-common/lib/ServiceEndpoint.js:120:18)
at buildOrderer (/home/harsh/Videos/standardc-backend-master-v3-dlt/node_modules/fabric-network/lib/impl/ccp/networkconfig.js:103:23)
at async Object.loadFromConfig (/home/harsh/Videos/standardc-backend-master-v3-dlt/node_modules/fabric-network/lib/impl/ccp/networkconfig.js:50:13)
at async Gateway.connect (/home/harsh/Videos/standardc-backend-master-v3-dlt/node_modules/fabric-network/lib/gateway.js:299:13)
at async evaluate (/home/harsh/Videos/standardc-backend-master-v3-dlt/modules/dlt/commonHyperledgerHelpers/query.js:50:5)
at async queryAssetById (/home/harsh/Videos/standardc-backend-master-v3-dlt/modules/dlt/asset/asset.js:149:20)
2023-02-13T15:28:45.080Z - info: [NetworkConfig]: buildOrderer - Unable to connect to the committer ord2_standardc_io due to TypeError: Channel credentials must be a ChannelCredentials object
at new ChannelImplementation (/home/harsh/Videos/standardc-backend-master-v3-dlt/node_modules/fabric-common/node_modules/#grpc/grpc-js/build/src/channel.js:102:19)
at new Client (/home/harsh/Videos/standardc-backend-master-v3-dlt/node_modules/fabric-common/node_modules/#grpc/grpc-js/build/src/client.js:65:36)
at new ServiceClientImpl (/home/harsh/Videos/standardc-backend-master-v3-dlt/node_modules/fabric-common/node_modules/#grpc/grpc-js/build/src/make-client.js:58:5)
at Committer.connect (/home/harsh/Videos/standardc-backend-master-v3-dlt/node_modules/fabric-network/node_modules/fabric-common/lib/ServiceEndpoint.js:120:18)
at buildOrderer (/home/harsh/Videos/standardc-backend-master-v3-dlt/node_modules/fabric-network/lib/impl/ccp/networkconfig.js:103:23)
at async Object.loadFromConfig (/home/harsh/Videos/standardc-backend-master-v3-dlt/node_modules/fabric-network/lib/impl/ccp/networkconfig.js:50:13)
at async Gateway.connect (/home/harsh/Videos/standardc-backend-master-v3-dlt/node_modules/fabric-network/lib/gateway.js:299:13)
at async evaluate (/home/harsh/Videos/standardc-backend-master-v3-dlt/modules/dlt/commonHyperledgerHelpers/query.js:50:5)
at async queryAssetById (/home/harsh/Videos/standardc-backend-master-v3-dlt/modules/dlt/asset/asset.js:149:20)
2023-02-13T15:28:45.083Z - info: [NetworkConfig]: buildOrderer - Unable to connect to the committer ord3_standardc_io due to TypeError: Channel credentials must be a ChannelCredentials object
at new ChannelImplementation (/home/harsh/Videos/standardc-backend-master-v3-dlt/node_modules/fabric-common/node_modules/#grpc/grpc-js/build/src/channel.js:102:19)
at new Client (/home/harsh/Videos/standardc-backend-master-v3-dlt/node_modules/fabric-common/node_modules/#grpc/grpc-js/build/src/client.js:65:36)
at new ServiceClientImpl (/home/harsh/Videos/standardc-backend-master-v3-dlt/node_modules/fabric-common/node_modules/#grpc/grpc-js/build/src/make-client.js:58:5)
at Committer.connect (/home/harsh/Videos/standardc-backend-master-v3-dlt/node_modules/fabric-network/node_modules/fabric-common/lib/ServiceEndpoint.js:120:18)
at buildOrderer (/home/harsh/Videos/standardc-backend-master-v3-dlt/node_modules/fabric-network/lib/impl/ccp/networkconfig.js:103:23)
at async Object.loadFromConfig (/home/harsh/Videos/standardc-backend-master-v3-dlt/node_modules/fabric-network/lib/impl/ccp/networkconfig.js:50:13)
at async Gateway.connect (/home/harsh/Videos/standardc-backend-master-v3-dlt/node_modules/fabric-network/lib/gateway.js:299:13)
at async evaluate (/home/harsh/Videos/standardc-backend-master-v3-dlt/modules/dlt/commonHyperledgerHelpers/query.js:50:5)
at async queryAssetById (/home/harsh/Videos/standardc-backend-master-v3-dlt/modules/dlt/asset/asset.js:149:20)
Use network channel: standardcdltchannel.
2023-02-13T15:28:45.161Z - error: [ServiceEndpoint]: ServiceEndpoint grpcs://localhost:7050 reset connection failed :: TypeError: Channel credentials must be a ChannelCredentials object
2023-02-13T15:28:45.163Z - error: [ServiceEndpoint]: ServiceEndpoint grpcs://localhost:7050 reset connection failed :: TypeError: Channel credentials must be a ChannelCredentials object
2023-02-13T15:28:45.165Z - error: [ServiceEndpoint]: ServiceEndpoint grpcs://localhost:7050 reset connection failed :: TypeError: Channel credentials must be a ChannelCredentials object
Common-connection-profile
{
"name": "abcd",
"version": "1.0.0",
"channels": {
"standardcdltchannel": {
"orderers": [
"ord1_standardc_io",
"ord2_standardc_io",
"ord3_standardc_io"
],
"peers": [
"a1_admin_standardc_io",
"a2_admin_standardc_io",
"a1_fin_standardc_io",
"a2_fin_standardc_io",
"a1_user_standardc_io",
"a2_user_standardc_io"
]
}
},
"orderers": {
"ord1_standardc_io": {
"url": "grpcs://localhost:7050",
"grpcOptions": {
"ssl-target-name-override": "ord1_standardc_io"
},
"tlsCACerts": {
"path": "fabric-network-setup/fabric-swarm/crypto-config/ordererOrganizations/standardc_io/orderers/ord1_standardc_io/tls/ca.crt"
}
},
"ord2_standardc_io": {
"url": "grpcs://localhost:8050",
"grpcOptions": {
"ssl-target-name-override": "ord2_standardc_io"
},
"tlsCACerts": {
"path": "fabric-network-setup/fabric-swarm/crypto-config/ordererOrganizations/standardc_io/orderers/ord2_standardc_io/tls/ca.crt"
}
},
"ord3_standardc_io": {
"url": "grpcs://localhost:9050",
"grpcOptions": {
"ssl-target-name-override": "ord3_standardc_io"
},
"tlsCACerts": {
"path": "fabric-network-setup/fabric-swarm/crypto-config/ordererOrganizations/standardc_io/orderers/ord3_standardc_io/tls/ca.crt"
}
}
},
"organizations": {
"StandardCAdmin": {
"mspid": "StandardCAdminMSP",
"peers": [
"a1_admin_standardc_io",
"a2_admin_standardc_io"
],
"certificateAuthorities": [
"ca_StandardCAdmin"
]
},
"StandardCFin": {
"mspid": "StandardCFinMSP",
"peers": [
"a1_fin_standardc_io",
"a2_fin_standardc_io"
],
"certificateAuthorities": [
"ca_StandardCFin"
]
},
"StandardCUser": {
"mspid": "StandardCUserMSP",
"peers": [
"a1_user_standardc_io",
"a2_user_standardc_io"
],
"certificateAuthorities": [
"ca_StandardCUser"
]
}
},
"peers": {
"a1_admin_standardc_io": {
"url": "grpcs://localhost:7051",
"grpcOptions": {
"ssl-target-name-override": "a1_admin_standardc_io",
"hostnameOverride": "a1_admin_standardc_io"
},
"tlsCACerts": {
"pem": "-----BEGIN CERTIFICATE-----\nMIICXzCCAgagAwIBAgIRAPGMIxMpZ7KcQuC1J115hKcwCgYIKoZIzj0EAwIwejEL\nMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG\ncmFuY2lzY28xGzAZBgNVBAoMEmFkbWluX3N0YW5kYXJkY19pbzEhMB8GA1UEAwwY\ndGxzY2EuYWRtaW5fc3RhbmRhcmRjX2lvMB4XDTIzMDIxMzEwNDEwMFoXDTMzMDIx\nMDEwNDEwMFowejELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAU\nBgNVBAcTDVNhbiBGcmFuY2lzY28xGzAZBgNVBAoMEmFkbWluX3N0YW5kYXJkY19p\nbzEhMB8GA1UEAwwYdGxzY2EuYWRtaW5fc3RhbmRhcmRjX2lvMFkwEwYHKoZIzj0C\nAQYIKoZIzj0DAQcDQgAEP7hrn3FOgSIoV2OFpF5N448bXLg8NdwWSXJ76xra1Dsj\nJfS6+A6OKp+4X0VZ7vfUqvVNSj0vU611osqopRYWt6NtMGswDgYDVR0PAQH/BAQD\nAgGmMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATAPBgNVHRMBAf8EBTAD\nAQH/MCkGA1UdDgQiBCCxhxWEEntqKYczzMh3sncOGFwiP9XB8U/hmUTRFnboWzAK\nBggqhkjOPQQDAgNHADBEAiAf3ZbcFLushIlfZ4dD67SVUMay6EdUE7mPvsUXXLqF\nQwIgeRFexyjDtl3bAnCrf/KNe9uPq/epZWXMvS+JnGgBO8s=\n-----END CERTIFICATE-----\n"
}
},
"a2_admin_standardc_io": {
"url": "grpcs://localhost:10105",
"grpcOptions": {
"ssl-target-name-override": "a2_admin_standardc_io",
"hostnameOverride": "a2_admin_standardc_io"
},
"tlsCACerts": {
"pem": "-----BEGIN CERTIFICATE-----\nMIICXzCCAgagAwIBAgIRAPGMIxMpZ7KcQuC1J115hKcwCgYIKoZIzj0EAwIwejEL\nMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG\ncmFuY2lzY28xGzAZBgNVBAoMEmFkbWluX3N0YW5kYXJkY19pbzEhMB8GA1UEAwwY\ndGxzY2EuYWRtaW5fc3RhbmRhcmRjX2lvMB4XDTIzMDIxMzEwNDEwMFoXDTMzMDIx\nMDEwNDEwMFowejELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAU\nBgNVBAcTDVNhbiBGcmFuY2lzY28xGzAZBgNVBAoMEmFkbWluX3N0YW5kYXJkY19p\nbzEhMB8GA1UEAwwYdGxzY2EuYWRtaW5fc3RhbmRhcmRjX2lvMFkwEwYHKoZIzj0C\nAQYIKoZIzj0DAQcDQgAEP7hrn3FOgSIoV2OFpF5N448bXLg8NdwWSXJ76xra1Dsj\nJfS6+A6OKp+4X0VZ7vfUqvVNSj0vU611osqopRYWt6NtMGswDgYDVR0PAQH/BAQD\nAgGmMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATAPBgNVHRMBAf8EBTAD\nAQH/MCkGA1UdDgQiBCCxhxWEEntqKYczzMh3sncOGFwiP9XB8U/hmUTRFnboWzAK\nBggqhkjOPQQDAgNHADBEAiAf3ZbcFLushIlfZ4dD67SVUMay6EdUE7mPvsUXXLqF\nQwIgeRFexyjDtl3bAnCrf/KNe9uPq/epZWXMvS+JnGgBO8s=\n-----END CERTIFICATE-----\n"
}
},
"a1_fin_standardc_io": {
"url": "grpcs://localhost:8051",
"grpcOptions": {
"ssl-target-name-override": "a1_fin_standardc_io",
"hostnameOverride": "a1_fin_standardc_io"
},
"tlsCACerts": {
"pem": "-----BEGIN CERTIFICATE-----\nMIICWDCCAf6gAwIBAgIRAPLNPsjll3MJ1JtK4H2n7SIwCgYIKoZIzj0EAwIwdjEL\nMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG\ncmFuY2lzY28xGTAXBgNVBAoMEGZpbl9zdGFuZGFyZGNfaW8xHzAdBgNVBAMMFnRs\nc2NhLmZpbl9zdGFuZGFyZGNfaW8wHhcNMjMwMjEzMTA0MTAwWhcNMzMwMjEwMTA0\nMTAwWjB2MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UE\nBxMNU2FuIEZyYW5jaXNjbzEZMBcGA1UECgwQZmluX3N0YW5kYXJkY19pbzEfMB0G\nA1UEAwwWdGxzY2EuZmluX3N0YW5kYXJkY19pbzBZMBMGByqGSM49AgEGCCqGSM49\nAwEHA0IABDpbUyoFRVo7xoIuTCwmCosJujfQbMDNuO9d9ZrouyR6Z+hHsHygBnSU\nL5TjSQ5rBHicwVWDhpD+p3UTiqNH1cyjbTBrMA4GA1UdDwEB/wQEAwIBpjAdBgNV\nHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwDwYDVR0TAQH/BAUwAwEB/zApBgNV\nHQ4EIgQgBW/ha6XUwwxfLHUbngYe1fFSi7wE2YHvVnLrCmjaIQQwCgYIKoZIzj0E\nAwIDSAAwRQIhAPhfFS5BwyQ9kGj7+YR8U+yXyNK42J89Ym77oTtTjKlmAiB5Q3yk\nagyJDOrYyxmAXu+7YgrYUD0Hu6BOVWk6ply7Pg==\n-----END CERTIFICATE-----\n"
}
},
"a2_fin_standardc_io": {
"url": "grpcs://localhost:10205",
"grpcOptions": {
"ssl-target-name-override": "a2_fin_standardc_io",
"hostnameOverride": "a2_fin_standardc_io"
},
"tlsCACerts": {
"pem": "-----BEGIN CERTIFICATE-----\nMIICWDCCAf6gAwIBAgIRAPLNPsjll3MJ1JtK4H2n7SIwCgYIKoZIzj0EAwIwdjEL\nMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDVNhbiBG\ncmFuY2lzY28xGTAXBgNVBAoMEGZpbl9zdGFuZGFyZGNfaW8xHzAdBgNVBAMMFnRs\nc2NhLmZpbl9zdGFuZGFyZGNfaW8wHhcNMjMwMjEzMTA0MTAwWhcNMzMwMjEwMTA0\nMTAwWjB2MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UE\nBxMNU2FuIEZyYW5jaXNjbzEZMBcGA1UECgwQZmluX3N0YW5kYXJkY19pbzEfMB0G\nA1UEAwwWdGxzY2EuZmluX3N0YW5kYXJkY19pbzBZMBMGByqGSM49AgEGCCqGSM49\nAwEHA0IABDpbUyoFRVo7xoIuTCwmCosJujfQbMDNuO9d9ZrouyR6Z+hHsHygBnSU\nL5TjSQ5rBHicwVWDhpD+p3UTiqNH1cyjbTBrMA4GA1UdDwEB/wQEAwIBpjAdBgNV\nHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwDwYDVR0TAQH/BAUwAwEB/zApBgNV\nHQ4EIgQgBW/ha6XUwwxfLHUbngYe1fFSi7wE2YHvVnLrCmjaIQQwCgYIKoZIzj0E\nAwIDSAAwRQIhAPhfFS5BwyQ9kGj7+YR8U+yXyNK42J89Ym77oTtTjKlmAiB5Q3yk\nagyJDOrYyxmAXu+7YgrYUD0Hu6BOVWk6ply7Pg==\n-----END CERTIFICATE-----\n"
}
},
"a1_user_standardc_io": {
"url": "grpcs://localhost:9051",
"grpcOptions": {
"ssl-target-name-override": "a1_user_standardc_io",
"hostnameOverride": "a1_user_standardc_io"
},
"tlsCACerts": {
"pem": "-----BEGIN CERTIFICATE-----\nMIICWzCCAgGgAwIBAgIQfzttriKt8PjPCq6ahVRsgTAKBggqhkjOPQQDAjB4MQsw\nCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZy\nYW5jaXNjbzEaMBgGA1UECgwRdXNlcl9zdGFuZGFyZGNfaW8xIDAeBgNVBAMMF3Rs\nc2NhLnVzZXJfc3RhbmRhcmRjX2lvMB4XDTIzMDIxMzEwNDEwMFoXDTMzMDIxMDEw\nNDEwMFoweDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNV\nBAcTDVNhbiBGcmFuY2lzY28xGjAYBgNVBAoMEXVzZXJfc3RhbmRhcmRjX2lvMSAw\nHgYDVQQDDBd0bHNjYS51c2VyX3N0YW5kYXJkY19pbzBZMBMGByqGSM49AgEGCCqG\nSM49AwEHA0IABEEH6Km7J/yMIPVmV5xHGO4z/70817YsUB3vhEcPzW24Utb9Fa4z\nV5PFL1F3THPCC03/j6FKkH2Sb8U5kR6H4A2jbTBrMA4GA1UdDwEB/wQEAwIBpjAd\nBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwDwYDVR0TAQH/BAUwAwEB/zAp\nBgNVHQ4EIgQgeiTgppGQVAIkzh/rUj/mkAvrzo02U42GQ+yqISd+0akwCgYIKoZI\nzj0EAwIDSAAwRQIhAK2Jif9AmcyXMjw0QtNsqvynrdHEhsrkRH3faCfxa0ECAiBS\njXiY+4T66F//0F4xk1FUhJaeZQCm5hCYt/h1AlNi6g==\n-----END CERTIFICATE-----\n"
}
},
"a2_user_standardc_io": {
"url": "grpcs://localhost:10305",
"grpcOptions": {
"ssl-target-name-override": "a2_user_standardc_io",
"hostnameOverride": "a2_user_standardc_io"
},
"tlsCACerts": {
"pem": "-----BEGIN CERTIFICATE-----\nMIICWzCCAgGgAwIBAgIQfzttriKt8PjPCq6ahVRsgTAKBggqhkjOPQQDAjB4MQsw\nCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZy\nYW5jaXNjbzEaMBgGA1UECgwRdXNlcl9zdGFuZGFyZGNfaW8xIDAeBgNVBAMMF3Rs\nc2NhLnVzZXJfc3RhbmRhcmRjX2lvMB4XDTIzMDIxMzEwNDEwMFoXDTMzMDIxMDEw\nNDEwMFoweDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNV\nBAcTDVNhbiBGcmFuY2lzY28xGjAYBgNVBAoMEXVzZXJfc3RhbmRhcmRjX2lvMSAw\nHgYDVQQDDBd0bHNjYS51c2VyX3N0YW5kYXJkY19pbzBZMBMGByqGSM49AgEGCCqG\nSM49AwEHA0IABEEH6Km7J/yMIPVmV5xHGO4z/70817YsUB3vhEcPzW24Utb9Fa4z\nV5PFL1F3THPCC03/j6FKkH2Sb8U5kR6H4A2jbTBrMA4GA1UdDwEB/wQEAwIBpjAd\nBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwDwYDVR0TAQH/BAUwAwEB/zAp\nBgNVHQ4EIgQgeiTgppGQVAIkzh/rUj/mkAvrzo02U42GQ+yqISd+0akwCgYIKoZI\nzj0EAwIDSAAwRQIhAK2Jif9AmcyXMjw0QtNsqvynrdHEhsrkRH3faCfxa0ECAiBS\njXiY+4T66F//0F4xk1FUhJaeZQCm5hCYt/h1AlNi6g==\n-----END CERTIFICATE-----\n"
}
}
},
"certificateAuthorities": {
"ca_StandardCAdmin": {
"url": "https://localhost:7054",
"caName": "ca_StandardCAdmin",
"tlsCACerts": {
"pem": "-----BEGIN CERTIFICATE-----\nMIICWTCCAf+gAwIBAgIQGqmY2TnbrYHpfSLWJG9slzAKBggqhkjOPQQDAjB3MQsw\nCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZy\nYW5jaXNjbzEbMBkGA1UECgwSYWRtaW5fc3RhbmRhcmRjX2lvMR4wHAYDVQQDDBVj\nYS5hZG1pbl9zdGFuZGFyZGNfaW8wHhcNMjMwMjEzMTA0MTAwWhcNMzMwMjEwMTA0\nMTAwWjB3MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UE\nBxMNU2FuIEZyYW5jaXNjbzEbMBkGA1UECgwSYWRtaW5fc3RhbmRhcmRjX2lvMR4w\nHAYDVQQDDBVjYS5hZG1pbl9zdGFuZGFyZGNfaW8wWTATBgcqhkjOPQIBBggqhkjO\nPQMBBwNCAAQjAX9P5VDzrYNCyAX3VVyx+b2Zj6ksqr0kjwrK7p7tw44Re9gDnrZx\ns1T4TQtays+3vdJVrcR60XfljJah5KHLo20wazAOBgNVHQ8BAf8EBAMCAaYwHQYD\nVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMBMA8GA1UdEwEB/wQFMAMBAf8wKQYD\nVR0OBCIEINP68n78uQQUXLyEj8Z3t7i+P6DAhLTrqxZg4Z6STy/HMAoGCCqGSM49\nBAMCA0gAMEUCIQCwErwt0jkJCvEXMNKK4wfHdr7bc+VJBwTx/+55wPDq7gIgS++Q\nHoo9XcFa0tTxaHIXlw/RSUHyhjtlQcbmQkGYTxc=\n-----END CERTIFICATE-----\n"
},
"httpOptions": {
"verify": false
}
},
"ca_StandardCFin": {
"url": "https://localhost:8054",
"caName": "ca_StandardCFin",
"tlsCACerts": {
"pem": "-----BEGIN CERTIFICATE-----\nMIICUTCCAfegAwIBAgIQF73X1H/A97e8dD9ONdx+uzAKBggqhkjOPQQDAjBzMQsw\nCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZy\nYW5jaXNjbzEZMBcGA1UECgwQZmluX3N0YW5kYXJkY19pbzEcMBoGA1UEAwwTY2Eu\nZmluX3N0YW5kYXJkY19pbzAeFw0yMzAyMTMxMDQxMDBaFw0zMzAyMTAxMDQxMDBa\nMHMxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1T\nYW4gRnJhbmNpc2NvMRkwFwYDVQQKDBBmaW5fc3RhbmRhcmRjX2lvMRwwGgYDVQQD\nDBNjYS5maW5fc3RhbmRhcmRjX2lvMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE\n7okOZKS2UcKbXyPTcuUKm4IwyixTop0acLApHul7jdHlCagaHHp8ZRDkujrSMwFW\nSE2XyAliby+qKBZzTo4Tp6NtMGswDgYDVR0PAQH/BAQDAgGmMB0GA1UdJQQWMBQG\nCCsGAQUFBwMCBggrBgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MCkGA1UdDgQiBCDQ\nLKzwFEERdwOuOiXqe6NWzDHsX7n0uhQYhMS/SvWToTAKBggqhkjOPQQDAgNIADBF\nAiEA6bFSIeCZlSnIQJ8SEhMgaLyk0QQmxeE9KzbeJEAyhAUCIBNaZUC0YGXB2mm4\nYHbxf0BYRgLI+/tNMD20NwqVr6MQ\n-----END CERTIFICATE-----\n"
},
"httpOptions": {
"verify": false
}
},
"ca_StandardCUser": {
"url": "https://localhost:9054",
"caName": "ca_StandardCUser",
"tlsCACerts": {
"pem": "-----BEGIN CERTIFICATE-----\nMIICVDCCAfugAwIBAgIQcJ3I4sJZB/aozh8fz5Pu4jAKBggqhkjOPQQDAjB1MQsw\nCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZy\nYW5jaXNjbzEaMBgGA1UECgwRdXNlcl9zdGFuZGFyZGNfaW8xHTAbBgNVBAMMFGNh\nLnVzZXJfc3RhbmRhcmRjX2lvMB4XDTIzMDIxMzEwNDEwMFoXDTMzMDIxMDEwNDEw\nMFowdTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcT\nDVNhbiBGcmFuY2lzY28xGjAYBgNVBAoMEXVzZXJfc3RhbmRhcmRjX2lvMR0wGwYD\nVQQDDBRjYS51c2VyX3N0YW5kYXJkY19pbzBZMBMGByqGSM49AgEGCCqGSM49AwEH\nA0IABFZqnLYHyueJRTde2is1GE0NTch7/7wIbic3TWsGp3nIbr/qQOeO4C/sKQcr\na10IeAxOqygPCvX1PhVAyuXIADajbTBrMA4GA1UdDwEB/wQEAwIBpjAdBgNVHSUE\nFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwDwYDVR0TAQH/BAUwAwEB/zApBgNVHQ4E\nIgQgfw82nvAsVC+uPtAETYmU5QFTzfW6e4FYdP713usdKQQwCgYIKoZIzj0EAwID\nRwAwRAIgcbiH6oGe17/7gYJ/8JL7NZSjNzmkdZPOuPX55TD7d+MCICdc+U++8S1j\nCoxSHhmGiDjQ4nejCelav69jwV3KlVqy\n-----END CERTIFICATE-----\n"
},
"httpOptions": {
"verify": false
}
}
}
}
package.json with essentials details
{
"name": "abcd-backend",
"version": "3.0.0-476-230212",
"private": true,
"scripts": {
"start": "nodemon ./bin/www"
},
"dependencies": {
"fabric-ca-client": "^2.2.15",
"fabric-client": "^1.4.18",
"fabric-common": "^2.2.16",
"fabric-network": "^2.2.15",
"grpc": "^1.24.11"
}
}
The error "TypeError:Channel credentials must be a ChannelCredentials object" happens most commonly because the gRPC library that was used to create the ChannelCredentials object does not match the gRPC library that it was passed to to create a Channel. In this case, the error is coming from the library #grpc/grpc-js, but you have a dependency on grpc. If you used grpc to create the credentials object, that would cause this error. You should depend on #grpc/grpc-js instead.
Related
Using login with Microsoft on Azure AD B2C I get the following error:
invalid_request: The provided value for the input parameter 'redirect_uri' is not valid. The expected value is a URI which matches a redirect URI registered for this client application.
I can reach other providers and login with email just not Microsoft.. lol.
I have searched for hours and tried everything I can think of, hopefully someone else can help identify the issue. Initially I was only able to get Microsoft login to work using https://login.microsoft.com/common or something similar but that did not use my userflow/ allow other providers. Now that I have the userflow working from my application I cannot login with Microsoft. Below is my config and code.
I initially followed the Microsoft tutorial here:
https://learn.microsoft.com/en-us/azure/developer/javascript/tutorial/single-page-application-azure-login-button-sdk-msal
then pieced others together to get it to use my userflow to execute and it works other than login with Microsoft.
Registered Application Manifest on Azure:
{
"id": "<ID>",
"acceptMappedClaims": null,
"accessTokenAcceptedVersion": 2,
"addIns": [],
"allowPublicClient": true,
"appId": "<app id>",
"appRoles": [],
"oauth2AllowUrlPathMatching": false,
"createdDateTime": "2021-06-09T22:15:39Z",
"disabledByMicrosoftStatus": null,
"groupMembershipClaims": null,
"identifierUris": [],
"informationalUrls": {
"termsOfService": null,
"support": null,
"privacy": null,
"marketing": null
},
"keyCredentials": [],
"knownClientApplications": [],
"logoUrl": null,
"logoutUrl": null,
"name": "Management",
"oauth2AllowIdTokenImplicitFlow": true,
"oauth2AllowImplicitFlow": true,
"oauth2Permissions": [],
"oauth2RequirePostResponse": false,
"optionalClaims": null,
"orgRestrictions": [],
"parentalControlSettings": {
"countriesBlockedForMinors": [],
"legalAgeGroupRule": "Allow"
},
"passwordCredentials": [],
"preAuthorizedApplications": [],
"publisherDomain": "dwsdevb2c.onmicrosoft.com",
"replyUrlsWithType": [
{
"url": "https://jwt.ms/",
"type": "Spa"
},
{
"url": "https://jwt.ms",
"type": "Spa"
},
{
"url": "http://localhost:3000/",
"type": "Spa"
},
{
"url": "http://localhost:3000",
"type": "Spa"
}
],
"requiredResourceAccess": [
{
"resourceAppId": "00000003-0000-0000-c000-000000000000",
"resourceAccess": [
{
"id": "37f7f235-527c-4136-accd-4a02d197296e",
"type": "Scope"
},
{
"id": "7427e0e9-2fba-42fe-b0c0-848c9e6a8182",
"type": "Scope"
}
]
}
],
"samlMetadataUrl": null,
"signInUrl": "http://localhost:3000/",
"signInAudience": "AzureADandPersonalMicrosoftAccount",
"tags": [
"notApiConsumer",
"singlePageApp"
],
"tokenEncryptionKeyId": null
}
azure-authentication-config.tsx
import { Configuration, LogLevel } from '#azure/msal-browser';
const AzureActiveDirectoryAppClientId: any =
process.env.REACT_APP_AZURE_ACTIVE_DIRECTORY_APP_CLIENT_ID;
export const b2cPolicies = {
names: {
signUpSignIn: 'B2C_1_dwsdevuserflow01',
forgotPassword: 'B2C_1_dwsdevuserflow01',
editProfile: 'B2C_1_dwsdevprofileflow01',
},
authorities: {
signUpSignIn: {
authority:
'https://dwsdevb2c.b2clogin.com/dwsdevb2c.onmicrosoft.com/B2C_1_dwsdevuserflow01',
},
forgotPassword: {
authority:
'https://dwsdevb2c.b2clogin.com/dwsdevb2c.onmicrosoft.com/B2C_1_dwsdevuserflow01',
},
editProfile: {
authority:
'https://dwsdevb2c.b2clogin.com/dwsdevb2c.onmicrosoft.com/B2C_1_dwsdevprofileflow01',
},
},
authorityDomain: 'https://dwsdevb2c.b2clogin.com',
// authorityDomain: 'https://login.microsoft.com/common',
};
export const MSAL_CONFIG: Configuration = {
auth: {
clientId: AzureActiveDirectoryAppClientId,
authority: b2cPolicies.authorities.signUpSignIn.authority,
knownAuthorities: [b2cPolicies.authorityDomain],
redirectUri: window.location.origin,
postLogoutRedirectUri: window.location.origin, // Indicates the page to navigate after logout.
navigateToLoginRequestUrl: false,
},
cache: {
cacheLocation: 'sessionStorage',
storeAuthStateInCookie: true,
},
system: {
loggerOptions: {
loggerCallback: (level, message, containsPii) => {
if (containsPii) {
return;
}
switch (level) {
case LogLevel.Error:
console.error(message);
return;
case LogLevel.Info:
console.error(message);
return;
case LogLevel.Verbose:
console.error(message);
return;
case LogLevel.Warning:
console.error(message);
return;
default:
break;
}
},
},
},
};
azure-authentication-context.tsx
import {
PublicClientApplication,
AuthenticationResult,
AccountInfo,
EndSessionRequest,
RedirectRequest,
PopupRequest,
} from '#azure/msal-browser';
import { MSAL_CONFIG } from './azure-authentication-config';
export class AzureAuthenticationContext {
private myMSALObj: PublicClientApplication = new PublicClientApplication(
MSAL_CONFIG,
);
private account?: AccountInfo;
private loginRedirectRequest?: RedirectRequest;
private loginRequest?: PopupRequest;
public isAuthenticationConfigured = false;
constructor() {
// #ts-ignore
this.account = null;
this.setRequestObjects();
if (MSAL_CONFIG?.auth?.clientId) {
this.isAuthenticationConfigured = true;
}
}
private setRequestObjects(): void {
this.loginRequest = {
scopes: ['openid', 'profile'],
prompt: 'select_account',
};
this.loginRedirectRequest = {
...this.loginRequest,
redirectStartPage: MSAL_CONFIG.auth.redirectUri, //window.location.href,
};
}
login(signInType: string, setUser: any): void {
if (signInType === 'loginPopup') {
this.myMSALObj
.loginPopup(this.loginRequest)
.then((resp: AuthenticationResult) => {
this.handleResponse(resp, setUser);
})
.catch((err) => {
console.error(err);
});
} else if (signInType === 'loginRedirect') {
this.myMSALObj.loginRedirect(this.loginRedirectRequest);
}
}
logout(account: AccountInfo): void {
const logOutRequest: EndSessionRequest = {
account,
};
this.myMSALObj.logout(logOutRequest);
}
handleResponse(response: AuthenticationResult, incomingFunction: any) {
if (response !== null && response.account !== null) {
this.account = response.account;
} else {
this.account = this.getAccount();
}
if (this.account) {
incomingFunction(this.account);
}
}
private getAccount(): AccountInfo | undefined {
console.log(`loadAuthModule`);
const currentAccounts = this.myMSALObj.getAllAccounts();
if (currentAccounts === null) {
// #ts-ignore
console.log('No accounts detected');
return undefined;
}
if (currentAccounts.length > 1) {
// #ts-ignore
console.log(
'Multiple accounts detected, need to add choose account code.',
);
return currentAccounts[0];
} else if (currentAccounts.length === 1) {
return currentAccounts[0];
}
}
}
export default AzureAuthenticationContext;
In AzureAD navigate to Home => App Registrations > YOUR_APP
Under “Single-page application” you should see the Redirect URIs listed. It is my understanding that the redirectUri value under Auth in your MSAL_CONFIG file needs to match on of the URI’s listed there. Have you confirmed that is the case? I am unable to tell what ‘window.location.origin’ is producing based on your config.
The skill in question asks for one permission when enabling in Web or app (Outbound Notification). But, when implemented Skill Enabled Event it's not asking user to give notification permission or not. Skill enablement works itself but permission is by default No. How to make alexa to ask for permission when enabling via voice?
Can Alexa prompt them via voice to enable the outbound notification?
skill.json
{
"manifest": {
"publishingInformation": {
"locales": {
"en-US": {
"summary": "test skill summary",
"examplePhrases": [
"Alexa, launch test skill",
"Alexa, open test skill",
"Alexa, start test skill"
],
"keywords": [
"test skill"
],
"name": "test skill",
"description": "test skill Description",
"smallIconUri": "",
"largeIconUri": "",
"updatesDescription": ""
}
},
"isAvailableWorldwide": true,
"testingInstructions": "n/a",
"category": "EVENT_FINDERS",
"distributionCountries": [],
"automaticDistribution": {
"isActive": false
}
},
"apis": {
"custom": {
"endpoint": {
"uri": "arn:aws:lambda:us-east-1:"
},
"interfaces": []
}
},
"manifestVersion": "1.0",
"privacyAndCompliance": {
"allowsPurchases": false,
"locales": {
"en-US": {
"privacyPolicyUrl": "",
"termsOfUseUrl": ""
}
},
"isExportCompliant": true,
"containsAds": false,
"isChildDirected": false,
"usesPersonalInfo": false
},
"events": {
"endpoint": {
"uri": "arn:aws:lambda:us-east-1:"
},
"publications": [
{
"eventName": "AMAZON.MessageAlert.Activated"
},
{
"eventName": "AMAZON.MediaContent.Available"
}
],
"regions": {
"NA": {
"endpoint": {
"uri": "arn:aws:lambda:us-east-1:",
"sslCertificateType": "Trusted"
}
}
},
"subscriptions": [
{
"eventName": "SKILL_PROACTIVE_SUBSCRIPTION_CHANGED"
},
{
"eventName": "SKILL_ENABLED"
},
{
"eventName": "SKILL_DISABLED"
},
{
"eventName": "SKILL_PERMISSION_ACCEPTED"
},
{
"eventName": "SKILL_PERMISSION_CHANGED"
},
{
"eventName": "SKILL_ACCOUNT_LINKED"
}
]
},
"permissions": [
{
"name": "alexa::devices:all:notifications:write"
}
]
}
}
Thank you for the help
There may be a different way, but once you are in the skill I believe you will need to send an ask for permissions card. As I understand it the idea is to make sure that Amazon is involved as a third party permissions granter. This will pop a permissions request in the Alexa app on the users phone. This added layer of security just makes sure the customer saw exactly what permissions they were granting.
You can do this a few different ways in your skill. You could check the first time that the user connects and keep track of that first connection in a persistent customer data layer. Or you could just check if the user has permission when you go to use that part of the skill. If they don't respond telling the customer you sent them a card to grant permissions.
Here is more info on permission cards:
https://developer.amazon.com/en-US/docs/alexa/custom-skills/request-customer-contact-information-for-use-in-your-skill.html#permissions-card-for-requesting-customer-consent
To run reminders via a lambda, other permissions are probably the same format.
const CreateReminderIntent = {
canHandle(handlerInput) {
const { request } = handlerInput.requestEnvelope;
return request.type === 'IntentRequest' && request.intent.name === 'CreateReminderIntent';
},
async handle(handlerInput) {
const { requestEnvelope, serviceClientFactory, responseBuilder } = handlerInput;
const consentToken = requestEnvelope.context.System.user.permissions
&& requestEnvelope.context.System.user.permissions.consentToken;
if (!consentToken) {
return handlerInput.responseBuilder
.addDirective({
type: "Connections.SendRequest",
name: "AskFor",
payload: {
"#type": "AskForPermissionsConsentRequest",
"#version": "1",
"permissionScope": "alexa::alerts:reminders:skill:readwrite"
},
token: "<string>"
})
.getResponse();
}
try {
const speechText = "Great! I've scheduled a reminder for you";
const ReminderManagementServiceClient = serviceClientFactory.getReminderManagementServiceClient();
const reminderPayload = {
"trigger": {
"type": "SCHEDULED_RELATIVE",
"offsetInSeconds": "10",
"timeZoneId": "Europe/London"
},
"alertInfo": {
"spokenInfo": {
"content": [{
"locale": "en-GB",
"text": "Wash the dog"
}]
}
},
"pushNotification": {
"status": "ENABLED"
}
};
await ReminderManagementServiceClient.createReminder(reminderPayload);
return responseBuilder
.speak(speechText)
.getResponse();
} catch (error) {
console.error(error);
return responseBuilder
.speak('Uh Oh. Looks like something went wrong.')
.getResponse();
}
}
};
I have custom skill that calls web service i created. I am able to launch and get other intent, but i am not getting notification when permission for notification is changed by user of my skill. I need he notification event to get user id for sending push notifications later by other service.
Below is my json file:
{
"manifest": {
"apis": {
"custom": {
"endpoint": {
"uri": "https://pathToMyService",
"sslCertificateType": "Wildcard"
},
"interfaces": []
}
},
"events": {
"publications": [
{ "eventName": "AMAZON.TrashCollectionAlert.Activated" },
{ "eventName": "AMAZON.MessageAlert.Activated" }
],
"subscriptions": [
{ "eventName": "SKILL_PROACTIVE_SUBSCRIPTION_CHANGED" },
{ "eventName": "SKILL_ENABLED" },
{ "eventName": "SKILL_DISABLED" },
{ "eventName": "SKILL_PERMISSION_ACCEPTED" },
{ "eventName": "SKILL_PERMISSION_CHANGED" },
],
"regions": {
"NA": {
"endpoint": {
"uri": "https://pathToMyService",
"sslCertificateType": "Wildcard"
}
}
},
"endpoint": {
"uri": "https://pathToMyService",
"sslCertificateType": "Wildcard"
}
},
"manifestVersion": "1.0",
"permissions": [
{ "name": "alexa::devices:all:notifications:write" }
],
"publishingInformation": {
"locales": {
"en-US": { "name": "Test Events" }
}
}
}
}
Below is the Launch request: I have truncated applicatioId, userID, consentToken, deviceId, apiAccessToken
{"version":"1.0","session":{"new":true,"sessionId":"amzn1.echo-api.session.60ad1e76-0872-4e10-b79d-7144cdf3e1c9","application":{"applicationId":"amzn1.ask.skill.59d60703"},"user":{"userId":"amzn1.ask.account.AGB7EOY","permissions":{"consentToken":"eyJ0eXAiOiJKV1"}}},"context":{"System":{"application":{"applicationId":"amzn1.ask.skill.59d60703"},"user":{"userId":"amzn1.ask.account.AGB7EOY","permissions":{"consentToken":"eyJ0eXAiOiJKV1Qi"}},"device":{"deviceId":"amzn1.ask.device.AFNXDZOAEMFDFKK","supportedInterfaces":{}},"apiEndpoint":"https://api.amazonalexa.com","apiAccessToken":"eyJ0eXAiOiJKV1Qi"}},"request":{"type":"LaunchRequest","requestId":"amzn1.echo-api.request.adb318af-1977-4b36-b8ad-0bb4352fa563","timestamp":"2020-03-22T23:37:55Z","locale":"en-US","shouldLinkResultBeReturned":false}}
Thanks
I resolved the issue: When I updated by skill.json file using
ask api update-skill -s amzn1.ask.skill.59d6 -f Test.json
it didn't update properly. I noticed today when I got latest
ask api get-skill -s amzn1.ask.skill.59d6 >Test2.json
the event section was missing. I added back and reapplied and it's working now.
I apologize if it doesnt make much sense, I am new to stackoverflow and React
I already made the React app, my problem is that I dont understand how to login into an API and making a GET request to get the current session key.
I have tried following axios docs and fetch but the only thing I get is or Network error or a CORS error.
this is with axios
// class LoginForm extends React.Component {
// state = {
// users: []
// }
// componentDidMount() {
// const url = API_URL;
// axios.get(url)
// .then(res=> {
// const users = res.data;
// this.setState({users});
// })
// }
// render() {
// return (
// <div>{Object.keys(this.state.users).map(user => <h3>{user.skey}</h3> )}</div>
// )
// };
// }
this is with fetch
componentDidMount() {
fetch(API_URL)
.then(res => res.json())
.then(
(result) => {
this.setState({
isLoaded: true,
items: result.items
});
},
(error) => {
this.setState({
isLoaded: true,
error
});
}
)
}
this is the JSON from the API (I had altered content for security)
{
"skey": "lep8k7jcbtba2Hwlcf4ZGVtgbmwo8s56721",
"authenticated": false,
"silo": "demo",
"user": {
"uuid": "f205daa8-b838-41c7-984be",
"username": "guest",
"full_name": "Guest",
"email": "guest",
"groups": [
{
"uuid": "27e2e4f9-ebee-4ecca10151",
"name": "guest_user"
},
{
"uuid": "c354f1b5-ca702fe3",
"name": "public"
}
],
"roles": [
{
"uuid": "027a210b657f52b10dd4",
"name": "limited"
}
],
"permits": [
{
"uuid": "e1e896-c5bd-35494211374e",
"name": "collection.create.ccpUser"
},
{
"uuid": "0e4a0a9c-8cca9-4803da46d23d",
"name": "contribution.create.ccpArticle"
},
{
"uuid": "83f93b4dab-116dd29b19e3",
"name": "contribution.view.ccpComment"
},
{
"uuid": "b7401658-4509-98e28868748b",
"name": "view_pub_public"
},
{
"uuid": "0016447d-af2b-3c4dd0bcf55d",
"name": "ws.config.list"
},
{
"uuid": "0c776bcb-7656-6e15-9ecb2389ea6f",
"name": "ws.pubs"
},
{
"uuid": "4839a09b-5be-b119-3ee8281780e3",
"name": "ws.user.login"
}
]
},
"httpSession": "devtvowc4gmo8s5672",
"cmsVersion": "6.3p"
}
Wrap your res around parenthesis. Try this:
axios.get(url)
.then((res) => {
console.log(res);
})
.catch((err) => {
console.log(err);
})
When I try to sign in with google inside an android stand alone app, it gives the following error:
{"framesToPop":1,"code":"GOOGLE_ERROR"}
This is the app.json(changed the last four digits of hash and apikey, just for stack-overflow )
{
"expo": {
"name": "flux-scrollable",
"description": "An empty new project",
"slug": "flux-scrollable",
"privacy": "public",
"sdkVersion": "19.0.0",
"android": {
"package": "com.anonsment.chat",
"config": {
"googleSignIn": {
"apiKey": "AIzaSyD5d-Y6MKS3wmxUOHvBTGhIMPOmZC9mvdc",
"certificateHash": "F6B135645BC1D38C2FF5CE2C7BC3E7C573CCA943"
}
}
},
"version": "1.0.0",
"orientation": "portrait",
"primaryColor": "#cccccc",
"icon": "./assets/icons/app-icon.png",
"loading": {
"icon": "./assets/icons/loading-icon.png",
"hideExponentText": false
},
"packagerOpts": {
"assetExts": [
"ttf",
"mp4"
]
},
"ios": {
"supportsTablet": true
}
}
}
Code for login
const { type, user } = await Google.logInAsync({
androidStandaloneAppClientId:'173851312683-pittv77ag7tn3tpq26bvu6d5nirbs5dr.apps.googleusercontent.com',
iosStandaloneAppClientId: '<IOS_CLIENT_ID>',
androidClientId: '603386649315-9rbv8vmv2vvftetfbvlrbufcps1fajqf.apps.googleusercontent.com',
iosClientId: '603386649315-vp4revvrcgrcjme51ebuhbkbspl048l9.apps.googleusercontent.com',
scopes: ['profile', 'email']
});
Maybe you need to add behavior: 'web' in your code
const { type, user } = await Google.logInAsync({
androidStandaloneAppClientId:'173851312683-pittv77ag7tn3tpq26bvu6d5nirbs5dr.apps.googleusercontent.com',
iosStandaloneAppClientId: '<IOS_CLIENT_ID>',
androidClientId: '603386649315-9rbv8vmv2vvftetfbvlrbufcps1fajqf.apps.googleusercontent.com',
iosClientId: '603386649315-vp4revvrcgrcjme51ebuhbkbspl048l9.apps.googleusercontent.com',
behavior: 'web',
scopes: ['profile', 'email'] });