Internal server error with custom OAuth - Error in OAuth Server: Unexpected end of JSON input


I have my own custom OAuth application set up with RocketChat. My consent provider and OAuth application all seem to work fine. In the login page, this is what happens:

  1. I click to log in through my application.
  2. I grant consent from the consent application.
  3. The consent challenge is passed.
  4. The Rocket.Chat server shows a frontend error that says: Internal Server Error
  5. I go to the logs and this is what they say:
W20200519-21:03:58.940(0) (oauth_server.js:392) Error in OAuth Server: Unexpected end of JSON input
I20200519-21:11:31.129(0) Exception while invoking method 'login' SyntaxError: Unexpected end of JSON input     at JSON.parse (<anonymous>)     at CustomOAuth.getAccessToken (app/custom-oauth/server/custom_oauth_server.js:142:16)     at Object.handleOauthRequest (app/custom-oauth/server/custom_oauth_server.js:191:26)     at OAuth._requestHandlers.<computed> (packages/oauth2/oauth2_server.js:10:33)     at middleware (packages/oauth/oauth_server.js:161:5)     at /app/bundle/programs/server/npm/node_modules/meteor/promise/node_modules/meteor-promise/fiber_pool.js:43:40 

The thing is, I have several deployments of Rocket.Chat up that all work with my OAuth/consent application. This particular deployment of Rocket.Chat does not. My other Rocket.Chat deployments log in with my custom OAuth just fine.

Has anyone run into an issue like this before? What did you do to solve it?

Server Setup Information

  • Version of Rocket.Chat Server: 3.2.2
  • Operating System: Linux
  • Deployment Method: Kubernetes/Helm
  • Number of Running Instances: 2
  • DB Replicaset Oplog:
  • NodeJS Version: v12.16.1
  • MongoDB Version: 4.2.3
  • Proxy: CloudFlare
  • Firewalls involved: N/A

Any additional Information

Here is how my consent application is set up in Rocket.Chat.

Field Value
https://oauth_url Token Path
Token Sent Via Header
Identity Token Sent Via Same as “Token Sent Via”
Identity Path /userinfo
Authorize Path /oauth2/auth
Scope openid
Param Name for access token access_token
Id client_id
Login Style Popup
Name field name
Roles/Groups field name roles

My other Rocket.Chat deployments are all registered the same way in my OAuth server.

I think I just figured it out… I have slashes for my OAuth url as well as the endpoints.