[SOLVED] Google OAuth
kangatron
HOBBYOP

5 days ago

My Slot Machine app is consistently failing to reach https://oauth2.googleapis.com/token from Railway, with GaxiosError: Invalid response body while trying to fetch https://oauth2.googleapis.com/token: Premature close (ERR_STREAM_PREMATURE_CLOSE). The same endpoint is reachable cleanly from my local machine (curl returns a normal 401 with intact JSON body). This has been consistent for 45+ minutes across multiple deploy attempts and a rollback. Every request retries 2-3 times before giving up. I believe this is an egress issue from my project to Google's OAuth token endpoint specifically.

Project ID: 4d592f34-5907-4dd8-8b6c-4beebf04cb01

Service ID: ab6ac280-c331-42a1-ba2d-555f7098895a

Deployment ID: ffb23bad-22f6-4d02-9e7b-917e135c7f40

Replica ID: b70304fe-fd68-477f-bc48-3eb4dd07b24c

Other outbound Google API calls (Calendar, Places) also fail because they depend on refreshing OAuth tokens via this endpoint. DB connectivity is fine. /api/health returns healthy. No changes to deployment configuration or dependencies. Support ticket needed to investigate replica egress state or IP-block interaction with Google.

Happy to provide additional error logs on request.

Solved$10 Bounty

Pinned Solution

Is this a Nodejs proiect? Nodejs had an issue with node-fetch a few weeks ago and has been patched, update your node version to 24.18.0 or newer

Here's the link to the issue:

https://github.com/nodejs/node/issues/63989

3 Replies

Railway
BOT

5 days ago

This thread has been opened as a bounty so the community can help solve it.

Status changed to Open Railway 5 days ago


Is this a Nodejs proiect? Nodejs had an issue with node-fetch a few weeks ago and has been patched, update your node version to 24.18.0 or newer

Here's the link to the issue:

https://github.com/nodejs/node/issues/63989


mayori

Is this a Nodejs proiect? Nodejs had an issue with node-fetch a few weeks ago and has been patched, update your node version to `24.18.0` or newer Here's the link to the issue: https://github.com/nodejs/node/issues/63989

kangatron
HOBBYOP

3 days ago

Thank you! — you pointed me at the right subsystem. As far as I can tell, this was exactly the Node/node-fetch keep-alive regression, not the Railway egress issue I initially suspected.

One correction for anyone landing here on the 22.x LTS line: the fix shipped as a point release within 22.x — 22.23.1 — so you don't need to jump to 24. The regression was introduced in 22.23.0 (a security release) and reverted in 22.23.1 via nodejs/node#64004 ("avoid stream listeners on idle agent sockets"). On the 24.x line the equivalent fix is bundled in 24.18.0, as you noted.

In my case the trigger was a rebuild silently moving me 22.22.3 → 22.23.0 with no engines.node pin. Immediate fix was pinning back to 22.22.3; the durable fix is 22.23.1.


kangatron
HOBBYOP

3 days ago

Resolved. Root cause was the Node 22.23.0 keep-alive/socket-reuse regression (nodejs/node#63989), not a Railway egress problem. With no engines.node pin, a rebuild moved my runtime 22.22.3 → 22.23.0, which broke every gzip response from oauth2.googleapis.com in the gaxios → node-fetch@2 stack (ERR_STREAM_PREMATURE_CLOSE), killing all OAuth token refreshes. Local worked because it was still on the older runtime.

Two things that made this hard to diagnose, in case they save someone time:

The "rollback" wasn't one. Railway rebuilds from source, so rolling back to old code still ran it on the new (broken) runtime — which falsely exonerated the deploy and sent me looking at egress/Google.

The failure surfaced ~7h after deploy, because token refreshes are infrequent (hourly tokens + a refresh buffer), so nothing exercised the broken path until then. /api/health only checks the DB, so it stayed green.

Fix: pinned "engines": { "node": "22.22.3" } in package.json (immediate). Durable fix is bumping to 22.23.1, which reverts the regression (nodejs/node#64004). Not a Railway issue — nothing to investigate on the platform side.


Status changed to Solved dev 2 days ago


Welcome!

Sign in to your Railway account to join the conversation.

Loading...