Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Clerk: Error: Clerk: Unable to decrypt request data, this usually means the encryption key is invalid. #281

Open
jenslys opened this issue Jan 24, 2025 · 3 comments
Open

[BUG] Clerk: Error: Clerk: Unable to decrypt request data, this usually means the encryption key is invalid. #281

jenslys opened this issue Jan 24, 2025 · 3 comments
Labels
bug Something isn't working

Comments

@jenslys
Copy link

jenslys commented Jan 24, 2025
edited
Loading

Describe the bug

Been having issue trying to setup a NextJS 15 app with Opennextjs.
It seems to work fine locally when using NextJS 14.2.23 but i get the following error from the middleware when trying to access a protected page on NextJS 15:

✘ [ERROR] ⨯ Error: Clerk: Unable to decrypt request data, this usually means the encryption key is invalid. Ensure the encryption key is properly set. For more information, see: https://clerk.com/docs/references/nextjs/clerk-middleware#dynamic-keys. (code=encryption_key_invalid)

      at T (Users/jenslys/Code/my-next-app/.wrangler/tmp/dev-X1f6pQ/worker.js:85:338)
      at C (Users/jenslys/Code/my-next-app/.wrangler/tmp/dev-X1f6pQ/worker.js:85:295)
      at j (Users/jenslys/Code/my-next-app/.wrangler/tmp/dev-X1f6pQ/worker.js:85:988)
      at <unknown> (Users/jenslys/Code/my-next-app/.wrangler/tmp/dev-X1f6pQ/worker.js:89:804)
      at <unknown> (Users/jenslys/Code/my-next-app/.wrangler/tmp/dev-X1f6pQ/worker.js:89:417)
      at en (Users/jenslys/Code/my-next-app/.wrangler/tmp/dev-X1f6pQ/worker.js:89:2041)
      at async eo (Users/jenslys/Code/my-next-app/.wrangler/tmp/dev-X1f6pQ/worker.js:89:2650) {
    digest: '509120350'
  }

Steps to reproduce

Replication of bug:
https://github.com/jenslys/clerk-opennext-bug

1. Fill in .env.local -> cp .env.example .env.local
1. create dev.vars -> echo "NEXTJS_ENV=development" > .dev.vars
1. bun install
1. bun run preview
1. Login with clerk and try to navigate to /protected

Expected behavior

Clerk should be able to decrypt key middleware should work

@opennextjs/cloudflare version

0.3.9

Wrangler version

3.105.0

next info output

Operating System:
  Platform: darwin
  Arch: arm64
  Version: Darwin Kernel Version 24.2.0: Fri Dec  6 19:02:41 PST 2024; root:xnu-11215.61.5~2/RELEASE_ARM64_T6030
  Available memory (MB): 36864
  Available CPU cores: 12
Binaries:
  Node: 20.11.1
  npm: 10.2.4
  Yarn: 1.22.22
  pnpm: 10.0.0
Relevant Packages:
  next: 15.1.5 // There is a newer version (15.1.6) available, upgrade recommended! 
  eslint-config-next: 15.1.5
  react: 19.0.0
  react-dom: 19.0.0
  typescript: 5.7.3
Next.js Config:
  output: N/A
 ⚠ There is a newer version (15.1.6) available, upgrade recommended! 
   Please try the latest canary version (`npm install next@canary`) to confirm the issue still exists before creating a new issue.
   Read more - https://nextjs.org/docs/messages/opening-an-issue

Additional context

I have also posted a ticket regarding this in the Clerk discord, linked here, since i am unsure if this is a Clerk issue or Opennextjs issue:
https://discord.com/channels/856971667393609759/1329736080962097162
@jenslys jenslys added bug Something isn't working triage labels Jan 24, 2025
@vicb vicb moved this to P1 - need to be addressed in `@opennextjs/cloudflare` prioritization and tracking Jan 24, 2025
@vicb vicb removed the triage label Jan 24, 2025
@jenslys
Copy link
Author

jenslys commented Jan 25, 2025
edited
Loading

Update (25.05.2025)

Manually setting the keys in the middleware produces a different error output:

	export default clerkMiddleware(
	  async (auth, req) => {
	    if (isProtectedRoute(req)) await auth.protect();
	  },
	  {
	    debug: true,
+	    secretKey: "mykeyhere",
+	    publishableKey: "mykeyhere"
	  }
	);
✘ [ERROR] ⨯ Error: Clerk: Unable to verify request, this usually means the Clerk middleware did not run. Ensure Clerk's middleware is properly integrated and matches the current route. For more information, see: https://clerk.com/docs/references/nextjs/clerk-middleware. (code=auth_signature_invalid)

      at <unknown> (Users/jenslys/Code/my-next-app/.wrangler/tmp/dev-IvWaFv/worker.js:463:1331)
      at j (Users/jenslys/Code/my-next-app/.wrangler/tmp/dev-IvWaFv/worker.js:463:1623)
      at <unknown> (Users/jenslys/Code/my-next-app/.wrangler/tmp/dev-IvWaFv/worker.js:467:804)
      at <unknown> (Users/jenslys/Code/my-next-app/.wrangler/tmp/dev-IvWaFv/worker.js:467:417)
      at en (Users/jenslys/Code/my-next-app/.wrangler/tmp/dev-IvWaFv/worker.js:467:2041)
      at async ei (Users/jenslys/Code/my-next-app/.wrangler/tmp/dev-IvWaFv/worker.js:467:2781) {
    digest: '2618587694'
  }

@jenslys
Copy link
Author

jenslys commented Jan 29, 2025

Update 29.1.2025 from Clerk support

Image

@vicb
Copy link
Contributor

vicb commented Jan 29, 2025

because it's jsonc :)

process.env will only be populated after the first requests comes in - meaning that using process.env at top level will not always work: when the isolate (~server) first fires up, process.env will be empty. It only gets populated after the first request comes in.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
`@opennextjs/cloudflare` prioritization and tracking
Status: P1
Milestone
No milestone
Development

No branches or pull requests
2 participants
@vicb @jenslys