Jacob Marshall
Jacob Marshall
CDCloudflare Developers
Created by Jacob Marshall on 4/13/2024 in #pages-help
Deploying with wrangler.toml with a Service Binding stuck in Queued state
I have a Next.js app I'm trying to deploy to Pages, that has a Service Binding. The only problem is that when I run wrangler deploy [...] it all shows successfully in my CLI, but in the Pages Deployments list page, the new deployment shows up in the "Queued" state forever. There are no errors as far as I can tell, and the UI doesn't really show any useful information. If I deploy without the Service Binding - that deployment goes through fine. Then if I go to the settings and manually add the Service Binding (which also requires me to have done the deploy without the wrangler.toml file btw), and then deploy again (because for some reason the bindings don't apply to current deployment - I assume for some good reason, but it was a little annoying to discover that haha, anyways), then the latest deployment gets the Service Binding just fine. I think I've tried everything I can to diagnose this problem... but now I need help from somebody with a little more visibility 😛 The only reason I didn't tag next-on-pages is because I also deployed a Remix app last week and, from memory, it did the exact same thing. At the time I just assumed it was a problem with Remix, hence switching to Next.js. But it just appears to be a wrangler.toml issue, maybe?
15 replies
CDCloudflare Developers
Created by Jacob Marshall on 4/1/2024 in #general-help
How are Access Service Token JWTs supposed to be used?
In the Zero Trust dashboard, each request using a Service Token shows up as a "Login". I assumed this was because perhaps I was using them wrong, so I tried just using the cookie (from an initial request) for subsequent requests and omitting the cf-access-client-id and cf-access-client-secret headers... but this returns a 401/403 (I don't recall, because this was a week ago). I tried extracting the JWT from the cookie and using it in place of the cf-access-client-secret header, and a bunch of other things I thought might be the "correct way", but nothing worked. The documentation is pretty light on this topic, so I was wondering if I'm missing something. Its obviously not the end of the world having each request showing up as a login... although I'd rather it didn't. But I'm just so confused because the docs (https://developers.cloudflare.com/cloudflare-one/identity/service-tokens/#connect-your-service-to-access) literally say: "If the service token is valid, Access generates a JWT scoped to the application. All subsequent requests with that JWT will succeed until the expiration of that JWT." But what does that even mean if there's no way of using the JWT for subsequent requests? I've scoured the web for answers, and found several posts/questions from people with the exact same question... and they never have any answer below them 😭
45 replies