Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

getAccessToken expiration recovery #1718

Open
6 tasks done
uutahan opened this issue Mar 29, 2024 · 2 comments
Open
6 tasks done

getAccessToken expiration recovery #1718

uutahan opened this issue Mar 29, 2024 · 2 comments

Comments

@uutahan
Copy link

uutahan commented Mar 29, 2024

Checklist

Description

Let's say client navigates to new page. And in the server component for that page we try to get access token, if getAccessToken was expired in the mean time trying to get one will throw an error. Even if you wrap your middleware with authRequired getAccessToken throws because you still have a session(so you pass through authRequired) but your access token expired so it throws an error.

I couldn't find any examples what to do in this scenario going through docs. I've tried redirecting user to /api/auth/login, but that also doesn't work properly because nextjs tries to fetch it as rsc payload first and then falls back to browser navigation and finally recovers. Is there a recommended way for doing this?

Reproduction

  1. Navigate to new page
  2. In server component call getAccessToken
  3. getAccessToken will throw error if its expired
  4. Trying to redirect to /api/auth/login make the call be fetched as rsc payload initially. After that it eventually falls back to browser navigation and works.

Additional context

No response

nextjs-auth0 version

3.5.0

Next.js version

14.0.3

Node.js version

20.9.0
@EvGreen
Copy link

EvGreen commented Apr 5, 2024

This seems like something I'm having issues with. I'm getting:
[AccessTokenError]: The request to refresh the access token failed. CAUSE: invalid_grant (Unknown or invalid refresh token.)
The session is fine but it would seem the getAccessToken is using old(first) refresh token.

Even though I'm using it in the /api/endpoint/route.ts as per docs:
https://auth0.github.io/nextjs-auth0/functions/edge.getAccessToken-1.html

With withApiAuthRequired which passes but then getAccessToken gets invalid token after a while. I think it's the same case as in here: nextauthjs/next-auth#6642 (comment) even though, it's different library.

@kneza23
Copy link

kneza23 commented Apr 28, 2024

anybody found a solution for this? why does not middleware automatically logs out user when token is expired?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@EvGreen @kneza23 @uutahan