Get a new token issue

luis.ponce1 · July 20, 2023, 2:18pm

Hello I have a problem. I’m trying to get a new token after the token I already had expired in my SPA. The problem is the endpoint returns the following error:

{
    "error": "access_denied",
    "error_description": "Cannot read property 'audience' of undefined"
}

I already have the refresh token rotation activated and I checked that my custom rules were not causing conflicts.

EDIT. This is my payload when I execute getTokenSilently:

  "client_id": "###",
  "grant_type": "refresh_token",
  "refresh_token": "####",
  "redirect_uri": "http://127.0.0.1:3000/authorize"
}```

tyf · July 20, 2023, 10:19pm

Hey there @luis.ponce1 welcome to the community!

Which SPA SDK are you using in particular? What happens if you don’t pass any params and just call getTokenSilently? Are you using authorizationParams?

Keep us posted!

luis.ponce1 · July 21, 2023, 1:54pm

Hello, thanks for the welcome and for answering.

I am using @auth0/auth0-spa-js. The issue that I describe in the post is the same when using getTokenSilently I pass authorizationParams to it or not. It’s also worth mentioning that I try to run getTokenSilently before and after the token expires, and the result is the same.

tyf · July 21, 2023, 9:14pm

Thanks for confirming @luis.ponce1 ! Are you able to decode the initial access token at jwt.io?

I have seen similar issues arise when there is a misconfiguration causing 2 separate /authorize requests to run at the same time - Similar to what is described here:

github.com/auth0/auth0-spa-js

Unable to call getTokenSilently concurrently

opened 10:37AM - 24 Jul 19 UTC

closed 12:39AM - 23 Oct 19 UTC

Tazaf

Hi! I'm having an error in the console when creating the Auth0 client using `…createAuth0Client()`. The error is the following: ``` > ERROR TypeError: Cannot read property 'close' of undefined at o (auth0-spa-js.production.js:formatted:1) at ZoneDelegate.invokeTask (zone-evergreen.js:391) at Object.onInvokeTask (auth0-spa-js.production.js:formatted:1) at ZoneDelegate.invokeTask (zone-evergreen.js:390) at Zone.runTask (zone-evergreen.js:168) at ZoneTask.invokeTask [as invoke] (zone-evergreen.js:465) at invokeTask (zone-evergreen.js:1603) at globalZoneAwareCallback (zone-evergreen.js:1640) ``` On the beautyfied production code, the error points to this line: ```js o = function(i) { // Below is the culprit, apparently, 'i.source' is undefined i.origin == m && i.data && "authorization_response" === i.data.type && (i.source.close(), i.data.response.error ? t(i.data.response) : e(i.data.response), clearTimeout(n), window.removeEventListener("message", o, !1), window.document.body.removeChild(r)) }; ``` And the code that's calling the `createAuth0Client()` function is this one (pretty much the exact same as the [Angular Login Tutorial](https://auth0.com/docs/quickstart/spa/angular2#add-an-authentication-service)): ```typescript // This is a method of my AuthService async getAuth0Client(): Promise<Auth0Client> { if (!this.auth0Client) { console.log("AuthService - generating new Auth0Client"); this.auth0Client = await createAuth0Client(environment.auth0); console.log("AuthService - new Auth0Client", this.auth0Client); // Provide the current value of isAuthenticated this.isAuthenticated.next(await this.auth0Client.isAuthenticated()); // Whenever isAuthenticated changes, provide the current value of `getUser` this.isAuthenticated .subscribe(async isAuthenticated => await this.updateUserProfile(isAuthenticated)); } return this.auth0Client; } ``` Note that this error does not prevent the client to be effectively created and functionning. But it's still an unwanted error 😄 Also, some other people seem to have the same kind of issue, see [this thread in the Auth0 Community Forums](https://community.auth0.com/t/typeerror-cannot-read-property-close-of-undefined-when-using-new-auth0-spa-library-in-angular-interceptor/28010)

luis.ponce1 · August 1, 2023, 3:14pm

Hi @tyf , apologies for the absence. These last few days I had little time to follow up on this bug and focused on other features. I want to tell you that yesterday I found the solution. It turns out that the problem was in the bad configuration of some custom rules, as I read in the solution of this other post:

Thank you very much for your help.

tyf · August 1, 2023, 3:17pm

Hey @luis.ponce1 no problem, happy to help! Thanks for following up here

system · August 15, 2023, 3:17pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Token refresh does not work in `auth0-spa-js` Feedback sdk , javascript	3	3571	July 19, 2022
Cannot read property 'scope' of undefined - Using Refresh Tokens Help api	5	3755	December 16, 2022
Refresh unexpired token for SPA Help	8	3659	January 3, 2020
getTokenSilently() failing with "ID token is required but missing" error Help angular	5	4915	June 2, 2020
Rotating refresh token locking users out after expiry Help	5	6471	November 25, 2020

Get a new token issue

Related Topics