"Invalid code" when enabling rule

nicolas.riviere · October 1, 2021, 2:58pm

Hi,

When I enable this rule in my “staging” tenant, it fail with an “invalid_grant (Invalid authorization code)” error :

function(user, context, callback) {
  
  const namespace = 'https://exemple.com';
  
  if (context.authorization && context.authorization.roles) {
    const assignedRoles = context.authorization.roles;

    if (context.idToken) {
      const idTokenClaims = context.idToken;
      idTokenClaims[`${namespace}/roles`] = assignedRoles;
      context.idToken = idTokenClaims;
    }

    if (context.accessToken) {
      const accessTokenClaims = context.accessToken;
      accessTokenClaims[`${namespace}/roles`] = assignedRoles;
      context.accessToken = accessTokenClaims;
    }
  }

  callback(null, user, context);
}

When the rule is disabled, authentification work well. I have the same rule on my “development” tenant and it works fine.

I can’t figure why, every parameters are identicals…

Any idea ?

konrad.sopala · October 6, 2021, 1:29pm

Hey there!

Hmm, that’s weird I can investigate that if you can send me your tenant name here in the forum using a private message.

nicolas.riviere · October 6, 2021, 1:43pm

Hi Konrad,

Thanks for your reply,

Finally I managed an other way, by calling my API to fetch the roles, which is not an ideal solution, but it worked.

And, a few time after, i had the exact same problem (“invalid_grant (Invalid authorization code)”), but with no rules defined… I ended by create different accounts for each environments, and only one tenant by account.

For now it’s working, but something seems wrong, maybe in my configuration…

Thanks

konrad.sopala · October 6, 2021, 2:57pm

Gotchya! Thanks for providing that context!

system · October 21, 2021, 2:58pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.