Auth0 Home Blog Docs

Odd problem with checkSession / silent auth

jwt
silent-authenticatio

#1

Hey, I try to keep it short.

I have a weird problem with checkSession. So I have a SPA. Nothing special, I check if the access_token is expired and attempt a silent auth via checkSession.

auth.checkSession({
  responseType: 'token id_token',
  audience: AUDIENCE,
  scope: SCOPE,
  redirectUri: REDIRECT
}, (err, authResult) => {
  console.log('AuthResult', err, authResult);
  if (err) {
    logout(true);
  } else {
    setAccessToken(authResult.accessToken);
    setIdToken(authResult.idToken);
    setExpiresAt(authResult.expiresIn);
    setRenewalTimeout();
    if (cb) {
      auth.client.userInfo(authResult.accessToken, (err, profile) => {
        cb(err, profile);
      });
    }
  }
});

This works. I get the new access_token and the call to the userinfo endpoint also works.
Now we come to the problem:
The same access_token sometimes won’t work serverside directly after the checkSession.

const authCheck = jwt({
  secret: jwks.expressJwtSecret({
    cache: true,
    rateLimit: true,
    jwksRequestsPerMinute: 10,
    jwksUri: '*url*'
  }),
  audience: '*audience*',
  issuer: '*issuer*',
  algorithms: ['RS256'],
  getToken: function fromHeaderOrQuerystring(req) {
    return req.token;
  }
});

(Don’t mind the req.token, I use a middleware called express-bearer-token for that)
To be precise it won’t work if I come back after a few hours. Meaning, checkSession will still work returns the new access_token, userinfo will work too, but my endpoint will respond with a 401, jwt token expired. Yes, I use the new access_token. I’m a bit confused, because if I refresh the page directly after it, the call to my server works with the same access_token it failed moments ago.

As I said, thats only an issue after a few hours, I dont know the exact moment though. Maybe someone knows an answer to this or can point me to the right direction. It’s also hard to test, because in general the flow works totally fine.

Thanks in advance.


#3

Hey @Xzandro !

As it has been more than a few months since this topic was opened and there has been no reply or further information provided from the community as to the existence of the issue we would like to check if you are still facing the described challenge?

We are more than happy to assist in any way! If the issue is still out there please let us know so we can create a new thread for better visibility, otherwise we’ll close this one in week’s time.

Thank you!


#4

This topic was automatically closed after 5 days. New replies are no longer allowed.