PlatformException(token_failed, Failed to get token: [error: invalid_grant, description: Unknown or invalid refresh token.], null, null)
Future init() async {
if (storedRefreshToken == null) {
return false;
}
try {
final TokenResponse? result = await appAuth.token(
TokenRequest( // error is in this line (i debug the code )
AUTH0_CLIENT_ID,
AUTH0_REDIRECT_URI,
issuer: AUTH0_ISSUER,
refreshToken: storedRefreshToken,
),
);
final String setResult = await _setLocalVariables(result);
return setResult == 'Success';
} catch (e, s) {
print('error on Refresh Token: $e - stack: $s');
// logOut() possibly
return false;
}
}
didn’t understand why it can’t do tokenrequest and return an error.
tyf
April 28, 2022, 10:51pm
3
Hi there @ahmed.khouaja welcome to the community!
I think you’re always going to get an error thrown at that point if there is one.
As to why the error is occurring, I’ve seen this happen in a couple of scenarios. One possibility is if you are rotating refresh tokens, and trying to reuse them. Another being that if a refresh token is revoked, grants are also deleted and thus all subsequent tokens with the same user, client_id, and audience are invalid. Some more on that here:
An invalid refresh token can occur if:
The token was revoked
The grants to the client application were deleted
One important detail is that when you revoke a token, for security reasons the grants associated with that token are deleted. This means that all other refresh tokens issued to the same combination of application, user and audience effectively become invalid. If you are revoking refresh tokens as part of your flow, this might explain it.
Hope this helps!
Thanks for the reply @tyf
I send you my config
maybe i should activate refresh token rotation …
Its solved .
1 Like
tyf
April 29, 2022, 8:16pm
6
Awesome! Thanks for the update, glad you were able to resolve it
1 Like
tyf
May 14, 2022, 8:16pm
7
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.
