Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

The authenticator "authenticator:oauth2" rejected to restore the session - invalidating… #973

Closed
ugoa opened this issue Apr 29, 2016 · 5 comments
Closed

The authenticator "authenticator:oauth2" rejected to restore the session - invalidating… #973

ugoa opened this issue Apr 29, 2016 · 5 comments
Labels
invalid

Comments

@ugoa
Copy link

ugoa commented Apr 29, 2016
edited

I have been debugging this all day and still have no clue.

I am using the OAuth2PasswordGrant as authenticator and Oauth2 as authorizer. I can successfully log in with authenticate(), it has the following response:

{
"data: {"access_token":"d3f63eb6f5f38ce292a2b61bd339d02014950d58927c2bf06a6385be125f08d9"}
}

and the localstorage has the content:

key: ember_simple_auth:session
value: {"authenticated":{"authenticator":"authenticator:oauth2","data":{"access_token":"d3f63eb6f5f38ce292a2b61bd339d02014950d58927c2bf06a6385be125f08d9"}}}

All seems legit, however once I refresh the page, an error log shows in web console then it redirect me back to login page.

The authenticator "authenticator:oauth2" rejected to restore the session - invalidating…

at internal-session.js:78

The environment is

DEBUG: Ember: 2.4.5
Ember Data: 2.4.3
jQuery: 2.2.3
Ember Simple Auth: 1.1.0-beta.4

Really appreciate it if anyone can help, thanks in advance.
@marcoow
Copy link
Member

marcoow commented Apr 29, 2016
edited

The expected response is

{
  "access_token":"d3f63eb6f5f38ce292a2b61bd339d02014950d58927c2bf06a6385be125f08d9"
}

instead of

{
"data: { "access_token": "d3f63eb6f5f38ce292a2b61bd339d02014950d58927c2bf06a6385be125f08d9" }
}

@marcoow marcoow closed this as completed Apr 29, 2016
@ugoa
Copy link
Author

ugoa commented Apr 29, 2016

@marcoow THANKS for point that out, after updating the backend API it works like a charm.

This response format seems quite important however I didn't find it anywhere from the documentation.
Maybe it would be better to put it in the readme. Just a suggestion, thanks for the help.

@marcoow
Copy link
Member

marcoow commented Apr 29, 2016

The exact response is actually specified in the OAuth 2.0 spec. We're working sth. that will validate responses on initial authentication already so that problems like yours could not occur anymore.

@mike-north
Copy link
Collaborator

@ugoa - https://tools.ietf.org/html/rfc6749#section-4.1.4

@marcoow - may be worth mentioning relevant parts of the OAuth2 spec in documentation somewhere, if this is a common question you get

@marcoow
Copy link
Member

marcoow commented May 2, 2016

@mike-north: yeah, might be good to have that in the API docs. The problem is also addressed by #957.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
invalid
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@marcoow @mike-north @ugoa