-
Notifications
You must be signed in to change notification settings - Fork 40
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The resource owner or authorization server denied the request. Access token could not be verified. #76
Comments
Should have looked into the logs first. Error still occurring. |
Can I please get an answer on this:
Do I have to refresh it myself? I can't find an error with the code. It works fine for about 10 Minutes (the default token time limit) and then it throws the error in the title. |
The repository methods to fetch data require a There is no automatic refresh. Shopware also doesn't provide a refresh token for every grant type. A client credentials authentication token e.g. doesn't contain one. The If the token used in the context object for the request is expired, Shopware will simply return 401 and the SDK will throw that as an exception. |
With PasswordTypeGrantType, its by default alive for 10 minutes. You need to refresh the token afterward using RefreshTokenGrantType as hint from @SpiGAndromeda |
This is the code I use to refresh a previously retrieved PasswordGrant token:
I'm running this once right at the start to retrieve the access token the 1st time, then in various long running methods again. After a bit more than 10min, I still get 401 errors like Shopware version 6.5.7.3, SDK version 2.0.0 |
After looking at a recent pull request, I've reduced it to this:
Still the same error. |
Oh boy… I was using a MediaService which was still trying to use the old Context object after the refresh… |
Error code 9, Status 401.
Does the client not make sure that the access token stays valid? It seems like I'm getting a timeout right in the middle of a long running process (after about 623s).
If not, what would be the best practice to keep the token valid and hence the connection alive? Keeping track of the time that has passed seems silly to me.
I'm using the PasswordGrantType.
The text was updated successfully, but these errors were encountered: