New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Revoked OAuth tokens cannot be renewed before the expiration date #491

Open

ktowneUM opened this issue Dec 2, 2024 · 0 comments

Collaborator

ktowneUM commented Dec 2, 2024

A different OAth library will be used during the re-write which may resolve this issue

Scenario:

User deletes CCM token in Canvas settings
The token has not expired yet in the DB
The user cannot re-authenticate CCM until the token expires (up to one hour) in the DB
if this happens we will have to manually update the expiration date in the DB

When the user authenticates with CCM

Token is registered in Canvas
An access_token, refresh_token, and default_expiration (one hour) are stored in our database
When the token expires (and wasn't deleted from Canvas) the refresh_token is used to refresh the token and update the expiration date to another hour

Canvas made a change that is breaking our apps that use OAuth tokens
instructure/canvas-lms@cdf0cec

They changed it to return a more specific error of "Revoked access token" and "Expired access token".
Previously it was just Invalid access token.

CCM checks for the string "invalid access token" specifically
https://github.com/ssciolla/canvas-course-manager-next/blame/cbc3f69bf559eefb1d1ba794aad8cfb76bd3758b/ccm_web/server/src/api/invalid.token.interceptor.ts#L14

The text was updated successfully, but these errors were encountered:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment