Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sometimes occures 'invalid_grant' error #68

Closed
qkrgksqkr opened this issue Dec 16, 2022 · 7 comments
Closed

Sometimes occures 'invalid_grant' error #68

qkrgksqkr opened this issue Dec 16, 2022 · 7 comments
Assignees
@matthewhartstonge
Labels
area/driver/mongo 🍃 Issues & PRs related to the mongo implementation type/bug 🐛 Issues & PRs related to bugs

Comments

@qkrgksqkr
Copy link

Hi, I 'am 'qkrgksqkr'
I implementing OIDC protocol by using this package.
It's very nice and good,

but, somtimes I have a error message 'invalid_grant' error message, while processing 'authrozation_code" flow,
Not always, just sometimes,

Detail step is like below.
step 1. Client did /authoize,, and redirect with 'authroizatio_code'
step 2 Client request /token with 'authorization_code'
If success, Client get access/ refresh / id token,
but sometimes Client get 'invalid_grant'

so, I retry step 2, with same 'authorization_code' then, it is always success

I can't understand why this is success.

In real system, the moment between step1 and step2 is very short. no extra time.

So I test with your sampe code. and added log message
image

I'll try postman runner..
Your sample code with mongo deafult option, localhost:27017 , stand alone
There are no error,

but mongo db is replaset (primary - second -second), similiar to my system
It occures error sometimes

So, the difference is mongo DB environment, standAlone and ReplicaSet.

Is is some additional config element that I need to set to use this package?..
I want to solve this problem.

thank you.
@qkrgksqkr
Copy link
Author

My mongodb is replicast structure
So, I think it is beacuse 'write concern'?..

@qkrgksqkr
Copy link
Author

I did some test
I set this options, SetReadPreference / SetWriteConcern /SetReadConcern
Some cases, threr is no 'invalid_grant' error
would you added feautre these 3 options??
image

@qkrgksqkr
Copy link
Author

qkrgksqkr commented Dec 18, 2022
edited
Loading

I have some addtinal question.
Why this value set "SecondaryPreferred()" ??
The default is Primary
image

@matthewhartstonge
Copy link
Owner

Hello!

Thank you for your wonderful debugging! That's fantastic!

Yes, we've seen this error crop up as well and I was wondering if it was down to replication lag since the redirects are very quick, just never had the capacity to investigate.

The main reason we go with secondary preferred is to try to distribute as many reads away from the primary. As soon as a write is needed to be performed the mongo driver should perform the write and any subsequent queries on the primary.

If you remove the read preference and remove the write concern does it also solve the issue? (Read preference: primary)

Personally, I've been pretty unwell this week, so I won't be able to jump on a machine for a week, but can respond as needed to questions via my phone/GH app

@qkrgksqkr
Copy link
Author

I tested 3 case, I try 20 times below url using 'postam runner', and count error case.

-> [POST] http://localhost:3846/oauth2/auth?client_id=my-client&redirect_uri=http%3A%2F%2Flocalhost%3A3846%2Fcallback&response_type=code&scope=photos+openid+offline+email&state=some-random-state-foobar&nonce=some-random-nonce

-> This url execute /authorize and /token in a row from example source

a) ReadPrefrenece - secondary ( default)
error count / total count
5/20
3/20
0/20
8/20
0/20
3/20
2/20
5/20
2/20
5/20

b) ReadPrefrenece - primary
error count / total count
0/20
0/20
0/20
0/20
0/20
0/20
0/20
0/20
0/20
0/20

c) ReadPrefrenece - secondary and WriteConcern(Wmajority())
error count / total count
0/20
0/20
0/20
0/20
0/20
0/20
0/20
0/20
0/20
0/20

teso case b) and case c) , no error.

@qkrgksqkr
Copy link
Author

I need to solve this problem,
so I add some feature in your source temparory
I hope you will be well!
thanky for your reply

@matthewhartstonge matthewhartstonge self-assigned this Jan 9, 2023
@matthewhartstonge matthewhartstonge added type/bug 🐛 Issues & PRs related to bugs area/driver/mongo 🍃 Issues & PRs related to the mongo implementation labels Jan 9, 2023
@matthewhartstonge matthewhartstonge mentioned this issue Jan 9, 2023
Merged
matthewhartstonge added a commit that referenced this issue Jan 9, 2023
@matthewhartstonge
🚢 v0.31.0 - 2023-01-10
449b505 
Changed:
- deps: updates to `github.com/google/uuid@v1.3.0`.
- deps: updates to `github.com/sirupsen/logrus@v1.8.1`.
- deps: updates to `github.com/stretchr/testify@v1.7.0`.
- deps: updates to `go.mongodb.org/mongo-driver@v1.11.1`.
- deps: updates `examples/mongo` to `github.com/sirupsen/logrus@v1.8.1`.
- deps: updates `examples/mongo` to `golang.org/x/net@v0.0.0-20220926192436-02166a98028e`.
- deps: updates `examples/mongo` to `golang.org/x/oauth2@v0.0.0-20220909003341-f21342109be1`.
- deps: updates `examples/mongo` to `go.mongodb.org/mongo-driver@v1.11.1`.
- examples/mongo/authorizationserver: migrates deprecated use of `Exact()` to `ExactOne()`.
- storage: gofmts the project with go@1.19.

Fixed:
- examples/mongo/authorizationserver: sets session subject and username. fixes #65.
- examples/mongo/authorizationserver: properly logs out the generated user id.
- mongo/mongo: reduces read errors occurring in a mongo replica set. fixes #68.
matthewhartstonge added a commit that referenced this issue Jan 9, 2023
@matthewhartstonge
Merge tag 'v0.31.0' into development
2d38d40 
🚢 v0.31.0 - 2023-01-10

Changed:
- deps: updates to `github.com/google/uuid@v1.3.0`.
- deps: updates to `github.com/sirupsen/logrus@v1.8.1`.
- deps: updates to `github.com/stretchr/testify@v1.7.0`.
- deps: updates to `go.mongodb.org/mongo-driver@v1.11.1`.
- deps: updates `examples/mongo` to `github.com/sirupsen/logrus@v1.8.1`.
- deps: updates `examples/mongo` to `golang.org/x/net@v0.0.0-20220926192436-02166a98028e`.
- deps: updates `examples/mongo` to `golang.org/x/oauth2@v0.0.0-20220909003341-f21342109be1`.
- deps: updates `examples/mongo` to `go.mongodb.org/mongo-driver@v1.11.1`.
- examples/mongo/authorizationserver: migrates deprecated use of `Exact()` to `ExactOne()`.
- storage: gofmts the project with go@1.19.

Fixed:
- examples/mongo/authorizationserver: sets session subject and username. fixes #65
- examples/mongo/authorizationserver: properly logs out the generated user id.
- mongo/mongo: reduces read errors occurring in a mongo replica set. fixes #68.
matthewhartstonge added a commit that referenced this issue Jan 9, 2023
@matthewhartstonge
🚢 v0.31.0 - 2023-01-10
7e94a22 
Changed:
- deps: updates to `github.com/google/uuid@v1.3.0`.
- deps: updates to `github.com/sirupsen/logrus@v1.8.1`.
- deps: updates to `github.com/stretchr/testify@v1.7.0`.
- deps: updates to `go.mongodb.org/mongo-driver@v1.11.1`.
- deps: updates `examples/mongo` to `github.com/sirupsen/logrus@v1.8.1`.
- deps: updates `examples/mongo` to `golang.org/x/net@v0.0.0-20220926192436-02166a98028e`.
- deps: updates `examples/mongo` to `golang.org/x/oauth2@v0.0.0-20220909003341-f21342109be1`.
- deps: updates `examples/mongo` to `go.mongodb.org/mongo-driver@v1.11.1`.
- examples/mongo/authorizationserver: migrates deprecated use of `Exact()` to `ExactOne()`.
- storage: gofmts the project with go@1.19.

Fixed:
- examples/mongo/authorizationserver: sets session subject and username. fixes #65.
- examples/mongo/authorizationserver: properly logs out the generated user id.
- mongo/mongo: reduces read errors occurring in a mongo replica set. fixes #68.
matthewhartstonge added a commit that referenced this issue Jan 9, 2023
@matthewhartstonge
Merge tag 'v0.31.0' into development
c5a5b7b 
🚢 v0.31.0 - 2023-01-10

Changed:
- deps: updates to `github.com/google/uuid@v1.3.0`.
- deps: updates to `github.com/sirupsen/logrus@v1.8.1`.
- deps: updates to `github.com/stretchr/testify@v1.7.0`.
- deps: updates to `go.mongodb.org/mongo-driver@v1.11.1`.
- deps: updates `examples/mongo` to `github.com/sirupsen/logrus@v1.8.1`.
- deps: updates `examples/mongo` to `golang.org/x/net@v0.0.0-20220926192436-02166a98028e`.
- deps: updates `examples/mongo` to `golang.org/x/oauth2@v0.0.0-20220909003341-f21342109be1`.
- deps: updates `examples/mongo` to `go.mongodb.org/mongo-driver@v1.11.1`.
- examples/mongo/authorizationserver: migrates deprecated use of `Exact()` to `ExactOne()`.
- storage: gofmts the project with go@1.19.

Fixed:
- examples/mongo/authorizationserver: sets session subject and username. fixes #65.
- examples/mongo/authorizationserver: properly logs out the generated user id.
- mongo/mongo: reduces read errors occurring in a mongo replica set. fixes #68.
@matthewhartstonge
Copy link
Owner

Sorry about the delay on this, version v0.31.0 has been released with the fix!

Thank you! 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@matthewhartstonge matthewhartstonge

Labels
area/driver/mongo 🍃 Issues & PRs related to the mongo implementation type/bug 🐛 Issues & PRs related to bugs
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@matthewhartstonge @qkrgksqkr