Token expired and refresh token is not set when using OIDC

Gianluca_Rigoletti · December 21, 2020, 3:29pm

Hello
Thanks for creating this project, I really like it!

I was trying to setup an example app with OIDC as written in the guide by settings the cli arguments. The provider is google and an example of the command I ran is this one:

./waved -oidc-client-id "<my-client-id>" -oidc-client-secret "<my-client-secrent>" -oidc-end-session-url "https://oauth2.googleapis.com/revoke" -oidc-provider-url "https://accounts.google.com" -oidc-redirect-url "http://localhost:10101" -debug

I don’t know if I’m making any mistake but when I run the todo.py app from the examples with:

wave run todo

and trying to login by clicking on the button I return to the same login page. By inspecting the log of ./waved I see this:

2020/12/21 16:23:45 # {"host":"http://127.0.0.1:8000","route":"/todo","t":"app_add"}
2020/12/21 16:24:28 # {"error":"oauth2: token expired and refresh token is not set","t":"access_token_refresh"}

I’m using wave version 0.10.0 20201129141901 and h2o-wave 0.10.0.
Do you know if this is a bug or something that I’m missing from my side?

Cheers,
Gianluca

prithvi · December 22, 2020, 12:27am

@Gianluca_Rigoletti - Thank you - glad you like it!

I suspect @peto might have addressed this already via this commit, but is not released yet.

@peto Can you please confirm?

peto · December 22, 2020, 8:10am

@Gianluca_Rigoletti - Thank you!

It seems the redirect url has incorrect value. Try to set it up accordingly:

-oidc-redirect-url "http://localhost:10101/_auth/callback"

Gianluca_Rigoletti · December 22, 2020, 9:01am

@peto and @prithvi : thanks for the help
@peto I tried setting the redirect url as you suggested and it worked like a charm!

Thanks again
Gianluca