Unauthenticated desc = unable to parse jwt token:Token is expired

diggy · September 30, 2019, 6:25pm

Moved from GitHub ratel/128

Ratel cannot run any operations that require authentication after the ACL access TTL expires.

Steps to reproduce:

Run a Dgraph cluster with a short access TTL:

dgraph alpha ...  --hmac_secret_file ./hmacsecret.txt --acl_access_ttl 3s

Log in as groot in Ratel.
Take a breather for 3 seconds to let the TTL expire.
Try to add a user, which results in this error:

The dev tools network inspector shows the reason for the error for the /mutate request:

{"errors":[{"message":"rpc error: code = Unauthenticated desc = unable to parse jwt token:Token is expired","extensions":{"code":"ErrorInvalidRequest"}}],"data":null}

The refresh token should be used to re-authenticate the client after the TTL has expired.

diggy · September 30, 2019, 6:31pm

danielmai commented :

Another way to reproduce this:

Log in
Periodically click on Refresh Schema in the Schema tab the TTL expires.

Topic		Replies	Views
Allow overriding the JWKURL expireTime in GraphQL Authorization schema GraphQL	0	422	January 5, 2023
Login using pydgraph GraphQL kind:question	2	414	January 20, 2021
Unverified API Key Dgraph Cloud / Slash GraphQL kind:bug	10	552	January 4, 2021
Using GraphQL Admin API Ratel kind:question	1	733	January 20, 2021
HTTP response code App Development kind:question , auth , react , apollo-client	4	687	December 10, 2021

Unauthenticated desc = unable to parse jwt token:Token is expired

Related Topics