question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Nonce does not match [8.2.0]

See original GitHub issue

I’m using parseHash to parse the access_token returned after logging a user in and occasionally receiving an error about the nonce not matching.

this.auth0 = new auth0.WebAuth({
      clientID: clientId,
      domain: domain,
      leeway: 60 // 1 minute leeway
    });

...

parseInfo(hash) {
    return new BluebirdPromise((resolve, reject) => {
      return this.parseHash(hash, (err, authResult) => {
        if (err) {
          return console.log(err);
        }
        const {accessToken, idToken} = authResult;

        return this.auth0.client.userInfo(accessToken, (err, profile) => {
          return resolve({profile, idToken});
        });
      });
    });
  }

...

_socialLogin(connection) {
    //redirects the call to auth0 instance
    const loginParams = {
      connection: connection,
      responseType: 'token id_token',
      redirectUri: `${Config.clientUrl}/auth/callback`,
      scope: LOGIN_TOKEN_SCOPE
    };

    this.auth0.authorize(loginParams);
  }

I’m passing window.location.hash to the parseInfo function. Is there something I’m missing based on the above configuration that might sometimes return a nonce match error?

Issue Analytics

  • State:closed
  • Created 7 years ago
  • Comments:32 (11 by maintainers)

github_iconTop GitHub Comments

15reactions
davidaschercommented, May 25, 2017

FYI: in my case, the problem was that I was calling parseHash and not specifying options (as the samples e.g. https://github.com/auth0-samples/auth0-react-samples/blob/master/01-Login/src/Auth/Auth.js#L29 do. Once I changed:

    this.auth0.parseHash((err, authResult) => {

to

    this.auth0.parseHash(window.location.hash, (err, authResult) => {

the nonce complaint went away.

4reactions
tdekoekkoekcommented, Jun 2, 2017

Thanks @davidascher, that fixed my problem as well. Strange though as the sample Angular 2 app on Auth0 site did not include the window.location.hash.

Read more comments on GitHub >

github_iconTop Results From Across the Web

invalid token nonce does not match - Auth0 Community
I occasionally get an invalid token error logging in with the error of nonce does not match. Today it was logging in to...
Read more >
Nonce keys do not match - WordPress.org
Hi, I have just installed the plugin and started a scan, but I got the error message: Nonce keys do not match. Try...
Read more >
What's the purpose of a nonce for uploads through ... - Reddit
I have a site where all users are allowed to upload images through a front end tool. The file selection tool (a file...
Read more >
Brocade Fabric OS Message Reference Manual, 8.2.1 - Dell
alternative name (SAN) of the peer does not match the expected identifier for the ... A nonce is a single-use, usually random value...
Read more >
ETSI TS 133 203 V8.8.0 (2010-01)
No part may be reproduced except as authorized by written permission. ... P-CSCF shall agree on security associations, which include the encryption key...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found