Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
FERRT errors from getTokenSilently intermittently during concurrent requests
See original GitHub issueI shared this on the community forums already, but figured, this might be a better place for reporting if it a bug.
Describe the problem
Concurrent calls to getTokenSilently can allow multiple locks to be acquired causing FERRT errors if the access token in the cache has expired.
What was the expected behavior?
getTokenSilently prevents multiple concurrent from acquiring multiple locks.
Reproduction
Unfortunately, this is tough to reproduce as it is intermittent, but I was able to using the SPA SDK playground. I changed the getToken function in the playground to call the getTokenSilently method 15 times. I’m sure there is more aggressive configuration combination that might error quicker, but while debugging what we were experiencing, I was trying to stay as true to our application’s situation as possible. Essentially, I tried to wait until the access token was going to expire and start consistently pressing the “Get Access Token” button.
Auth0 API Audience: my.domain.com Access Token Expiration: 70s
Application Refresh Token Behavior - Rotating Refresh Token Lifetime - 36000 Refresh Token Reuse Interval - 30
Playground Audience - my.domain.com Use local storage - true Use refresh tokens - true Use token cache when fetching new tokens - true Use Auth0Client constructor - false
Environment
- Version of
auth0-spa-jsused: 1.11.0 - Which browsers have you tested in? Firefox 79, Safari 13.1.2
Screenshots
Issue Analytics
- State:
- Created 3 years ago
- Reactions:3
- Comments:10 (7 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
@egadstar 👋 just checking in to say that we are continuing to find a solution for this, I’ll tag the PR here when we have something.
Hey @egadstar - I’ve had a look at the issue and I’m able to reproduce it.
The problem occurs when acquiring the lock times out. If the async operation takes about 500ms, and you queue up 15 operations instantly. The 11th operation will have been waiting for ~5.5secs (500ms * 11).
Since the lock times out after 5 secs. The 11th and subsequent 3 in the queue will all be allowed to pass at the same time. If during this time your access token has expired, you will see one of those calls succeeding and the others failing with FERRT errors.
I’ve put a branch here that demonstrates the problem https://github.com/auth0/auth0-spa-js/compare/locks-test
Run
for (let i = 0; i < 16; i++) { auth0.getTokenSilently() }and in the console you will see something like:Obviously if the server response times are slower, you will need to hit this less frequently to reproduce it - but you will always need the token to expire while you’re making multiple requests, which makes this hard to reproduce (adding
ignoreCache: truewould make it easier to reproduce)I’ll have a chat with my team and look in our logs to see how common FERRT errors are with the SPA JS client.