Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Invalid state in OAuth flow

See original GitHub issue

When I log in through the hosted UI, I am redirected to my domain with a code. All was working fine with version 1.1.23, when I upgraded to 1.1.25 I got an exception “Invalid state in OAuth flow”

The exception is thrown from

OAuth.prototype._validateState = function (urlParams) {
        if (!urlParams) {
            return;
        }
        var savedState = oAuthStorage.getState();
        var returnedState = urlParams.state;
        if (savedState !== returnedState) {
           throw new Error('Invalid state in OAuth flow');
        }
    };

When I check savedState and returnedState, savedState is null and returnedState is undefined

  • Device: MacBook Pro
  • OS: 10.13.6
  • Browser Chrome
  • Version 73

[DEBUG] 36:20.15 AuthClass - getting current authenticted user ConsoleLogger.js:78 [DEBUG] 36:20.77 AuthClass - cannot load federated user from auth storage ConsoleLogger.js:78 [DEBUG] 36:20.78 AuthClass - get current authenticated userpool user ConsoleLogger.js:78 [DEBUG] 36:20.78 AuthClass - Failed to get user from user pool ConsoleLogger.js:88 [DEBUG] 36:20.79 AuthClass - The user is not authenticated by the error

Issue Analytics

  • State:closed
  • Created 4 years ago
  • Comments:18 (5 by maintainers)

github_iconTop GitHub Comments

3reactions
AlexWang-16commented, Aug 30, 2020

II’m also getting this issue with my react application while using amplify. I have version 3.0.23.

EDIT:

I discovered the issue was due to my app client being configured with a client secret, which should not have been for the case of a react web application. I resolved this by creating a new app client and specifically unchecking “generate client secret” option and reconfigured my react app’s Cognito configurations with the new client_id.

2reactions
manueliglesiascommented, Apr 10, 2019

Hi,

I am working on a fix for this, thanks for the patience.

Read more comments on GitHub >

github_iconTop Results From Across the Web

Invalid state using oauth-client - Laracasts
I started working on a small project using Laravel / Github oAuth-client ... after I authenticate i get this error message : invalid...
Read more >
Paw Oauth2 Implicit Grant Flow: Invalid State in authorization ...
I have a web front-end that works great -- I can authenticate via Slack and get a token from my callback method (via...
Read more >
Invalid state error after using Oauth with Auth0 React SPA
Hello, I've been trying to implement the Intercom Oauth flow in my app that is powered by Auth0. Unfortunately, after I get redirected...
Read more >
Invalid state when logging into connected python web app
I am having trouble setting up Salesforce as an auth provider for my Django application using Django Allauth, getting "No_Oauth_State: State ...
Read more >
Invalid State Error - Hosted UI - AWS re:Post
... -with-amazon-cognito-oauth2-implementation/ I have a static we. ... The problem is, when I log in with that account, I get an invalid State...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

aws-amplify-react-native version 2.1.10 breaks withOAuth Custom Provider Authentication

Next page

React Native - Unable to resolve “@aws-amplify/ui/dist/style.css”