Stuck on an issue?
Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
When I go back to an app which has been logged in for a while, I get 401 errors again
See original GitHub issueEnvironment
$ community-solid-server --version 4.0.1 $ node --version v16.13.0
Description
When I go back to an app which has been logged in for a while, like over 24 hours, I get 401 errors again on network requests frm the running webapp …as though the dpop refresh isn’t working.
Request Headers include
authorization: DPoP eyJhbGciOiJSUzI1NiIsImtpZCI6IlJTZFhXUEplV0pJIn0.eyJpc3MiOiJodHRwczovL2lucnVwdC5uZXQiLCJhdWQiOiJzb2xpZCIsInN1YiI6Imh0dHBzOi8vdGltYmwuaW5ydXB0Lm5ldC9wcm9maWxlL2NhcmQjbWUiLCJleHAiOjE2NTc1MzU2MzksImlhdCI6MTY1NjMyNjAzOSwianRpIjoiYTZkMTU2NTZmNDNhMjQwZSIsImNuZiI6eyJqa3QiOiI5MzJGNzFpN19aeHhHMnFsc1ZROFJIUHdrM0FjZVZ5MTBSeW9Mc3FwZ2hjIn0sImNsaWVudF9pZCI6ImY4Y2VhNzE3NTkyZmQ4YjIzMDdiOWVjM2EwN2Y2MTY1Iiwid2ViaWQiOiJodHRwczovL3RpbWJsLmlucnVwdC5uZXQvcHJvZmlsZS9jYXJkI21lIn0.QtcBNkASE6J6DtMR-ve-yyNS2nGZ--T4rbQzVNuCLHo8fXXg7PiAv_Knd7k3AW1McdAE_dEBuHGlYwrYs8oRdEu1psMiSW2swkGKemne4mMcrxjGAg_uPVnbr3jCCsu3GtBKXd6l0skm_U0NyPXO5-PYRuGtrstO0xB_2jX3wDWMU-yWs8ODoekzhxN7LnGh7fE8qUkYBT1DM_Ch1wzwiksDtUli3pOYYJMPb0c5-bLZQiTKAurBwGZgHYu-fy3v0ktafx2QCLjv-sojozMm3c_FsCjisieOFpq0RHiyreitOMewKl3y9xvs13m6SDYMz32_c8UNVf9-w1xTeZ9B7g
Connection: keep-alive
Cookie: ASPSESSIONIDCQDTDQQQ=KBFBLBECHLGCPHCJHGAONIHH; BIGipServer~CorpWeb~pool-corpweb-prod-80=1904955032.20480.0000
dpop: eyJhbGciOiJFUzI1NiIsImp3ayI6eyJjcnYiOiJQLTI1NiIsImt0eSI6IkVDIiwieCI6IkJwaElvZnVTVU9fbzBNdS0yaTZxY3ZKTHZ6LTZRaGtqWkdmVU9tMktuVGsiLCJ5Ijoia29LbnRNT2h6NmNicVk1TF9pS2h0OXZwOXZ0Tng0SHVaMFlqbkhrYUl2TSIsImFsZyI6IkVTMjU2In0sInR5cCI6ImRwb3Arand0In0.eyJodHUiOiJodHRwczovL3RpbWJsLmNvbS90aW1ibC9PZmZpY2UvSW5ydXB0L1RlYW0vVGltT3BlcmF0aW9uYWxJc3N1ZXMvc3RhdGUudHRsIiwiaHRtIjoiR0VUIiwianRpIjoiNDBkMDYyMTQtOTc4MC00Mjk3LTlhYzUtZGRjMTAwNTM0ZmQ3IiwiaWF0IjoxNjU2NjY4ODQ1fQ.RjC8lI3u1Tp0Rp8QBjUZAQhIXAeFIgMPkrg1-6_-kjZRAaiDydF1wo6ZWjcVRgbfReBjOjMFN1zUWzGOB_HdnQ
Respose body
<b0> <http://purl.org/dc/terms/title> "UnauthorizedHttpError";
<http://purl.org/dc/terms/description> "";
<urn:npm:solid:community-server:error:stack> "UnauthorizedHttpError\n at PermissionBasedAuthorizer.requireModePermission (/Users/timbl/src/github.com/CommunitySolidServer/CommunitySolidServer/dist/authorization/PermissionBasedAuthorizer.js:70:23)\n at PermissionBasedAuthorizer.handle (/Users/timbl/src/github.com/CommunitySolidServer/CommunitySolidServer/dist/authorization/PermissionBasedAuthorizer.js:35:22)\n at PermissionBasedAuthorizer.handleSafe (/Users/timbl/src/github.com/CommunitySolidServer/CommunitySolidServer/dist/util/handlers/AsyncHandler.js:29:21)\n at runMicrotasks (<anonymous>)\n at processTicksAndRejections (node:internal/process/task_queues:96:5)\n at async AuthorizingHttpHandler.handle (/Users/timbl/src/github.com/CommunitySolidServer/CommunitySolidServer/dist/server/AuthorizingHttpHandler.js:34:13)\n at async ParsingHttpHandler.handle (/Users/timbl/src/github.com/CommunitySolidServer/CommunitySolidServer/dist/server/ParsingHttpHandler.js:29:22)\n at async SequenceHandler.handle (/Users/timbl/src/github.com/CommunitySolidServer/CommunitySolidServer/dist/util/handlers/SequenceHandler.js:27:26)\n at async Server.<anonymous> (/Users/timbl/src/github.com/CommunitySolidServer/CommunitySolidServer/dist/server/BaseHttpServerFactory.js:33:17)".
Server log
2022-07-01T09:47:25.319Z [BaseHttpServerFactory] info: Received GET request for /timbl/Office/Inrupt/Team/TimOperationalIssues/state.ttl
2022-07-01T09:47:26.592Z [DPoPWebIdExtractor] warn: Error verifying WebID via DPoP-bound access token: "iat" claim timestamp check failed (too far in the past)
2022-07-01T09:47:26.605Z [WebAclReader] info: Reading ACL statements from https://timbl.com/timbl/Office/Inrupt/Team/.acl
2022-07-01T09:47:26.606Z [PermissionBasedAuthorizer] warn: Unauthenticated agent has no read permissions
Issue Analytics
- State:
- Created a year ago
- Comments:6 (2 by maintainers)
Top Results From Across the Web
401 Error: 5 Ways to Troubleshoot and Fix It - Hostinger
The 401 Unauthorized error is triggered by unauthenticated requests made to a WordPress web server. Learn how to identify and fix the issue....
Read more >How to Quickly Fix the 401 Unauthorized Error (5 Methods)
The 401 (Unauthorized) status code indicates that the request has not been applied because it lacks valid authentication credentials for the ...
Read more >How to Fix a 401 Unauthorized Error - Lifewire
If you've just logged in and received the 401 Unauthorized error, it means that the credentials you entered were invalid for some reason....
Read more >401 Unauthorized Error: What It Is and How to Fix It
The 401 Unauthorized Error is an HTTP response status code indicating that the client could not authenticate a request.
Read more >HTTP 401 Unauthorized Error | What Is and How to Fix?
Your active version could be clashing with the cached form of your desktop which triggers a 401 error. If this is the case...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Pinging @matthieubosquet to verify, but my assumption is that the client used a token that expired and should have used a refresh token to renew or should have forced the user to log in again.
If this seems to be an issue with the client refreshing tokes, it probably should be reported in https://github.com/inrupt/solid-client-authn-js
Probably checking first if solidos is requesting
offline_accessscope.