next-drupal icon indicating copy to clipboard operation
next-drupal copied to clipboard
verified publisher icon chapter-three

Multiple Oauth Token generation

Open MontiMarco92 opened this issue 1 year ago • 1 comments

Package containing the bug

I’m not sure

Describe the bug

I am testing the 2.0 beta version with Nextjs App router and I'm using CliendId and ClientSecret authentication with Drupal. I've noticed that multiple tokens are generated on drupal (I think is also happening on the 1.6 version from what I recall, but I'm not sure). I'm not sure if this is the expected behaviour but I would expect to have one token generated since the client (FE) is only one. What do you think ?

image

Expected behavior

Maybe to have only one oAuth token generated on Drupal.

Steps to reproduce:

  1. First, go to 'admin/config/people/simple_oauth/oauth2_token' and remove all available tokens.
  2. Then start your development build of NexJs app. Try to access a page, so requests to the BE are made
  3. 😢 You should see multiple tokens generated on Drupal

Additional context

  • I'm using ClientId + ClientSecret auth.
  • next-drupal npm package 2.0 beta version
  • Nextjs App router v 14.2.3

Related issues (might be related):

#636

MontiMarco92 avatar Jun 13 '24 10:06 MontiMarco92

I'm also getting numerous access tokens. I'm trying to create hundreds of dynamic routes via getResourceCollectionPathSegments(). It will get about ~500 articles in before it fails with:

Error: Error while fetching new access token: Unauthorized at n.auth.clientId.throwIfJsonErrors (.next/server/chunks/ssr/[root-of-the-server]__2a950c2d._.js:2:5676) at async n.auth.clientId.getAccessToken (.next/server/chunks/ssr/[root-of-the-server]__2a950c2d._.js:2:4942) at async n.auth.clientId.getAuthorizationHeader (.next/server/chunks/ssr/[root-of-the-server]__2a950c2d._.js:2:2419) at async n.auth.clientId.fetch (.next/server/chunks/ssr/[root-of-the-server]__2a950c2d._.js:2:1879) at async n.auth.clientId.getResourceByPath (.next/server/chunks/ssr/[root-of-the-server]__2a950c2d._.js:2:10463) at async p (.next/server/chunks/ssr/[root-of-the-server]__2a950c2d._.js:2:15786) { errors: 'Unauthorized', statusCode: 401, digest: '2182102217' }

This is happening within 30 seconds of being issued the tokent, no expiration adjustment solves the problem.

badaczewski avatar Nov 17 '25 18:11 badaczewski