aws / aws-toolkit-jetbrains

AWS Toolkit for JetBrains - a plugin for interacting with AWS from JetBrains IDEs
https://plugins.jetbrains.com/plugin/11349-aws-toolkit
Apache License 2.0
764 stars 221 forks source link

invalid_grant: Invalid grant provided #5006

Open lsq-ablair opened 2 weeks ago

lsq-ablair commented 2 weeks ago

It may be a "question" or a request to documentation, but it's expressed solely as an Error and so I'm reporting it as a bug.

I've created an application in the Amazon Q for Business dashboard.

I managed to find my org's Identity and Access Center, and I created a user for myself. I found out that I needed to add my user to one of the sub-accounts in IAC (I think). That's done.

Back to the application, I assigned a license for Amazon Q Business Pro to my user.

Back at the IAC dashboard, copy-paste the URL into the IntelliJ GUI to log into Amazon Q, and click login. A browser comes up, I sign in as the IAC user, and I'm directed to a page, "Request denied -- Unknown error. See IDE logs for more details."

Then in the IDE, I get the error at the bottom: Invalid grant provided. I don't have any details on where to go from here. The IDE dumps me back at "Choose a sign-in option".

Help?

Your Environment

Additional context

Ran into unknown error: java.util.concurrent.ExecutionException: software.amazon.awssdk.services.ssooidc.model.InvalidGrantException: invalid_grant: Invalid grant provided (Service: SsoOidc, Status Code: 400, Request ID: 293dd7b9-57-...926eb)

IDontKnowMyUsername commented 1 week ago

Also been experiencing this issue for awhile.

java.util.concurrent.ExecutionException: software.amazon.awssdk.services.ssooidc.model.InvalidGrantException: invalid_grant: Invalid grant provided (Service: SsoOidc, Status Code: 400, Request ID: b0257244-ce92-4188-9e91-e13d11f597a4)
    at java.base/java.util.concurrent.CompletableFuture.reportGet(CompletableFuture.java:396)
    at java.base/java.util.concurrent.CompletableFuture.get(CompletableFuture.java:2073)
    at software.aws.toolkits.jetbrains.core.credentials.sso.SsoAccessTokenProvider.pollForPkceToken(SsoAccessTokenProvider.kt:379)
    at software.aws.toolkits.jetbrains.core.credentials.sso.SsoAccessTokenProvider.accessToken(SsoAccessTokenProvider.kt:166)
    at software.aws.toolkits.jetbrains.core.credentials.sso.bearer.InteractiveBearerTokenProvider.reauthenticate(BearerTokenProvider.kt:183)
    at software.aws.toolkits.jetbrains.core.credentials.ToolkitAuthManagerKt$reauthConnectionIfNeeded$2$1.invoke(ToolkitAuthManager.kt:259)
    at software.aws.toolkits.jetbrains.core.credentials.ToolkitAuthManagerKt$reauthConnectionIfNeeded$2$1.invoke(ToolkitAuthManager.kt:257)
    at software.aws.toolkits.jetbrains.utils.ThreadingUtilsKt.runUnderProgressIfNeeded$lambda$0(ThreadingUtils.kt:30)
    at com.intellij.openapi.progress.impl.CoreProgressManager$1.run(CoreProgressManager.java:299)
    at com.intellij.openapi.progress.impl.CoreProgressManager.startTask(CoreProgressManager.java:477)
    at com.intellij.openapi.progress.impl.ProgressManagerImpl.startTask(ProgressManagerImpl.java:133)
    at com.intellij.openapi.progress.impl.CoreProgressManager.lambda$runProcessWithProgressSynchronously$9(CoreProgressManager.java:567)
    at com.intellij.openapi.progress.impl.ProgressRunner.lambda$new$0(ProgressRunner.java:85)
    at com.intellij.openapi.progress.impl.ProgressRunner.lambda$submit$4(ProgressRunner.java:249)
    at com.intellij.openapi.progress.ProgressManager.lambda$runProcess$0(ProgressManager.java:98)
    at com.intellij.openapi.progress.impl.CoreProgressManager.lambda$runProcess$1(CoreProgressManager.java:221)
    at com.intellij.platform.diagnostic.telemetry.helpers.TraceKt.use(trace.kt:49)
    at com.intellij.openapi.progress.impl.CoreProgressManager.lambda$runProcess$2(CoreProgressManager.java:220)
    at com.intellij.openapi.progress.impl.CoreProgressManager.lambda$executeProcessUnderProgress$13(CoreProgressManager.java:660)
    at com.intellij.openapi.progress.impl.CoreProgressManager.registerIndicatorAndRun(CoreProgressManager.java:735)
    at com.intellij.openapi.progress.impl.CoreProgressManager.computeUnderProgress(CoreProgressManager.java:691)
    at com.intellij.openapi.progress.impl.CoreProgressManager.executeProcessUnderProgress(CoreProgressManager.java:659)
    at com.intellij.openapi.progress.impl.ProgressManagerImpl.executeProcessUnderProgress(ProgressManagerImpl.java:79)
    at com.intellij.openapi.progress.impl.CoreProgressManager.runProcess(CoreProgressManager.java:202)
    at com.intellij.openapi.progress.ProgressManager.runProcess(ProgressManager.java:98)
    at com.intellij.openapi.progress.impl.ProgressRunner.lambda$submit$5(ProgressRunner.java:249)
    at com.intellij.openapi.progress.impl.ProgressRunner$ProgressRunnable.run(ProgressRunner.java:501)
    at com.intellij.openapi.progress.impl.ProgressRunner.lambda$launchTask$18(ProgressRunner.java:466)
    at com.intellij.util.concurrency.ChildContext$runAsCoroutine$1.invoke(propagation.kt:92)
    at com.intellij.util.concurrency.ChildContext$runAsCoroutine$1.invoke(propagation.kt:92)
    at com.intellij.util.concurrency.ChildContext.runAsCoroutine(propagation.kt:97)
    at com.intellij.util.concurrency.ChildContext.runAsCoroutine(propagation.kt:92)
    at com.intellij.openapi.progress.impl.ProgressRunner.lambda$launchTask$19(ProgressRunner.java:464)
    at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1144)
    at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:642)
    at java.base/java.util.concurrent.Executors$PrivilegedThreadFactory$1$1.run(Executors.java:735)
    at java.base/java.util.concurrent.Executors$PrivilegedThreadFactory$1$1.run(Executors.java:732)
    at java.base/java.security.AccessController.doPrivileged(AccessController.java:400)
    at java.base/java.util.concurrent.Executors$PrivilegedThreadFactory$1.run(Executors.java:732)
    at java.base/java.lang.Thread.run(Thread.java:1583)
Caused by: software.amazon.awssdk.services.ssooidc.model.InvalidGrantException: invalid_grant: Invalid grant provided (Service: SsoOidc, Status Code: 400, Request ID: b0257244-ce92-4188-9e91-e13d11f597a4)
    at software.amazon.awssdk.services.ssooidc.model.InvalidGrantException$BuilderImpl.build(InvalidGrantException.java:282)
    at software.amazon.awssdk.services.ssooidc.model.InvalidGrantException$BuilderImpl.build(InvalidGrantException.java:188)
    at software.aws.toolkits.jetbrains.core.credentials.sso.bearer.BearerTokenProviderKt$ssoOidcClientConfigurationBuilder$1$2.modifyException(BearerTokenProvider.kt:275)
    at software.amazon.awssdk.core.interceptor.ExecutionInterceptorChain.modifyException(ExecutionInterceptorChain.java:181)
    at software.amazon.awssdk.core.internal.http.pipeline.stages.utils.ExceptionReportingUtils.runModifyException(ExceptionReportingUtils.java:54)
    at software.amazon.awssdk.core.internal.http.pipeline.stages.utils.ExceptionReportingUtils.reportFailureToInterceptors(ExceptionReportingUtils.java:38)
    at software.amazon.awssdk.core.internal.http.pipeline.stages.ExecutionFailureExceptionReportingStage.execute(ExecutionFailureExceptionReportingStage.java:39)
    at software.amazon.awssdk.core.internal.http.pipeline.stages.ExecutionFailureExceptionReportingStage.execute(ExecutionFailureExceptionReportingStage.java:26)
    at software.amazon.awssdk.core.internal.http.AmazonSyncHttpClient$RequestExecutionBuilderImpl.execute(AmazonSyncHttpClient.java:210)
    at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.invoke(BaseSyncClientHandler.java:103)
    at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.doExecute(BaseSyncClientHandler.java:173)
    at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.lambda$execute$1(BaseSyncClientHandler.java:80)
    at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.measureApiCallSuccess(BaseSyncClientHandler.java:182)
    at software.amazon.awssdk.core.internal.handler.BaseSyncClientHandler.execute(BaseSyncClientHandler.java:74)
    at software.amazon.awssdk.core.client.handler.SdkSyncClientHandler.execute(SdkSyncClientHandler.java:45)
    at software.amazon.awssdk.awscore.client.handler.AwsSyncClientHandler.execute(AwsSyncClientHandler.java:53)
    at software.amazon.awssdk.services.ssooidc.DefaultSsoOidcClient.createToken(DefaultSsoOidcClient.java:171)
    at software.amazon.awssdk.services.ssooidc.SsoOidcClient.createToken(SsoOidcClient.java:232)
    at software.aws.toolkits.jetbrains.core.credentials.sso.pkce.ToolkitOauthCredentialsAcquirer.acquireCredentials(ToolkitOAuthService.kt:149)
    at com.intellij.collaboration.auth.services.OAuthServiceBase.processCode(OAuthServiceBase.kt:81)
    at com.intellij.collaboration.auth.services.OAuthServiceBase.handleServerCallback(OAuthServiceBase.kt:47)
    at com.intellij.collaboration.auth.services.OAuthServiceBase.handleOAuthServerCallback(OAuthServiceBase.kt:54)
    at software.aws.toolkits.jetbrains.core.credentials.sso.pkce.ToolkitOAuthService.handleOAuthServerCallback(ToolkitOAuthService.kt:83)
    at com.intellij.collaboration.auth.services.OAuthCallbackHandler.execute$handle$lambda$1(OAuthCallbackHandler.kt:41)
    at com.intellij.openapi.progress.ProgressManager.lambda$runProcess$0(ProgressManager.java:98)
    at com.intellij.openapi.progress.impl.CoreProgressManager.lambda$runProcess$2(CoreProgressManager.java:217)
    at com.intellij.openapi.progress.impl.CoreProgressManager.lambda$executeProcessUnderProgress$13(CoreProgressManager.java:660)
    at com.intellij.openapi.progress.impl.CoreProgressManager.registerIndicatorAndRun(CoreProgressManager.java:735)
    at com.intellij.openapi.progress.impl.CoreProgressManager.computeUnderProgress(CoreProgressManager.java:691)
    at com.intellij.openapi.progress.impl.CoreProgressManager.executeProcessUnderProgress(CoreProgressManager.java:659)
    at com.intellij.openapi.progress.impl.ProgressManagerImpl.executeProcessUnderProgress(ProgressManagerImpl.java:79)
    at com.intellij.openapi.progress.impl.CoreProgressManager.runProcess(CoreProgressManager.java:202)
    at com.intellij.openapi.progress.ProgressManager.runProcess(ProgressManager.java:98)
    at com.intellij.collaboration.auth.services.OAuthCallbackHandler.execute$handle(OAuthCallbackHandler.kt:40)
    at com.intellij.collaboration.auth.services.OAuthCallbackHandler.execute$lambda$2(OAuthCallbackHandler.kt:46)
    at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1768)
    at com.intellij.util.concurrency.ContextRunnable.run(ContextRunnable.java:27)
    ... 7 more