search

dakboard / Cloud-Platform

Feature requests, enhancements and anything you'd like to see in DAKboard!
https://dakboard.com
166 stars 39 forks source link

Edit Calendar breaks when calendar is using an expired AAD token #2120

Closed ebarnard closed 4 months ago

ebarnard commented 4 months ago

Describe the bug I had a calendar block linked to a Microsoft 365 calendar. The refresh token issued by AAD has expired or been revoked. I can not edit the calendar block or re-auth with Microsoft to get a new refresh token.

To Reproduce Try to edit a calendar block which is linked to an Office 365 calendar with an expired or revoked refresh token.

Expected behavior The Edit Calendar popover appears, and I am able to re-auth with Microsoft.

Screenshots

Screenshot 2024-05-31 at 23 20 51

Desktop (please complete the following information): N/A

Additional context N/A

cocarrig commented 4 months ago

@ebarnard

Sorry to hear this is an issue for you. An expired token can prevent continued use of your MS calendars but should not prevent the modal from opening. I've performed a few tests and havent been able to recreate the modal hanging. Can you try this again, and authorize your account again from the https://dakboard.com/authorizations page and let us know if you are still encountering issues? If so please reach out and make a support ticket, where we can pull some information specific to your account to better help you. https://dakboard.freshdesk.com/support/tickets/new

Will close this for now, but we can reopen if necessary

ebarnard commented 4 months ago

Hi @cocarrig, I did open a support ticket, but got an email reply saying to open an issue here:

Screenshot 2024-06-04 at 22 53 03

I've tried re-authorizing but can now not see any Outlook 365 calendars - I imagine this is related to a company policy change around approved apps.

I still think the original issue is clearly a bug. I imagine you are handling token expiry but possibly not token recovation which happens on e.g. password reset. The documentation suggests that on receiving an invalid_grant response when acquiring a new access token from a refresh token (it's from this internal request that text in the above screenshot comes from - and which you are returning verbatim), you need to restart the auth flow.

cocarrig commented 3 months ago

Hi @ebarnard,

Thanks for sharing. Currently we would show the account in the modal, but with no eligible calendars to select. It makes sense that improved feedback in the modal under these circumstances should be added to better guide the user to the appropriate solution or authorizing the account again. I'll get us a case open for that.

It should never stop the modal from opening/loading though, this I will see if I can recreate and address accordingly if it occurs again