Bug: (AuthorizationCode.exchangeAuthCodeForTokens)

[malwaremanu]

Prerequisites

• [X] I have searched the repository’s issues and Kinde community to ensure my issue isn’t a duplicate
• [X] I have read the contributing guidelines
• [X] I agree to the terms within the code of conduct

Describe the issue

nuxt-kinde-auth-sample % npm run dev

dev nuxt dev

Nuxt 3.7.4 with Nitro 2.6.3 9:20:34 PM 9:20:34 PM ➜ Local: http://localhost:3000/ ➜ Network: use --host to expose

➜ DevTools: press Shift + Option + D in the browser (v1.0.0) 9:20:35 PM

ℹ Vite client warmed up in 533ms 9:20:36 PM ✔ Nitro built in 279 ms nitro 9:20:36 PM [nuxt] [request error] [unhandled] [500] Authentication flow state not found at AuthorizationCode.exchangeAuthCodeForTokens (./node_modules/@kinde-oss/kinde-typescript-sdk/dist/sdk/oauth2-flows/AuthorizationCode.js:75:19)
at async AuthorizationCode.handleRedirectFromAuthDomain (./node_modules/@kinde-oss/kinde-typescript-sdk/dist/sdk/oauth2-flows/AuthCodeAbstract.js:36:24)
at async Object.handleRedirectToApp (./node_modules/@kinde-oss/kinde-typescript-sdk/dist/sdk/clients/server/authorization-code.js:55:9)
at (./node_modules/@nuxtjs/kinde/dist/runtime/server/api/callback.get.mjs:6:3)
at async Object.handler (./node_modules/h3/dist/index.mjs:1630:19)
at async Server.toNodeHandle (./node_modules/h3/dist/index.mjs:1840:7)

Starter kit URL

https://github.com/kinde-starter-kits/nuxt-starter-kit

Operating system(s)

macOS

Operating system version(s)

MacOS Sonoma 14.0

Further environment details

Nuxt 3.7.4 with Nitro 2.6.3

Reproducible test case URL

http://localhost:3000/api/callback?code=QbaIcMAOCYO8LVZJhSsyhRPuOuzWE4k_vrf3hnLlH9w.PaBCglsfpnAwHIJAzgZopB73-eB7RTDpP9-39HGbvQI&scope=openid%20profile%20email%20offline&state=21bf5d2a7964214db226f26105a1743f90ab369a8c878f70c0559af4

Additional information

No response

[DaveOrDead]

Hey @malwaremanu thanks for raising this one.

I haven't been able to reproduce it as yet, from the error message I'm assuming the state query parameter has gone out of sync.

Silly question but I assume all the environment variables are set correctly either via .env or runtime config?

Is this happening in all browsers?

[malwaremanu]

Yes it is happening in Firefox and Safari Both.

So, Here's my .env file.

NUXT_KINDE_CLIENT_ID="client_id copied from portal..." NUXT_KINDE_CLIENT_SECRET="secret copied from portal..." NUXT_KINDE_AUTH_DOMAIN="http://xyz.kinde.com" NUXT_KINDE_REDIRECT_URL="http://localhost:3000/api/callback" NUXT_KINDE_LOGOUT_REDIRECT_URL="http://localhost:3000" NUXT_KINDE_POST_LOGIN_REDIRECT_URL="http://localhost:3000/dashboard"

The moment i am logged in from http://xyz.kinde.com, it is redirecting me to this url

http://localhost:3000/api/callback?code=5tpK4VE7HgffqU6szKHYEjJDGrmAjIeG3j3gtt-gLhQ.Ud7KmhpYlL58nDJXe-gh_nKZbCdcNHcRnw34xFe87_U&scope=openid%20profile%20email%20offline&state=9e4ab3fa75e47797d7229b4ea609bd78e28e85d4a92320e6e6408a97

which gives me this json response. { "url": "/api/callback?code=5tpK4VE7HgffqU6szKHYEjJDGrmAjIeG3j3gtt-gLhQ.Ud7KmhpYlL58nDJXe-gh_nKZbCdcNHcRnw34xFe87_U&scope=openid%20profile%20email%20offline&state=9e4ab3fa75e47797d7229b4ea609bd78e28e85d4a92320e6e6408a97", "statusCode": 500, "statusMessage": "", "message": "fetch failed", "stack": "

<span class=\"stack internal\">at Object.fetch (node:internal/deps/undici/undici:13220:11)\n<span class=\"stack internal\">at process.processTicksAndRejections (node:internal/process/task_queues:95:5)\n<span class=\"stack internal\">at async AuthorizationCode.fetchTokensFor (./node_modules/@kinde-oss/kinde-typescript-sdk/dist/sdk/oauth2-flows/AuthCodeAbstract.js:136:26)\n<span class=\"stack internal\">at async AuthorizationCode.exchangeAuthCodeForTokens (./node_modules/@kinde-oss/kinde-typescript-sdk/dist/sdk/oauth2-flows/AuthorizationCode.js:85:20)\n<span class=\"stack internal\">at async AuthorizationCode.handleRedirectFromAuthDomain (./node_modules/@kinde-oss/kinde-typescript-sdk/dist/sdk/oauth2-flows/AuthCodeAbstract.js:36:24)\n<span class=\"stack internal\">at async Object.handleRedirectToApp (./node_modules/@kinde-oss/kinde-typescript-sdk/dist/sdk/clients/server/authorization-code.js:55:9)\n<span class=\"stack internal\">at  (./node_modules/@nuxtjs/kinde/dist/runtime/server/api/callback.get.mjs:6:3)\n<span class=\"stack internal\">at async Object.handler (./node_modules/h3/dist/index.mjs:1630:19)\n<span class=\"stack internal\">at async Server.toNodeHandle (./node_modules/h3/dist/index.mjs:1840:7)

" }

I can share me repo, if you can spare sometime. I may be doing some silly mistake, still i would like to learn something new.

and BTW, kinde.com is the easiest to implement so far. I have done it using fastapi python. Just struggling on frontend part.

Thanks, Manupal

[malwaremanu]

So, just to check if i am missing something, i again cloned the repo, changed .env.example to .env and pasted my env data. and then logged in again.

still i got a json response,

{"url":"/api/auth/callback?code=1tjaZZOL1x6lUaLfZrLrZYlj0NvvZpzWoKEBF4r9NJE._U3fzHA7hBCSj7js6czmFckcroFZ2EoI7C4EyQ6vsjA&scope=openid profile email offline&state=538616164f2d3b46d27e90c596b96e70ac3be461a1a4b96cd8928d78","statusCode":404,"statusMessage":"Page not found: /api/auth/callback?code=1tjaZZOL1x6lUaLfZrLrZYlj0NvvZpzWoKEBF4r9NJE._U3fzHA7hBCSj7js6czmFckcroFZ2EoI7C4EyQ6vsjA&scope=openid+profile+email+offline&state=538616164f2d3b46d27e90c596b96e70ac3be461a1a4b96cd8928d78","message":"Page not found: /api/auth/callback?code=1tjaZZOL1x6lUaLfZrLrZYlj0NvvZpzWoKEBF4r9NJE._U3fzHA7hBCSj7js6czmFckcroFZ2EoI7C4EyQ6vsjA&scope=openid+profile+email+offline&state=538616164f2d3b46d27e90c596b96e70ac3be461a1a4b96cd8928d78","stack":""}

I hope, i am doing my best to express an error.

[DanielRivers]

Hi @malwaremanu, there have been a number of enhancements to the Nuxt Module over the last few weeks, are you able to give it another go with the latest module version and see if you're still experiencing any issues?