bug: refresh token not found

[Joozty]

Describe the bug

I'm using the @logto/next package to integrate logto.io with my Next.js application (app router). I followed the documentation you provided, and everything worked until now. I haven't worked on the project for a week, and today, when I use the logtoClient.getLogtoContext method, I receive an invalid_grant error. I checked the audit logs and found out that the refresh token is not found (see attached screenshot). This error is only thrown when I use fetchUserInfo: true. If this is omitted, the context is correctly returned with isAuthenticated set to true. Can you please guide me on what to do in this case? Is it a bug on your side?

Expected behavior

User info is fetched correctly when fetchUserInfo is set to true.

How to reproduce?

Context

• [x] Logto Cloud
• [ ] Self-hosted, Logto version =
  • [ ] Container (Docker image)
  • [ ] Raw Node.js

Screenshots

Fetch info is set to true - throws invalid_grant error.

Fetch info is set to false - works correctly.

Audit log error

[wangsijie]

Event the refresh token is expired, the error message won't be "refresh token not found". I guess the problem is on the user side, maybe this user is deleted or suspended?

[Joozty]

The user is neither suspended nor deleted. I managed to log out and log back in again, and everything works just fine. However, I am worried that this issue might occur in production and I would like to known how to handle it correctly.

[wangsijie]

I will review the logs and attempt to reproduce. I’ll keep you posted on this issue.

[wangsijie]

I am unable to reproduce, I started a project, sign in, and wait for several days, make sure the refresh token is already expired. Then try to fetch user info, the error message is "grant request is invalid" which is expected.

Though, there is one thing to do, make sure the cookie expiration time is shorter then refresh token TTL.

I am closing this issue, feel free to reopen if it happens again.