mcohen01 / node-quickbooks

nodejs client for Intuit's Quickbooks API
332 stars 235 forks source link

Refresh token consistently results in "invalid_grant" qb.refreshUsingToken(token) #192

Open aniespica opened 2 years ago

aniespica commented 2 years ago

This behavior is very intermittent, occurring 2 or 1 times over the week. The new refresh token cannot get a new access token and a new refresh token.

Our code does:

  1. A function that interacts with QuickBooks API is called.
  2. The function loads the OAuth token from our database.
  3. If the access token is expired, we request a new token using the refresh token
    const QuickbooksOauthClient = require("intuit-oauth");
    const quickbooksOauthClient = new QuickbooksOauthClient(getOauthConfig());
    const response = await quickbooksOauthClient.refreshUsingToken(clientsCredentials.RefreshToken);
  4. The new token and refresh token are saved in our database.
  5. The API is called.

When the refresh fails the response of qb.refreshUsingToken(token) is:

{
            "url": "https://oauth.platform.intuit.com/oauth2/v1/tokens/bearer",
            "headers": {
                "date": "Fri, 13 May 2022 05:10:41 GMT",
                "content-type": "application/json;charset=utf-8",
                "content-length": "25",
                "connection": "close",
                "intuit_tid": "1-627de851-4479c0f75a6b53953216f423",
                "x-spanid": "d48d9af9-627f-4e27-80c8-d03edc70538e",
                "x-amzn-trace-id": "Root=1-627de851-4479c0f75a6b53953216f423",
                "x-content-type-options": "nosniff",
                "server": "envoy",
                "cache-control": "no-cache, no-store",
                "pragma": "no-cache",
                "x-envoy-upstream-service-time": "30",
                "strict-transport-security": "max-age=31536000"
            },
            "body": "{\"error\":\"invalid_grant\"}",
            "status": 400,
            "statusText": "Bad Request"
}

We tried multiple times to refresh the token but always responded with the error invalid_grant. Our current solution is to authenticate again with the OAuth2.0