Azure AD Auth: Invalid Compact JWE

DominikOlczak commented 1 day ago

Steps to reproduce

Steps:

npx create-toolpad-app@latest --studio dog-app
cd dog-app
npx run dev
Setting up Azure AD Authentication
Sign in with Azure AD

Current behavior

Redirected to MS, selected the account and returned to the login page with an error in the console:

[auth][error] JWTSessionError: Read more at https://errors.authjs.dev#jwtsessionerror [auth][cause]: JWEInvalid: Invalid Compact JWE at compactDecrypt (<>/dog-app/node_modules/jose/dist/node/esm/jwe/compact/decrypt.js:13:15) at jwtDecrypt (<>/dog-app/node_modules/jose/dist/node/esm/jwt/decrypt.js:5:29) at Object.decode (<>/dog-app/node_modules/@auth/core/jwt.js:67:31) at Module.session (<>/dog-app/node_modules/@auth/core/lib/actions/session.js:17:39) at AuthInternal (<>/dog-app/node_modules/@auth/core/lib/index.js:35:38) at async Auth (<>/dog-app/node_modules/@auth/core/index.js:111:34) at async <>/dog-app/node_modules/@toolpad/studio/dist/cli/index.mjs:366:24

Expected behavior

Expects to log in.

Context

I registered the application in Azure, set env according to the instructions.

Your environment

npx @mui/envinfo

``` System: OS: Windows 11 10.0.22631 Browser: Microsoft Edge for Business 130.0.2849.46 Binaries: Node: 20.15.1 - ~\Node\node.EXE npm: 10.7.0 - ~\Node\npm.CMD pnpm: Not Found Browsers: Chrome: Not Found Edge: Chromium (127.0.2651.74) npmPackages: @emotion/react: 11.13.3 @emotion/styled: 11.13.0 @mui/base: 5.0.0-beta.59 @mui/core-downloads-tracker: 6.1.5 @mui/icons-material: 6.1.4 @mui/lab: 6.0.0-beta.12 @mui/material: 6.1.4 @mui/private-theming: 6.1.5 @mui/styled-engine: 6.1.5 @mui/system: 6.1.4 @mui/types: 7.2.18 @mui/utils: 6.1.4 @mui/x-charts: 7.21.0 @mui/x-charts-vendor: 7.20.0 @mui/x-data-grid: 7.21.0 @mui/x-data-grid-premium: 7.21.0 @mui/x-data-grid-pro: 7.21.0 @mui/x-date-pickers: 7.21.0 @mui/x-date-pickers-pro: 7.21.0 @mui/x-internals: 7.21.0 @mui/x-license: 7.21.0 @mui/x-tree-view: 7.21.0 @toolpad/core: 0.8.1 @toolpad/studio: latest => 0.8.1 @toolpad/studio-components: 0.8.1 @toolpad/studio-runtime: 0.8.1 @toolpad/utils: 0.8.1 @types/react: 18.3.12 react: 18.3.1 react-dom: 18.3.1 typescript: 5.5.4 ```

Search keywords: azure authentication

apedroferreira commented 20 hours ago

Hi, thanks for reporting this issue! Did the Azure authentication use to work before updating to v0.8.1 of @toolpad/studio, or have you ever only tried in this latest version? Just making sure it's not a regression due to any latest changes.

Also just in case before I look further into this: did you try clearing your cookies?

DominikOlczak commented 17 hours ago

I tested only on the latest version. Interestingly, it uses three accounts that give different results, and I did not set different permissions for them:

Account 1: [auth][cause]: JWEInvalid: Invalid Compact JWE at compactDecrypt (<>/dog-app/node_modules/jose/dist/node/esm/jwe/compact/decrypt.js:13:15) at jwtDecrypt (<>/dog-app/node_modules/jose/dist/node/esm/jwt/decrypt.js:5:29) at Object.decode (<>/dog-app/node_modules/@auth/core/jwt.js:67:31) at Module.session (<>/dog-app/node_modules/@auth/core/lib/actions/session.js:17:39) at AuthInternal (<>/dog-app/node_modules/@auth/core/lib/index.js:35:38) at async Auth (<>/dog-app/node_modules/@auth/core/index.js:111:34) at async <>/dog-app/node_modules/@toolpad/studio/dist/cli/index.mjs:366:24

Account 2: [auth][error] AccessDenied: AccessDenied. Read more at https://errors.authjs.dev#accessdenied at handleAuthorized (<>/dog-app/node_modules/@auth/core/lib/actions/callback/index.js:405:15) at process.processTicksAndRejections (node:internal/process/task_queues:95:5) at async Module.callback (<>/dog-app/node_modules/@auth/core/lib/actions/callback/index.js:63:30) at async AuthInternal (<>/dog-app/node_modules/@auth/core/lib/index.js:27:24) at async Auth (<>/dog-app/node_modules/@auth/core/index.js:111:34) at async <>/dog-app/node_modules/@toolpad/studio/dist/cli/index.mjs:366:24

Account 3: Successful login

mui / toolpad