Open adrienjoly opened 8 months ago
adrienjoly
commented
8 months ago I tried fixed this problem by adding attemptSilentLogin: true to Auth0 init settings, but had to revert it immediately because trying to play a YouTube video after that would result in a checks.state argument is missing error in the player's area:
adrienjoly
commented
8 months ago That error was visible in server logs, whenever I tried to play a YouTube track, even after reverting the commit, resetting cookie and re-logging:
❌ Error -- Sat, 09 Mar 2024 13:43:31 GMT BadRequestError: checks.state argument is missing
at ResponseContext.callback (/home/adrien/openwhyd/node_modules/express-openid-connect/lib/context.js:347:15)
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)I found that it could be triggered directly by opening the iframe's target of the YouTube embed:
adrienjoly
commented
8 months ago After reverting the commit, invalidating cloudfront's cache for that file solved the issue.
adrienjoly
commented
8 months ago Related links:
adrienjoly
commented
8 months ago Hypothesis:
attemptSilentLogin: true made cloudfront-cached /html/YoutubePlayerIframe.html page call openwhyd.org/callback with missing (but expected) auth cookies, causing the checks.state argument is missing erroradrienjoly
commented
8 months ago From https://manage.auth0.com/dashboard/eu/openwhyd/applications/2bQPQT4zHVg2mKYR0uqk8rf5ItisvSWx/settings, set ID Token expiration from 36000 seconds (= 10 hours) to 1 week == 7243600 == 604800 seconds
Describe the bug Since we migrated authentication to auth0 (cf PR #705), users need to re-login everyday. Which is especially annoying when it happens on the downloadable electron app, because it's not possible to use the browser's password manager.