What would cause "No code received" error?

[tensiondriven]

I sometimes get an exception in my logs, "No code received" for my app when running in production, but I can never reproduce it. Does anyone know what might cause a missing_code "No code received" error to occur?

Here's my config: (client_id and client_secret omitted)

config :ueberauth, Ueberauth,
  providers: [
    google: {
      Ueberauth.Strategy.Google,
      [
        request_path: "/login",
        callback_path: "/auth/google/callback",
        default_scope: "email profile"
      ]
    }
  ]

[doomspork]

This is interesting @tensiondriven, we'd really need more logs to be able to do much. Here is where the error is returned: https://github.com/ueberauth/ueberauth_google/blob/master/lib/ueberauth/strategy/google.ex#L50

If we look at the function above it, that fails to match, the "code" param must evidently be absent. That suggest an issue with Google response and potentially our error handling?

Thoughts @ueberauth/core?

[tensiondriven]

Unfortunately, my raw logs aren't available. All I can provide is:

RuntimeError: oauth callback received failure response: %{current_user: nil, ueberauth_failure: %Ueberauth.Failure{errors: [%Ueberauth.Failure.Error{message: "No code received", message_key: "missing_code"}], provider: :google, strategy: Ueberauth.Strateg...

[doomspork]

@tensiondriven I still have not been able to replicate this issue myself either. To avoid a runtime error perhaps we should update the strategy to handle these with a proper error. What do you think?

[Hanspagh]

According to this https://developers.google.com/identity/protocols/OAuth2WebServer Google can return https://oauth2.example.com/auth?error=access_denied If the user does not approve the request, the response contains an error message. This could potentilly be the problem?

[danturn]

Hi there @doomspork, we're seeing the same exception infrequently, do you happen to know if it is a case of the user refusing the request as @Hanspagh suggests? im just wondering if it's safe to ignore! (happy to try and gather further logs if that would help)

Dan