Authorize / De-Authorize loop

[JulianTillmann]

Hello,

I'm stuck in an authorize / deauthorize loop.

If I'm trying to authorize, I should deauthorize, but if I try to do that I'm getting that it's not authorized :-/

[bcarmo-dev]

The same happened to me in the past. Are you using your own backend or the public backend ?

[JulianTillmann]

@bcarmo-dev public backend. did you manage to solve it?

[bcarmo-dev]

@JulianTillmann Yes, but I was using my own backend. What I noticed that happened is that the first time that I tried to authorize the app, something went wrong with the http requests and it didn't create the .objidninja file in my repo with the authKey, but in the backend that authKey was stored. So I ended up getting stuck in the same loop as you. But since it was my own backend, I just deleted the blob storage file and did the process again.

In this scenario I don't know how to solve it or even if it was the same situation.

[mrabus]

I'm also facing this issue - I can neither authorize nor deauthorize. We use the public API

[JulianTillmann]

@vjekob do you have any tipps on how to handle this?

[vjekob]

This definitely has nothing to do with public/private back-end. They are the same, just different endpoint URLs.

What would really help is if you can send me the SHA of your app, then I can see what happened to it. Without that, I am in the dark.

[tscottjendev]

I'm having a similar problem except when I authorize the app I don't ever get the .objidconfig file. This is an app in a multi-root workspace.

[mrabus]

@vjekob Where do I find the SHA of my app? I guess it is not the app ID, isn't it?

[CarloAxians]

Hi @vjekob We are facing the same problem. It is a multi-root workspace with 2 projects. Because of the issue mentioned in #43 I opened the first one directly and this one works fine. I open the second one and there it fails, because of the error that it is already authorized. When I try to deauthorize I get the error that it's not authorized. How can I solve this?

[vjekob]

The issue #43 seems to have been the same as #39 which has been resolved in 2.9.2 that I have released earlier tonight.

I am not sure it will solve your problems, but can you please try updating Ninja and then trying again? Maybe it will work.

If it doesn't work, then I can only propose that I deauthorize the apps. For that, either send me the raw App IDs from app.json as a private message to my Twitter account (@vjekob) or send me the app ID SHA (it's included with every message in Ninja output, at least when verbose logging is enabled in settings):

I'll keep this issue open for a while, but since I can't repeat the problem, unless somebody provides me with steps how I can repeat this problem, I'll have to close this issue eventually.

[vjekob]

It seems to me that the only way to end in the scenario described in the issue description is when this is shown:

This occurs when some user authorizes an app on a given branch "A", and you currently work on another branch "B", where "B" has not changes from "A" integrated yet. Typically, somebody authorizes an app, then never pushes the branch and never creates a PR to merge that into master.

Testing this and going through code, I couldn't identify any other reason for this.

What I have detected sometimes is that instead of "Invalid authorization" the status can read "Unauthorized" in which case switching between different AL files, or restarting VS Code, gets it back into "Invalid authorization". The only problem with showing "Unauthorized" is that the tooltip is not informative enough. However, if you however over the "Invalid authorization" tooltip, it will always tell you exactly what the problem is.

One last comment to this, I have had this reported to me by twitter, and it always turned out to be some developer authorizing an app on a branch, and then either deleting that branch or not merging it.

I am now closing this issue with the following comments:

• Whenever you are authorizing the app, please read the documentation first if you are not sure what exactly you are doing and what the consequences will be
• Whenever you are authorizing the app, please always make sure to merge it into the master branch and that all developers on your team get .objidconfig into their local branches/repos as soon as possible.
• If you get stuck because of not following these two points above, reach out to me on twitter at @vjekob and I'll handle this for you in the back end
• If you have a suggestion on how to allow people to unauthorize previously ("accidentally" or incompletely) authorized apps without actual access to latest valid .objidconfig, share your idea here as a new issue, and I'll implement it as a feature.