Undefined refresh token

hayriye · September 22, 2022, 5:28pm

Hello,

I can’t get a refresh token. It returns undefined.

Thank you!

import NextAuth from 'next-auth'
import OktaProvider from 'next-auth/providers/okta'
import axios from 'axios'


/**
 * Takes a token, and returns a new token with updated
 * `accessToken` and `accessTokenExpires`. If an error occurs,
 * returns the old token and an error property
 */
async function refreshAccessToken(token) {
  try {
    const OKTA_ISSUER = process.env.OKTA_ISSUER
    const url = new URL(`${OKTA_ISSUER}/v1/token`)
    url.searchParams.set('client_id', process.env.OKTA_CLIENT_ID)
    url.searchParams.set('client_secret', process.env.OKTA_CLIENT_SECRET)
    url.searchParams.set('grant_type', 'refresh_token')
    url.searchParams.set('refresh_token', token.refreshToken)

    const response = await fetch(url, {
      headers: {
        'Content-Type': 'application/x-www-form-urlencoded',
        'Cache-Control': 'no-cache',
        'Authorization': `Bearer ${token.id}`
      },
      method: 'POST'
    })

    const refreshedTokens = await response.json()

    if (!response.ok) {
      throw refreshedTokens
    }

    return {
      ...token,
      accessToken: refreshedTokens.access_token,
      accessTokenExpires: Date.now() + refreshedTokens.expires_at * 1000,
      refreshToken: refreshedTokens.refresh_token ?? token.refreshToken // Fall back to old refresh token
    }
  } catch (error) {
    console.log(error)

    return {
      ...token,
      error: 'RefreshAccessTokenError'
    }
  }
}

export const authOptions ={
  // Configure one or more authentication providers
  providers: [
    OktaProvider({
      clientId: process.env.OKTA_CLIENT_ID,
      clientSecret: process.env.OKTA_CLIENT_SECRET,
      issuer: process.env.OKTA_ISSUER
    })
    // ...add more providers here
  ],
  callbacks: {
    async session({ session, token }) {
      session.id = token.id
      session.user = token.user
      // Add header to axios.
      axios.defaults.headers.common.Authorization = `Bearer ${token.id}`
      return session
    },
    async jwt({ token, user, account }) {
      // Initial sign in
      if (account && user) {
        token.id = account.id_token 
        return {
          id: account.id_token,
          accessToken: account.access_token,
          accessTokenExpires: Date.now() + account.expires_at * 1000,
          refreshToken: account.refresh_token,
          user
        }
      }
      
      // Return previous token if the access token has not expired yet
      if (Date.now() < token.accessTokenExpires) {
        return token
      }

      // Access token has expired, try to update it
      return refreshAccessToken(token)
    }
  },
  jwt: {
    encryption: false
  }
}

export default NextAuth(authOptions)

hayriye · September 22, 2022, 8:32pm

Should I need to pass the scope parameters as params to get refresh token?

scope=offline_access openid profile

andrea · September 30, 2022, 8:51pm

Yup, you need to add the offline_access scope to your /authorize request to get a refresh token back, but also double check that the app is configured to support the “Refresh token” grant type, otherwise you won’t get one back even if you request it.

hayriye · September 30, 2022, 9:06pm

Thank you @andrea I have already done that and I am now able to get refresh tokens.

system · October 1, 2022, 9:06pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.

Post		Replies	Views
Requesting refresh-token OAuth/OIDC api , nodejs	7	4355	January 18, 2024
Unable to retrieve refresh_token OAuth/OIDC	2	5998	August 3, 2017
Using refresh token to get new access token in Node Questions	2	5081	September 18, 2019
Not able to get accessToken after login redirect, but able to get it if refresh the page OAuth/OIDC	1	2854	February 12, 2024
How to get OpenID Connect auth code and refresh token OAuth/OIDC	7	9299	June 15, 2017

Undefined refresh token

Related topics