redwood: Magic Auth - Admin SDK Error

@jtoar yes the two issues I mentioned above have been resolved and we aren’t seeing them on 1.0.0. Not sure about the original issue @sean-brydon opened, but my read of that was there was probably a token mismatch issue at play.

@thedavidprice tracked down the issue with magic link token expiry here: https://github.com/redwoodjs/redwood/pull/4956

Thanks @shahbaz17 for picking this up so we can have an update ahead of v1.0

Error:

api | 22:33:13 🚨 graphql-server Error building context. Error: Exception in getAuthenticationContext: Magic Admin SDK Error: [ERROR_INCORRECT_SIGNER_ADDR] Incorrect signer address for DID Token. Request failed authentication.

I have installed the Magic Link auth provider and I am getting this error whenever the user signs in… Can someone point me in the right direction?

Hey @sean-brydon

I am Shahbaz, one of the Dev Advocates @Magic and I have worked on updating the Magic Auth implementation here at RedwoodJS.

Before starting the PR to fix this, can you please confirm the following:

• Are you using the PUBLISHABLE API KEY and SECRET KEY from the same application?

Thanks

@thedavidprice I bumped versions and still seeing the instrument.js:109 Error: Magic RPC Error: [-32603] Internal error: User denied account access.

Thanks, all!

@dthyresson looping you in here because no maintainer was assigned. Please do hand on if/as needed.

Not sure if this is the best place to document this, but given that you’re planning on that audit figured I’d share what I’m seeing.

Token refresh issues (has been happening consistently since 0.39.4) and still issue in latest version

We are running into the following error on our API server whenever a page is left idle in our web app for longer than 15 minutes followed by an additional request being made from the web app page. Refreshing the page fixes things, so my guess is there is some issue with DID token rotation in the client since it expires every 15 minutes

Error building context. Error: Exception in getAuthenticationContext: 
Magic Admin SDK Error: [ERROR_DIDT_EXPIRED] DID Token has expired. Request failed authentication.

User denied account access when calling mutation with skipAuth directive

Tried upgrading to the latest Redwood version in hopes that above issue would be fixed. Previously had no issues with this mutation prior to upgrade. Hitting the following error when trying to call a mutation (with skipAuth directive) where a session refresh error is thrown when running the mutation. Not seeing any logs on the server for the call

instrument.js:109 Error: Magic RPC Error: [-32603] Internal error: User denied account access.
    at new ApolloError (index.js:29:1)
    at Object.error (QueryManager.js:137:1)
    at notifySubscription (module.js:137:1)
    at onNotify (module.js:176:1)
    at SubscriptionObserver.error (module.js:229:1)
    at Object.error (asyncMap.js:32:1)
    at notifySubscription (module.js:137:1)
    at onNotify (module.js:176:1)
    at SubscriptionObserver.error (module.js:229:1)
    at iteration.js:4:1
    at Array.forEach (<anonymous>)
    at iterateObserversSafely (iteration.js:4:1)
    at Object.error (Concast.js:36:1)
    at notifySubscription (module.js:137:1)
    at onNotify (module.js:176:1)
    at SubscriptionObserver.error (module.js:229:1)

Magic’s documentation says that error code is Internal JSON-RPC error. These can manifest as different generic issues (i.e.: attempting to access a protected endpoint before the user is logged in).