No httponly with fast and react. Fast, React and httponly with Oauth2.

[Jensileus]

Select Topic Area

Question

Body

So first is my provider file, sice it works for my /mobile i havent added that. I use regular token for swiftapp.

`@oauth_router.get('/authorize')
async def authorize(request: Request, db_pool=Depends(get_db_pool)):
log_request_details(request) # Log request details
session = request.session
client_id = request.query_params.get('client_id') or session.get('client_id')
redirect_uri = request.query_params.get('redirect_uri') or session.get('redirect_uri')
code_challenge = request.query_params.get('code_challenge') or session.get('code_challenge')
code_challenge_method = request.query_params.get('code_challenge_method') or session.get('code_challenge_method', 'S256')
prompt = request.query_params.get('prompt')

logger.debug(f"--- /authorize (START) ---")
logger.debug(f"Session at start: {dict(request.session)}")  # Log session

# Ensure client_id and redirect_uri are present
if not client_id or not redirect_uri:
    logger.debug(f"Error: Missing client_id or redirect_uri")
    return HTMLResponse(content="Error: Missing client_id or redirect_uri", status_code=status.HTTP_400_BAD_REQUEST)

# Store parameters in session except 'prompt'
session['client_id'] = client_id
session['redirect_uri'] = redirect_uri
session['code_challenge'] = code_challenge
session['code_challenge_method'] = code_challenge_method
logger.debug(f"Stored in session: client_id={client_id}, redirect_uri={redirect_uri}, code_challenge={code_challenge}, code_challenge_method={code_challenge_method}")

# Fetch the integer ID of the client from the database
client_id_int = await get_client_id_integer(client_id, db_pool)
if client_id_int is None:
    logger.debug(f"Error: Invalid client_id")
    return HTMLResponse(content="Error: Invalid client_id", status_code=status.HTTP_400_BAD_REQUEST)

# Check if user is authenticated or if prompt=login
if 'user_id' not in session or prompt == 'login':
    logger.debug("User is not in session or prompt is 'login'")
    logger.debug(f"Redirecting to: /oauth/login?client_id={client_id}&redirect_uri={redirect_uri}")
    return RedirectResponse(url=f"/oauth/login?client_id={client_id}&redirect_uri={redirect_uri}")

# User is authenticated, generate and store the authorization code
user_id = session.get('user_id')
authorization_code = generate_token()
expires_at = datetime.utcnow() + timedelta(minutes=2)

# Save the authorization code in the database
await save_authorization_code(user_id, client_id_int, authorization_code, expires_at, code_challenge, code_challenge_method, db_pool)
logger.debug(f"Authorization code generated and saved for user_id: {user_id}")

# Redirect to the client's callback URI with the authorization code
logger.debug(f"Redirecting to: {redirect_uri}?code={authorization_code}")
logger.debug(f"Session before redirect: {dict(request.session)}")  # Log session before redirect
logger.debug(f"--- /authorize (END) ---")
return RedirectResponse(url=f"{redirect_uri}?code={authorization_code}")

@oauth_router.get('/login')
async def login_get(request: Request):
log_request_details(request) # Log request details
session = request.session
client_id = request.query_params.get('client_id') or session.get('client_id')
redirect_uri = request.query_params.get('redirect_uri') or session.get('redirect_uri')
code_challenge = request.query_params.get('code_challenge') or session.get('code_challenge')
code_challenge_method = request.query_params.get('code_challenge_method') or session.get('code_challenge_method', 'S256')
prompt = request.query_params.get('prompt')
logger.debug(f"/login: client_id={client_id}, redirect_uri={redirect_uri}, code_challenge={code_challenge}, code_challenge_method={code_challenge_method}, prompt={prompt}")

# Store parameters in session except 'prompt'
session['client_id'] = client_id
session['redirect_uri'] = redirect_uri
session['code_challenge'] = code_challenge
session['code_challenge_method'] = code_challenge_method

# Render login page, pass client_id and redirect_uri to template
return templates.TemplateResponse('login.html', {"request": request, "client_id": client_id, "redirect_uri": redirect_uri})

@oauth_router.get('/login')
async def login_get(request: Request):
logger.debug(f"--- /login (GET) (START) ---")
log_request_details(request) # Log request details
session = request.session
logger.debug(f"Session at start: {dict(request.session)}") # Log session at the beginning

client_id = request.query_params.get('client_id') or session.get('client_id')
redirect_uri = request.query_params.get('redirect_uri') or session.get('redirect_uri')
code_challenge = request.query_params.get('code_challenge') or session.get('code_challenge')
code_challenge_method = request.query_params.get('code_challenge_method') or session.get('code_challenge_method', 'S256')
prompt = request.query_params.get('prompt')

logger.debug(f"/login (GET): client_id={client_id}, redirect_uri={redirect_uri}, code_challenge={code_challenge}, code_challenge_method={code_challenge_method}, prompt={prompt}")

# Store parameters in session except 'prompt'
session['client_id'] = client_id
session['redirect_uri'] = redirect_uri
session['code_challenge'] = code_challenge
session['code_challenge_method'] = code_challenge_method
logger.debug(f"Stored in session: client_id={client_id}, redirect_uri={redirect_uri}, code_challenge={code_challenge}, code_challenge_method={code_challenge_method}")

# Render login page, pass client_id and redirect_uri to template
logger.debug(f"Session before rendering login page: {dict(request.session)}")
logger.debug(f"--- /login (GET) (END) ---")
return templates.TemplateResponse('login.html', {"request": request, "client_id": client_id, "redirect_uri": redirect_uri})

@oauth_router.post('/login')
async def login_post(request: Request, db_pool=Depends(get_db_pool)):
logger.debug(f"--- /login (POST) (START) ---")
log_request_details(request) # Log request details
session = request.session
logger.debug(f"Session at start: {dict(request.session)}") # Log session at the beginning

form_data = await request.form()
log_request_details(request, form_data)  # Log request details and form data

username = form_data.get('username')
password = form_data.get('password')
logger.debug(f"/login (POST): username={username}, password=********") # Don't log the actual password!

# Authenticate user
user = await authenticate_user(username, password, db_pool)
if user:
    # Store user_id and other necessary info in session
    session['user_id'] = user['id']
    session['city'] = user['city']
    logger.debug(f"User logged in: user_id={session['user_id']}, city={session['city']}")

    # Remove 'prompt' from session if it exists
    session.pop('prompt', None)
    logger.debug(f"Removed 'prompt' from session (if it existed)")

    # Retrieve client_id and redirect_uri from session
    client_id = session.get('client_id')
    redirect_uri = session.get('redirect_uri')
    logger.debug(f"Retrieved from session: client_id={client_id}, redirect_uri={redirect_uri}")

    # Redirect back to authorize endpoint with parameters
    redirect_url = f"/oauth/authorize?client_id={client_id}&redirect_uri={redirect_uri}"
    logger.debug(f"Redirecting to: {redirect_url}")
    logger.debug(f"Session before redirect: {dict(request.session)}")
    logger.debug(f"--- /login (POST) (END) ---")
    return RedirectResponse(
        url=redirect_url,
        status_code=status.HTTP_303_SEE_OTHER  # Use 303 See Other to change method to GET
    )
else:
    # Authentication failed
    logger.debug(f"Authentication failed for user: {username}")
    logger.debug(f"Session before rendering login page: {dict(request.session)}")
    logger.debug(f"--- /login (POST) (END) ---")
    return templates.TemplateResponse('login.html', {
        "request": request,
        "error": "Invalid credentials",
        "client_id": session.get('client_id'),
        "redirect_uri": session.get('redirect_uri')
    })

@oauth_router.get('/logout')
async def logout(request: Request):
logger.debug(f"--- /logout (START) ---")
session = request.session
logger.debug(f"Session at start: {dict(request.session)}")

# Clear the session to log the user out
session.clear()
logger.debug(f"Session cleared")

# Create a response object and clear the session cookie
response = RedirectResponse(url="/oauth/login")
response.delete_cookie('session')
logger.debug(f"Session cookie deleted")

logger.debug(f"--- /logout (END) ---")
return response

Configure logging

logging.basicConfig(level=logging.INFO)
logger = logging.getLogger(name)

@oauth_router.post('/token')
async def token(request: Request, db_pool=Depends(get_db_pool)):
logger.debug(f"--- /token (START) ---")
form_data = await request.form()
log_request_details(request, form_data) # Log request details and form data
grant_type = form_data.get('grant_type')

logger.info(f"Received /token request with grant_type: {grant_type}")

if grant_type == 'authorization_code':
    authorization_code = form_data.get('code')
    redirect_uri = form_data.get('redirect_uri')
    code_verifier = form_data.get('code_verifier')
    client_id = form_data.get('client_id')

    logger.debug(f"Authorization code: {authorization_code}")
    logger.debug(f"Redirect URI: {redirect_uri}")
    logger.debug(f"Code verifier: {code_verifier}")
    logger.debug(f"Client ID: {client_id}")

    client_id_int = await get_client_id_integer(client_id, db_pool)
    if client_id_int is None:
        logger.warning(f"Invalid client_id: {client_id}")
        return JSONResponse(content={'error': 'Invalid client_id'}, status_code=status.HTTP_400_BAD_REQUEST)

    try:
        auth_code_entry = await validate_authorization_code(authorization_code, client_id_int, code_verifier, db_pool)
        if not auth_code_entry:
            logger.warning(f"No authorization code found for: {authorization_code}")
            return JSONResponse(content={'error': 'Invalid authorization code'}, status_code=status.HTTP_400_BAD_REQUEST)
        
        logger.debug(f"Authorization code entry: {auth_code_entry}")

        if auth_code_entry['expires_at'] < datetime.utcnow():
            logger.warning(f"Expired authorization code for: {authorization_code}")
            return JSONResponse(content={'error': 'Expired authorization code'}, status_code=status.HTTP_400_BAD_REQUEST)

        user_id = auth_code_entry['user_id']
        client_name = await get_client_name(client_id_int, db_pool)

        logger.info(f"Generating tokens for user_id: {user_id}, client: {client_name}")

        access_token = await create_id_token(user_id, client_name, db_pool)
        refresh_token = generate_token()
        expires_in = 15 * 60  # 15 minutes
        refresh_expires_in = 60 * 60 * 24 * 14  # 2 weeks

        await store_tokens(user_id, client_id_int, access_token, refresh_token, expires_in, refresh_expires_in, db_pool)
        logger.debug(f"Tokens stored for user_id: {user_id}")

        await delete_authorization_code(authorization_code, db_pool)
        logger.debug(f"Authorization code deleted for: {authorization_code}")

        response = JSONResponse(content={
            'access_token': access_token,
            'expires_in': expires_in
        })
        
        response.set_cookie(
            'refresh_token',
            refresh_token,
            httponly=True,
            secure=True,
            samesite="Lax",
            max_age=refresh_expires_in,
            path='/',
            domain='.xx.xx'  # Add domain attribute
        )
        logger.info(f"Set-Cookie header: {response.headers['set-cookie']}")
        logger.debug(f"--- /token (END) ---")
        return response

    except Exception as err:
        logger.error(f"Error in /token endpoint: {err}", exc_info=True)  # Log the full traceback
        return JSONResponse(content={'error': 'Server error'}, status_code=status.HTTP_500_INTERNAL_SERVER_ERROR)

logger.warning(f"Unsupported grant type: {grant_type}")
return JSONResponse(content={'error': 'Unsupported grant type'}, status_code=status.HTTP_400_BAD_REQUEST)

@oauth_router.post('/token/refresh')
async def token_refresh(request: Request, db_pool=Depends(get_db_pool)):
logger.debug(f"--- /token/refresh (START) ---")
log_request_details(request) # Log request details
logger.debug(f"Cookies received: {request.cookies}")
logger.debug(f"Headers received: {request.headers}")

refresh_token = request.cookies.get('refresh_token')
if not refresh_token:
    logger.error("No refresh token found in cookies")
    return JSONResponse(
        content={'error': 'No refresh token found'},
        status_code=status.HTTP_401_UNAUTHORIZED
    )

form_data = await request.form()
log_request_details(request, form_data)  # Log form data as well
client_id = form_data.get('client_id')
if not client_id:
    logger.error("No client_id provided in form data")
    return JSONResponse(
        content={'error': 'client_id is required'},
        status_code=status.HTTP_400_BAD_REQUEST
    )

client_id_int = await get_client_id_integer(client_id, db_pool)
if client_id_int is None:
    logger.error(f"Invalid client_id: {client_id}")
    return JSONResponse(
        content={'error': 'Invalid client_id'},
        status_code=status.HTTP_400_BAD_REQUEST
    )

try:
    token_entry = await validate_refresh_token(refresh_token, db_pool)

    if not token_entry:
        logger.error(f"No refresh token found in DB: {refresh_token}")
        return JSONResponse(content={'error': 'Invalid refresh token'}, status_code=status.HTTP_400_BAD_REQUEST)

    logger.debug(f"Refresh token entry: {token_entry}")

    if token_entry['refresh_expires_at'] < datetime.utcnow():
        logger.error(f"Expired refresh token: {refresh_token}")
        return JSONResponse(content={'error': 'Expired refresh token'}, status_code=status.HTTP_400_BAD_REQUEST)

    user_id = token_entry['user_id']
    client_name = await get_client_name(client_id_int, db_pool)
    logger.debug(f"User ID from refresh token: {user_id}")
    logger.debug(f"Client name from refresh token: {client_name}")

    new_access_token = await create_id_token(user_id, client_name, db_pool)
    new_refresh_token = generate_token()
    expires_in = 15 * 60  # 15 minutes
    refresh_expires_in = 60 * 60 * 24 * 14  # 2 weeks

    await store_tokens(user_id, client_id_int, new_access_token, new_refresh_token, expires_in, refresh_expires_in, db_pool)
    logger.debug(f"New tokens stored for user_id: {user_id}")

    await delete_refresh_token(refresh_token, db_pool)
    logger.debug(f"Old refresh token deleted: {refresh_token}")

    response = JSONResponse(content={
        'access_token': new_access_token,
        'expires_in': expires_in
    })

   
    logger.debug(f"Setting refresh_token cookie: refresh_token={new_refresh_token}, httponly=True, secure=True, samesite='Lax', max_age={refresh_expires_in}, path='/', domain='.xx.xx'")

    response.set_cookie(
        'refresh_token',
        new_refresh_token,
        httponly=True,
        secure=True,
        max_age=refresh_expires_in,
        path='/',
        samesite="Lax",
        domain='.xx.xx'
    )

    # Log the Set-Cookie header
    logger.info(f"Set-Cookie header: {response.headers['set-cookie']}")

    logger.debug("Successfully refreshed tokens")
    logger.debug(f"--- /token/refresh (END) ---")
    return response

except Exception as err:
    logger.error(f"Error during token refresh: {err}", exc_info=True)
    return JSONResponse(
        content={'error': 'Server error'},
        status_code=status.HTTP_500_INTERNAL_SERVER_ERROR
    )`  And here is the settings for cors eg. in the main file: `# Add CORS Middleware

app.add_middleware(
CORSMiddleware,
allow_origins=["https://dev.xx.xx", "https://web.xx.xx"],
allow_credentials=True,
allow_methods=[""],
allow_headers=[""],
expose_headers=["set-cookie"]

)

Add Session Middleware

app.add_middleware(
SessionMiddleware,
secret_key=Config.SECRET_KEY,
session_cookie="session",
same_site="Lax",
https_only=True,
)`

And last is my authcontext and my callback in React:```
import React, { createContext, useState, useContext, useEffect } from 'react';
import { useDispatch } from 'react-redux';
import { setAuthToken, clearAuthToken } from '../features/auth/authSlice';

const AuthContext = createContext();

export const AuthProvider = ({ children }) => {
const [authTokens, setAuthTokens] = useState(null);
const [isLoading, setIsLoading] = useState(true);
const dispatch = useDispatch();

useEffect(() => {
const loadTokens = async () => {
const storedTokens = sessionStorage.getItem('authTokens');
console.log('Loading tokens from sessionStorage:', storedTokens);

  if (storedTokens) {
    try {
      const parsedTokens = JSON.parse(storedTokens);
      if (parsedTokens && parsedTokens.access_token) {
        const expiresAt = new Date(parsedTokens.expires_at);
        const now = new Date();
        const refreshThreshold = 30 * 1000; // Refresh 30 seconds before expiry

        // Check if the token is nearing expiry or has expired
        if (expiresAt - now <= refreshThreshold) {
          console.log('Access token nearing expiry or expired. Refreshing...');
          await refreshTokens();
        } else {
          console.log('Access token still valid.');
          dispatch(setAuthToken(parsedTokens.access_token));
          setAuthTokens(parsedTokens);

          const refreshInterval = expiresAt - now - refreshThreshold;
          console.log('Next refresh scheduled in (ms):', refreshInterval);
          setTimeout(refreshTokens, refreshInterval);
        }
      }
    } catch (error) {
      console.error('Failed to parse tokens from sessionStorage', error);
    }
  } else {
    console.log('No tokens found in sessionStorage.');
  }
  setIsLoading(false);
};

loadTokens();

}, [dispatch]);

const setTokens = (data) => {
console.log('Received data:', data);

try {
  const expiresAt = Date.now() + data.expires_in * 1000;
  const accessTokenData = {
    access_token: data.access_token,
    expires_at: expiresAt,
  };
  setAuthTokens(accessTokenData);
  sessionStorage.setItem('authTokens', JSON.stringify(accessTokenData));

  if (data.access_token) {
    dispatch(setAuthToken(data.access_token));
  }

  // Set refresh to trigger after 1 minute (for testing)
  const refreshInterval = 60 * 1000; // 1 minute (for testing)
  // const refreshInterval = 13 * 60 * 1000; // 13 minutes (for production) -- remember this
  setTimeout(refreshTokens, refreshInterval);

  console.log('Expires at:', new Date(expiresAt).toString());
  console.log('Current time:', new Date().toString());
} catch (error) {
  console.error('Failed to set tokens:', error);
}

};

const clearTokens = () => {
console.log('Clearing tokens.');
setAuthTokens(null);
sessionStorage.removeItem('authTokens');
dispatch(clearAuthToken());
};

const refreshTokens = async () => {
console.log('Trying to refresh token');
try {
const response = await fetch('https://xx.xx.xx/oauth/token/refresh', {
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
},
credentials: 'include',
body: new URLSearchParams({
client_id: 'webapp',
}),
});

  if (response.ok) {
    const data = await response.json();
    console.log('Token refresh response data:', data);

    dispatch(setAuthToken(data.access_token));

    const expiresAt = Date.now() + data.expires_in * 1000;
    const accessTokenData = {
      access_token: data.access_token,
      expires_at: expiresAt,
    };
    setAuthTokens(accessTokenData);
    sessionStorage.setItem('authTokens', JSON.stringify(accessTokenData));

    // Schedule next refresh after 1 minute (for testing)
    const refreshInterval = 60 * 1000; // 1 minute (for testing)
    // const refreshInterval = 14 * 60 * 1000; // 14 minutes (for production)
    setTimeout(refreshTokens, refreshInterval);

    console.log('Token refreshed successfully at:', new Date().toLocaleTimeString());
  } else {
    console.error('Failed to refresh token', response.status, response.statusText);
    const errorData = await response.json(); // Try to get error details from the response
    console.log('Token refresh response:', response, 'Error details:', errorData);

    if (response.status === 400 || response.status === 401) {
      // Handle 400/401 errors (e.g., redirect to login)
      clearTokens();
    } else if (response.status >= 500) {
      // Handle server errors (e.g., retry after a delay)
      console.error('Server error during token refresh. Retrying...');
      setTimeout(refreshTokens, 5000); // Retry after 5 seconds (adjust as needed)
    } else {
      // Handle other errors
      console.error('Unhandled error during token refresh.');
    }
  }
} catch (error) {
  console.error('Error refreshing token:', error);
  if (error instanceof TypeError && error.message === 'Failed to fetch') {
    // Handle network errors (e.g., server unreachable)
    console.error('Network error during token refresh. Retrying...');
    setTimeout(refreshTokens, 5000); // Retry after 5 seconds
  } else {
    // Handle other errors
    clearTokens();
  }
}

};

return (
<AuthContext.Provider value={{ authTokens, isLoading, setAuthTokens: setTokens, clearTokens }}>
{children}
</AuthContext.Provider>
);
};

export default AuthProvider;
export const useAuth = () => useContext(AuthContext);
``` And here is the callback: `import React, { useEffect } from 'react';
import { useNavigate, useLocation } from 'react-router-dom';
import { useAuth } from '../context/AuthContext';

export default function Callback() {
const navigate = useNavigate();
const location = useLocation();
const { setAuthTokens } = useAuth();

useEffect(() => {
const fetchTokens = async () => {
const query = new URLSearchParams(location.search);
const authorizationCode = query.get('code'); // Get the authorization code from the URL
const codeVerifier = localStorage.getItem('code_verifier');

  if (authorizationCode && codeVerifier) {
    // Send the authorization code and code verifier to your backend
    const clientId = 'dev'; // Same as used in Login component

    try {
      const response = await fetch('https://xx.xx.xx/oauth/token', {
        method: 'POST',
        headers: {
          'Content-Type': 'application/x-www-form-urlencoded',
        },
        body: new URLSearchParams({
          grant_type: 'authorization_code',
          code: authorizationCode,
          redirect_uri: 'https://xx.xx.xx/callback',  
          code_verifier: codeVerifier,  // Include the code verifier
          client_id: clientId, // Include client_id here
        }),
      });

      const data = await response.json();
      if (data.access_token) { // Only check for access_token
        // Store the tokens in AuthContext (refresh token will be in cookie)
        setAuthTokens(data);

        // Redirect to the main application after storing the tokens
        navigate('/main');
      } else {
        console.error('Error during token exchange: Access token not received.');
        navigate('/');
      }
    } catch (error) {
      console.error('Error during token exchange:', error);
      navigate('/');
    }
  } else {
    console.error('Authorization code or code verifier not found.');
    navigate('/');
  }
};

fetchTokens();

}, []); // Add an empty dependency array to ensure it runs only once

return

Loading...

;
}
` But we do not get the httponly: DEBUG:oauth_provider:Request Query Params:
DEBUG:oauth_provider:Cookies received: {'session': 'eyJjbGllbnRfaWQiOiAiZGV2IiwgInJlZGlyZWN0X3VyaSI6ICJodHRwczovL2Rldi5maXhpLm9uZS9jYWxsYmFjayIsICJjb2RlX2NoYWxsZW5nZSI6ICJxMVU2UEJjVjNuRHRCaS1fTUFNUEMzNi11emJKVFI4dnV0QzFJXzFPQjZjIiwgImNvZGVfY2hhbGxlbmdlX21ldGhvZCI6ICJTMjU2IiwgInVzZXJfaWQiOiAzLCAiY2l0eSI6ICJTa2llbiJ9.Z4foGg.SKuPNCeR1wzkzSVPYcokir4SEsg'}
DEBUG:oauth_provider:Headers received: Headers({'via': '1.1 kong/3.9.0.0-enterprise-edition', 'host': '193.69.47.207:5000', 'connection': 'keep-alive', 'x-forwarded-for': '82.148.179.117, 162.158.222.101, 127.0.0.1', 'x-forwarded-proto': 'https', 'x-forwarded-host': 'xx.xx.one', 'x-forwarded-port': '8443', 'x-forwarded-path': '/oauth/token/refresh', 'x-real-ip': '127.0.0.1', 'x-kong-request-id': '82ad823fa38ad22e7ceac84ffe4b0477', 'content-length': '16', 'cf-ray': '902763bddbf2b50b-OSL', 'cookie': 'session=eyJjbGllbnRfaWQiOiAiZGV2IiwgInJlZGlyZWN0X3VyaSI6ICJodHRwczovL2Rldi5maXhpLm9uZS9jYWxsYmFjayIsICJjb2RlX2NoYWxsZW5nZSI6ICJxMVU2UEJjVjNuRHRCaS1fTUFNUEMzNi11emJKVFI4dnV0QzFJXzFPQjZjIiwgImNvZGVfY2hhbGxlbmdlX21ldGhvZCI6ICJTMjU2IiwgInVzZXJfaWQiOiAzLCAiY2l0eSI6ICJTa2llbiJ9.Z4foGg.SKuPNCeR1wzkzSVPYcokir4SEsg', 'accept-encoding': 'gzip, br', 'cf-ipcountry': 'NO', 'priority': 'u=1, i', 'accept-language': 'nb-NO,nb;q=0.9,no;q=0.8,nn;q=0.7,en-US;q=0.6,en;q=0.5,sv;q=0.4', 'cf-visitor': '{"scheme":"https"}', 'referer': 'https://xx.xx.one/', 'sec-fetch-dest': 'empty', 'cf-connecting-ip': '82.148.179.117', 'sec-fetch-mode': 'cors', 'sec-fetch-site': 'same-site', 'cdn-loop': 'cloudflare; loops=1', 'sec-ch-ua-platform': '"macOS"', 'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36', 'sec-ch-ua': '"Google Chrome";v="131", "Chromium";v="131", "Not_A Brand";v="24"', 'content-type': 'application/x-www-form-urlencoded', 'sec-ch-ua-mobile': '?0', 'accept': '/', 'origin': 'https://xx.xx.xx'})
ERROR:oauth_provider:No refresh token found in cookies
INFO: 193.69.47.207:37490 - "POST /oauth/token/refresh HTTP/1.1" 401 Unauthorized

[github-actions[bot]]

🕒 Discussion Activity Reminder 🕒

This Discussion has been labeled as dormant by an automated system for having no activity in the last 60 days. Please consider one the following actions:

1️⃣ Close as Out of Date: If the topic is no longer relevant, close the Discussion as out of date at the bottom of the page.

2️⃣ Provide More Information: Share additional details or context — or let the community know if you've found a solution on your own.

3️⃣ Mark a Reply as Answer: If your question has been answered by a reply, mark the most helpful reply as the solution.

Note: This dormant notification will only apply to Discussions with the Question label. To learn more, see our recent announcement.

Thank you for helping bring this Discussion to a resolution! 💬