2

So i'm running into a problem I suspect I shouldn't be having and having tried several things i'm seemingly at an impasse.

I am trying to integrate LinkedIn login with Stormpath and it seems the accounts get created and technically the user is logged in, the application does return one of two errors: "Token is invalid" or "Invalid state token provided."

I checked my id and secret several times and the authorized callback urls etc but I'm not sure where else to actually check, some help would be appreciated.

To try further I did in fact clone https://github.com/stormpath/stormpath-express-react-example and run it, and everything else works fine but again LinkedIn login on this app doesn't work so I suspect its not my code (maybe, after years of coding I'm never really comfortable saying its not my code, but there you have it).

I have attached the screenshot of things in case my now very tired eyes are missing something. Can someone point me to my mistake please?

enter image description hereenter image description here

Omar Mir
  • 1,500
  • 1
  • 19
  • 39
  • I tried replicating this and had troubles figuring it out, as I'm getting it to work from the example project. However, we're more than happy to jump in a call with you and get this figured out. Can you please email support@stormpath.com so we can schedule some time to get this figured out? Thanks! – Edward Jiang May 04 '16 at 20:08
  • @EdwardJiang I basically cloned the git repo, did a quick npm install, and then npm start; nothing different, no code changes - I put into the stormpath.yml file the credentials. If you have a gitlab account I can share the code with you (the repo is private) or would you know where to even start investigating? – Omar Mir May 04 '16 at 20:12
  • The error that you're getting could be because (1) the react app isn't redirecting to LinkedIn with a state parameter, (2) the react app isn't setting the state cookie before the redirection, or (3) LinkedIn isn't sending back the state parameter correctly, or (4) the react app isn't reading the state cookie properly. You could try clicking on the link, not doing anything on the LinkedIn page, and seeing if there's a `oauthStateToken` cookie and if it matches the query parameter on LinkedIn's page. – Edward Jiang May 04 '16 at 20:13
  • But if you're free right now, feel free to give me a call on Google Hangouts; my email is edward@stormpath.com. I'm not sure sharing code will help since I'd be using the exact same sample project. – Edward Jiang May 04 '16 at 20:14
  • Unfortunately I cannot call right now BUT I will first investigate your previous comment, if not I'll try to give you a call on hangouts, should be in front of my code in just a about an hour. Out of curiosity if the stateToken and query parm don't match - how would I go about diagnosing why and the fixing it? – Omar Mir May 04 '16 at 20:20
  • I'm not sure why they wouldn't match, but those are the reasons why you'd get an error. I'm wondering if there's some specific configuration, environment, or browser that this bug surfaces in, which would be faster to figure out in a call =] – Edward Jiang May 04 '16 at 20:23
  • I will call ASAP (say 30ish mins) – Omar Mir May 04 '16 at 20:34
  • Let us [continue this discussion in chat](http://chat.stackoverflow.com/rooms/111052/discussion-between-edward-jiang-and-omar-mir). – Edward Jiang May 04 '16 at 21:29

1 Answers1

1

For reference, Omar and I looked through this problem and realized that his server was not running ntp, and the clock was running fast.

This meant that the signed token request generated by Stormpath's Express integration was sent to Stormpath's REST API with a different valid time interval than expected, and thus failed validation.

We fixed it by installing ntp and syncing the server's time.

Edward Jiang
  • 2,403
  • 18
  • 13