"token invalid" when attempting to connect to google account
I believe I've set everything up correctly.
Running in k8s (from github YAML, with modifications).
I have enabled
.../auth/userinfo.email, .../auth/userinfo.profile, openid, .../auth/calendar.events and ../auth/gmail.readonly in Google cloud console.
When I try to log in, it sends me to google, where I authorise Twenty, then it shows a Cloudflare server error and in the server logs I see:
When I look at my granted Third-party apps & services here https://myaccount.google.com/u/2/connections, I don't see Twenty mentioned.
What might I be doing wrong?10 Replies
Envvars:
Hi @Malcolm Holmes , sorry for this huge delay. Do you still need help here?
Hi, yes, we'd still like to evaluate Twenty, and this would unblock us.
@Raphaël could you take this one? 🙏
@martmull
https://github.com/twentyhq/twenty/commit/2abb6adb6145695679339e93fbac846f407d2ad9#diff-d83cdb3744fe86004d6a4db4cff368f5bca699330574e489545b1bce02ea6ca8R27 -> think we do not use the proper exceptionFilter
GitHub
Build exceptions and handler (#6459) · twentyhq/twenty@2abb6ad
Adding exceptions and handler for auth services.
Tested with:
- Workspace creation
- Workspace signup
- Workspace invitation
- Reset password
- Adding email account
- Impersonation
---------
Co-...
restApiExceptionFilter should only be used for bearer token connection
@thomast
The error is overridden in
packages/twenty-server/src/engine/core-modules/jwt/services/jwt-wrapper.service.ts line 81 throw new AuthException(
'Token invalid.',
AuthExceptionCode.UNAUTHENTICATED,
);
We should modify this to pass the correct error message, otherwise it is impossible to debug correctly
@Malcolm Holmes did you set up your callback urls correctly and authorized them in the cloud console?I think so. They are in the envvars and shown in the console.
I think it was under the "consent" screen, would have to take another look.
Keep us posted 🙂