Greetings everyone, I have determined the cause of this bug. It is due to a change in the way *flask-pyoidc* handles session refresh. A new key, *last_session_refresh*, was added to the session cookie and is now used to determine when an auth token needs to be refreshed. Users who have logged in before this latest deployment are missing this value from their session cookie. *flask-pyoidc* handles these cases incorrectly, marking these users who are missing this value as not needing a session refresh at all and thus the API will reject those requests with an "expired token" error without any automatic remedy.
You should not encounter this issue again once you have followed the instructions of signing out and back in again! There is no need to contact me regarding this issue unless you are experiencing it despite taking the steps outlined in the original thread. Zeid On Fri, Mar 6, 2020 at 4:09 PM Zeid Zabaneh <z...@mozilla.com> wrote: > Greetings everyone, > > A new version of Lando was deployed yesterday around 5:15 PM UTC. This > release included a major version update to the authentication packages, as > well as some API changes in order to support those updates. Those updates > seem to have caused the issue below, and I am looking into whether this > issue is a temporary bug or a more persistent one. > > There have been a few reports of users getting this: > >> Lando API returned an unexpected error >> >> Appropriate token is expired >> > > This bug should affect you if you are trying to navigate to a *revision > stack page that contains multiple stacks*, or if you are trying to *land > a stack*. > > If you encounter this error, please log out of Lando, navigate back to > https://lando.services.mozilla.com/, and log back in again. This should > resolve the issue. > > If you encounter this issue again, some time after you have taken the > steps above and have been able to successfully use Lando, please notify me > by replying to this thread. > > Sorry for the disruption! > > Happy weekend! > > -- Zeid > > PS & PPS > > - If you have encountered this error in the distant past (i.e. prior > to yesterday) or outside of the criteria above, please send me a note. > - If you've used Lando since noon UTC yesterday, and have not > experienced any issues trying to view multiple stacks or land stacks, I'd > appreciate a quick note. > > _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
