Error retrieving the token

Hi, @Reapers59

You are welcome. Moving along with the updates you shared.

Point 1

You can check the version of Mattermost that you are running on if through the UI (About Mattermost) or from the backend using mattermost version CLI. For example:

ahmaddanial@mattermost:/opt/mattermost$ ./bin/mattermost version
...
...
Version: 5.26.0
Build Number: 5.26.1
Build Date: Tue Aug 25 22:21:22 UTC 2020
Build Hash: dd2f8185dbd9925b25e838cc4f6b12a92a074dec
Build Enterprise Ready: true
DB Version: 5.26.0

Point 2

In this case, it seems that the problem is not constantly reproducible. So, we need to find out under what circumstances does it occur specifically since “unlucky” might not be enough to pin point the root cause.

Point 3

Based on the log snippet you provided, we have 2 different errors that are highlighted:

  • The provided authorization grant is invalid, expired, revoked, does not match the redirection URI used in the authorization request, or was issued to another client
  • Error getting access token from DB before deletion (I don’t see how this is directly related to the issue since it is calling the /api/v4/users/logout API but just putting it here in case we need to dig into it further)

After performing some research, the first error relates to a topic raised before in the forum - Mattermost Gitlab oauth problem - which in turn relates to the websockets that was switched off on the proxy level (in this example, NGINX).

Therefore, may I know if you have any proxy configured on your Mattermost and how the configuration is like? Did you configure according to the documentation if you are using NGINX?

Else, can you share which documentation you referred to when configuring it?

Another point that I would like to check is whether the issue continues to persist if you clear off every session logged in for the affected accounts. If you have the chance to log in without facing the error message on the desktop / web browser, navigate to Account Settings > Security > View and Log Out of Active Sessions and log out from all the sessions that was logged in before.

If you have access to the database, you should be able to confirm that all sessions are cleared by running the following command:

SELECT u.Email, s.Token, s.DeviceId, s.Props FROM Sessions AS s LEFT JOIN Users AS u ON s.UserId = u.Id WHERE u.Email = "<email>";

This command should return zero results if all sessions are cleared. Attempt to log in again after that to observe if the issue continues to persist.

1 Like