OAuth authentication returning "Invalid State Token"

Troubleshooting
1

Summary

Trying to authenticate using OAuth but Mattermost returning “Invalid State Token”

Issue

Using Mattermost v4.10, oauth server returns access token {“access_token”:“c6e4db4d962d12974b79534f4b184bc5967217a4”,“token_type”:“Bearer”,“refresh_token”:“c75d76e8b23bb6ec0f0c568db925880f87a710e2”,“scope”:“api”,“created_at”:1528198820}
and looking at the mattermost logs I see the error below:
“[runtime error: invalid memory address or nil pointer dereference]”.

https://docs.mattermost.com/install/troubleshooting.html#panic-runtime-error-invalid-memory-address-or-nil-pointer-dereference - I haven’t changed anything with the database manually so not sure why I would be getting that error but if I refresh the page I get an Invalid State Token with the error below:

“GetOAuthStateToken: Invalid state token, SqlTokenStore.GetByToken: store.sql_recover.get_by_code.app_error, sql: no rows in result set”

Any idea on what I might be doing wrong?

1 Like
2

Can you provide the relevant information from this page? That will help us diagnose the problem.

4

Hi @milessmsith, can you help review this page and send over all relevant information which will help us diagnose the issue: https://docs.mattermost.com/process/support.html#general-questions-for-any-issues.

5

We run into the same issue:

What OS and version is the Mattermost server installed?
Linux 3.16.0-5-amd64 #1 SMP Debian 3.16.51-3+deb8u1
mysql version 5.7.21

What is your Mattermost server version?
5.5.1

Are you experiencing the issues with the browser webapp, if so which one?
No.

Are you experiencing the issues with the Mattermost Desktop App, if so what version and OS?
No.

Are you experiencing the issues with the Mattermost Mobile App, if so what version and OS?
Yes. Mattermost Beta 1.19.0

Can you send a snippet of the Mattermost server logs around the time of the incident?
Typically located in /opt/mattermost/logs.
{“level”:“error”,“ts”:1558958746.8256812,“caller”:“api4/oauth.go:492”,“msg”:“GetOAuthStateToken: Ungültiger Status-Token, SqlTokenStore.GetByToken: store.sql_recover.get_by_code.app_error, sql: no rows in result set”}

Are you running Mattermost in a container and/or using container orchestration?
No.

6

Hi @mschaaf, would you be open to testing if you can see the same issue on a more recent server version? Our current version is v5.11.

7

##
Error
Invalid state token
Back to Mattermost

We run into the same issue, can not login with gitlab

What OS and version is the Mattermost server installed?
macOs High Sierra
Mysql version 5.7 from docker

What is your Mattermost server version?
v5.16.0

Are you experiencing the issues with the browser webapp, if so which one?
Yes

Are you experiencing the issues with the Mattermost Desktop App, if so what version and OS?
Do not used desktop app

Are you experiencing the issues with the Mattermost Mobile App, if so what version and OS?
Do not used mobile app

Can you send a snippet of the Mattermost server logs around the time of the incident?
Typically located in mattermost.logs.
{“level”:“error”,“ts”:1571725851.538605,“caller”:“web/oauth.go:259”,“msg”:“GetOAuthStateToken: Invalid state token, SqlTokenStore.GetByToken: Unable to get a token with this code, sql: no rows in result set”}

Are you running Mattermost in a container and/or using container orchestration?
No.