Concurrent authenticate_request calls result in signed-out status. #78
Comments
|
BTW, the exact error message I get is: RequestState(status=<AuthStatus.SIGNED_OUT: 'signed-out'>, reason=<TokenVerificationErrorReason.TOKEN_INVALID_AUTHORIZED_PARTIES: ('token-invalid-authorized-parties', 'Authorized party claim (azp) does not match any of the authorized parties.')>, token=None, payload=None). Whilst the other request succeeds with a signed-in status. If I refresh the page, they might switch - but one always fails. |
|
Resolved! #54 this fixed the issue for me as well, i assume it's some sort of caching happening on clerk side. Happy holidays! |
|
OK, this is back for me, even with networkless authenticate_request. TBH the code I've got seems correct and the fact it works intermittently (literally differs on page refresh) makes me think this is a Clerk-side issue. |
|
Hi @r-pathak we'll investigate and get back to you ! |
|
Hi - wondering if there's any update on this, it'd be greatly appreciated. Thanks. |
|
Hey @r-pathak ! A pretty massive update was just released here that I think may help address this: https://github.com/clerk/clerk-sdk-python/releases/tag/v1.7.0. Would you mind trying it out and see if the behavior is any different? |
I have a flask, cross-origin backend which supports multi-threaded requests.
I notice that on a certain page in my frontend, where two requests are performed concurrently (and therefore both undergo authenticate_request validation) one of them fails, whilst the other succeeds - despite their headers and claims being the same.
Is this a known issue? Somehow I don't really see the same issue in the dev environment, only production.
Thanks & merry Christmas!
The text was updated successfully, but these errors were encountered: