You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have a Next.js (React) application that uses @auth0/nextjs-auth0 for authentication, deployed via Azure App Service and containers (Docker). As of last night or this morning, I can no longer access my application due to server-side errors relating to JWE decryption and auth0 secrets. What's extremely strange is this error only surfaced last night, despite not swapping my main slot into production for 2 weeks.
Context
Framework: Next.js using the new App Router (13+) and @auth0/nextjs-auth0 (auth library).
Auth Provider: Okta (the user sees the Okta login screen, then gets redirected back to /auth/callback).
Azure Setup:
Each branch (Dev, Staging, Main) has its own App Service/deployment slot.
Production and “prod-like” run the same code from the main branch; I use slot swaps to move changes in.
The container is built and pushed to Azure Container Registry, then deployed to the App Service.
Auth0 FrontEnd Set Up:
import { Auth0Client } from "@auth0/nextjs-auth0/server";
import { NextResponse } from "next/server";
export const auth0 = new Auth0Client({
authorizationParameters: {
audience: process.env.API_BASE_URL,
scope: 'openid profile email',
},
onCallback: async (error, context) => {
if (error) {
return NextResponse.redirect(
new URL(`/error?error=${error.message}`, process.env.APP_BASE_URL)
)
}
return NextResponse.redirect(
new URL(context.returnTo || "/", process.env.APP_BASE_URL)
)
},
});
The Errors
Only in the prod-like environment, right after a successful login, the user fails to be redirected to the dashboard. I see errors like:
Error: An error occurred in the Server Components render ...
ERR_JWE_DECRYPTION_FAILED at <anonymous> (/usr/src/.next/server/chunks/603.js:2:93746)
or
TypeError: "ikm"" must be an instance of Uint8Array or a string
at nf (/usr/src/.next/server/chunks/987.js:27:305059)
I’ve running this in an incognito window to see if Cookies had expired. It was still broken.
Thank you! Any guidance or pointers would be extremely helpful.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
-
I have a Next.js (React) application that uses @auth0/nextjs-auth0 for authentication, deployed via Azure App Service and containers (Docker). As of last night or this morning, I can no longer access my application due to server-side errors relating to JWE decryption and auth0 secrets. What's extremely strange is this error only surfaced last night, despite not swapping my main slot into production for 2 weeks.
Context
Azure Setup:
Auth0 FrontEnd Set Up:
The Errors
or
I’ve running this in an incognito window to see if Cookies had expired. It was still broken.
Thank you! Any guidance or pointers would be extremely helpful.
Beta Was this translation helpful? Give feedback.
All reactions