This repository has been archived by the owner on Mar 22, 2024. It is now read-only.
AADSTS54005: OAuth2 Authorization code was already redeemed #511
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
OS: Ubuntu 18.04.4
django_microsoft_auth 3.0.1
Django 3.2.12
Python 3.8.16
MICROSOFT_AUTH_LOGIN_TYPE = 'ma'
Some users are unable to login and the following error is given:
Exception Type: InvalidGrantError at /microsoft/from-auth-redirect/ Exception Value: (invalid_grant) AADSTS54005: OAuth2 Authorization code was already redeemed, please retry with a new valid code or use an existing refresh token.This is on a production environment, running on Apache, behind Haproxy locally and F5 appliance SSL termination with load balancing between 2 webservers. The auth backend is subclassed to force HTTPS and do custom name and group handling.
Most users are able to repeatedly login fine, however the affected ones can not login at all. They are able to login to other o365 secured resources. The users have tried use Edge & Chrome to login and tried incognito mode to ensure a new code.
Any ideas?
The text was updated successfully, but these errors were encountered: