starred/pocket-id-pocket-id-1
1
0
Fork 0
mirror of https://github.com/pocket-id/pocket-id.git synced 2025-12-09 14:53:00 +03:00
Code Issues 122 Packages Projects Releases 10 Wiki Activity

🐛 Bug Report: Logins fail after upgrading pocket id #244

New Issue
Closed
opened 2025-10-07 23:59:02 +03:00 by OVERLORD · 0 comments
OVERLORD commented 2025-10-07 23:59:02 +03:00
Owner
Copy Link

Originally created by @j-baker on GitHub.

Reproduction steps

Reproduction steps: integrate latest main branch pocket-id and latest immich. Observe logins fail.

Disclaimer: I updated pocket-id and the app I was using that uses pocket-id. However I'm pretty sure that the bug is in pocket-id.

I use an app called Immich. This integrates with pocket-id for login. I recently found I can't log in. What I'm observing is a failed login, and in the pocket-id logs, I observe:

Apr 27 18:46:30 homelab pocket-id-backend-start[3369060]: Error #01: failed to parse token: jwt.ParseString: failed to parse string: unknown payload type (payload is not JWT?)

When I MITM the connection between Immich and pocket-id, what I observe is that immich successfully hits /api/oidc/token and is given an access_token, an id_token and a refresh_token. It then tries to hit the oidc/userinfo endpoint with the access_token. This then fails because it's not a JWT, and the login fails.

Expected behavior

Login succeeds. The userinfo endpoint should work with the accesstoken that was generated, most likely?

Actual Behavior

HTTP 500.

Version and Environment

4c33793678

Log Output

No response

Originally created by @j-baker on GitHub. ### Reproduction steps Reproduction steps: integrate latest main branch pocket-id and latest immich. Observe logins fail. Disclaimer: I updated pocket-id _and_ the app I was using that uses pocket-id. However I'm pretty sure that the bug is in pocket-id. I use an app called [Immich](https://immich.app). This integrates with pocket-id for login. I recently found I can't log in. What I'm observing is a failed login, and in the pocket-id logs, I observe: ``` Apr 27 18:46:30 homelab pocket-id-backend-start[3369060]: Error #01: failed to parse token: jwt.ParseString: failed to parse string: unknown payload type (payload is not JWT?) ``` When I MITM the connection between Immich and pocket-id, what I observe is that immich successfully hits `/api/oidc/token` and is given an `access_token`, an `id_token` and a `refresh_token`. It then tries to hit the `oidc/userinfo` endpoint with the `access_token`. This then fails because it's not a JWT, and the login fails. ### Expected behavior Login succeeds. The userinfo endpoint should work with the accesstoken that was generated, most likely? ### Actual Behavior HTTP 500. ### Version and Environment 4c33793678709eb4981be2c1fd5803bace5f5939 ### Log Output _No response_
OVERLORD added the bug label 2025-10-07 23:59:02 +03:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
breaking
bug
documentation
feature
needs more upvotes
open to pull requests
pull-request
Mirrored from GitHub Pull Request
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/pocket-id-pocket-id-1#244
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?