Hi there, I've been trying to work out a solution to an issue with my auth flow for a while and thought I had it but having more issues.
I'm using tRPC in a Next.js full stack app and have updated my user's permissions via the Kinde API. Now I'm trying to get those updated permissions to take effect in my app, without logging out and logging in again. They're definitely working in the Kinde UI.
The component I want to see them updated in is a client component. I've tried making calls to my tRPC API methods, which then contain a call to refreshTokens() from getKindeServerSession(). NB - all other methods from getKindeServerSession() work fine in my tRPC files. However, no matter what, the permissions aren't returning correctly.
Here's a snippet from my auth-callback function where I initially update the org & permissions:
it looks like everything is set up correctly? And to clarify I am receiving a success response from my tRPC call, the only problem is the response from getPermissions which is still null for both permissions and orgCode. I tried splitting it into two different tRPC calls and still got nothing so I think the problem lies with refreshTokens().
(I'm not sure if I'm breaking some rules by asking too many questions on here? I'm really sorry if so)
Ooh no I hadn't seen that, thank you @Oli - Kinde ! Having read it now, I think my tRPC setup is a little different to the structure of the example here, but so far I haven't had any issues with Kinde auth functioning in my app, this seems to be the first instance where any SDK methods aren't working as they should. For example, where I call getUser() from getKindeServerSession() in one of my tRPC API methods, the user data returns correctly. And the interactions I've set up with the Kinde API also work fine. refreshTokens() seems to be the only thing not working, as getPermissions() is returning the right sort of object but with the values as null, so it seems like there's just something I've misunderstood about the token management system maybe?
One way to double check if refreshTokens is work would be to inspect the cookies after refreshTokens is called. Then if you have a look at the id_token or access_token and decode it here https://kinde.com/tools/online-jwt-decoder/ you should be able to see if your tokens now contain the up-to-date Kinde data.
If it does have the data, then I think it could be trpc caching that may need to get invalidated (not 100% sure since I haven't used it before, but that would be my guess).
If the data is not being updated in cookies I will have a deeper look into this! @Sophia
Thank you @peteswah @Peteswah I've just tried this and the access_token and id_token don't seem to contain the updated data after refreshTokens() has been called, sorry!
Happy to provide as much information as might be needed or even jump on a call if it's helpful, I'm not the most experienced with any of the technologies I'm using so it's very possible I've done something stupid, I'm just struggling to work out what it could be at this point as it does seem to just be this one function that's not behaving as expected