CustomAuth stopped working with "retrieveVerifierToKeyIndex keyIndexes do not exist for verifier, and verifierID"

v.lukoyanov · July 14, 2023, 12:50pm

Hi Team,

We’re using web3auth to create web3 wallets in the browser. Today, the integration stopped working.

I can see the following json-rpc error in logs:
code: -32602
data: “Verifier + VerifierID has not yet been assigned could not retrieveVerifierToKeyIndex error: retrieveVerifierToKeyIndex keyIndexes do not exist for verifier, and verifierID”
message: “Input Error”.

Please advise what this error is about.

SDK Version: “@toruslabs/torus-direct-web-sdk”: “^4.15.1”
Verifier Details:
- Verifier Name: smarty-pay-v1-prod-auth0
- JWKS Endpoint:
- Sample idToken(JWT)

vjgee · July 14, 2023, 1:04pm

@v.lukoyanov Thanks for reporting the issue.

Your issue has been forwarded to our team and we will get back with further updates once more information becomes available.

yashovardhan · July 14, 2023, 1:21pm

Please update your CustomAuth and Fetch Node Details packages to the latest version of the SDKs

yashovardhan · July 14, 2023, 1:24pm

The torus direct web SDK has been deprecated for quite a while now. Please make sure to update to @toruslabs/customauth in place of that.

This will be a quick shift integration for fixing your current issues. In the long term, we recommend you to use the @web3auth/single-factor-auth SDK

yashovardhan · July 14, 2023, 1:54pm

v.lukoyanov · July 20, 2023, 4:09pm

Thank you @yashovardhan!

We managed to get almost everything working again with ‘toruslabs/customauth’. We will plan to upgrade to ‘web3auth/sfa’ in the near future.

The problem we couldn’t fix with the new package is related to the case when the identity provider window (Google) is closed without actual authentication being performed by the user.

We added an issue in GitHub, please kindly take a look:

github.com/torusresearch/CustomAuth

'triggerLogin' function remains locked after auth window closure

opened 05:02PM - 18 Jul 23 UTC

madcent

### Description We are currently utilizing the CustomAuth to manage user sign…-up and sign-in processes, as well as enabling them to sign transactions using the private key associated with their generated addresses. The module has generally functioned well, but we've recently encountered a specific issue with the Google authentication flow. The problem arises with the 'triggerLogin' function. We've observed that if a user closes the auth window, the 'triggerLogin' function unexpectedly remains in a locked state. I've taken the initiative to investigate this issue further and have prepared a [patch](https://github.com/torusresearch/CustomAuth/files/12083885/setupTimer_fix.patch) that seems to resolve the problem. It will be great if a maintainer could review this proposed fix and consider integrating it into an upcoming release. Please feel free to provide any feedback or suggest modifications if required. ### Steps to reproduce: 1. create a new google verifier https://dashboard.web3auth.io/home/team/[YOUR-COMPANY]/customauth ; 2. init the CustomAuth like: ``` const torus = new CustomAuth({ baseUrl: `${window.location.origin}/serviceworker`, enableLogging: false, network: 'mainnet', web3AuthClientId: 'test', }); await torus.init({ skipSw: false }); try { await torus.triggerLogin({ typeOfLogin: 'google', verifier: '<YOUR VERIFIER IDENTIFIER>', clientId: '<YOUR CLIENT ID>', }); } finally { console.log('triggerLogin has been resolved'); } ``` 3. google auth window will be opened; 4. close the window; #### Expected Behaviour 5. torus.triggerLogin function is "released" and 'triggerLogin has been resolved' message appears in the console; #### Actual Behaviour 5. torus.triggerLogin function is "locked" and no 'triggerLogin has been resolved' message appears.