Skip to content
This repository has been archived by the owner on Oct 24, 2024. It is now read-only.

/implicit/callback route not working for any version of @okta/okta-angular #944

Open
4 tasks
yashwanth-yenugu opened this issue Nov 16, 2020 · 5 comments
Open
4 tasks

Comments

@yashwanth-yenugu
Copy link

I'm submitting this issue for the package(s):

  • jwt-verifier
  • [ 1] okta-angular
  • oidc-middleware

I'm submitting a:

  • [1 ] Bug report
  • Feature request
  • Other (Describe below)

Current behavior

We are using @okta/okta-angular for our login page and to login the user which goes pretty smoothly but once the callback route gets called we get a blank page it does not redirect back to the app. With version 1.0.7 it is working fine locally.I am able to redirect and continue with my application . We are using Authorization Code flow with PKCE. I do see all the details in url and also in the cookies...

/callback#id_token=eyJraWQiOiI2SXIxdXNldlhFVTI2dVNRNTZWa1QzeGFYcjFTSGdzNkZRcmprQ1ZpWVFRIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiIwMHVyM3N6dnRLWE5xREFnSzR4NiIsImVtYWlsIjoidmFzYXZpLmF5eWFsYXNvbWF5YWp1bGFAYWJqYXlvbi5jb20iLCJ2ZXIiOjEsImlzcyI6Imh0dHBzOi8vZGV2LTUzMzIzNi5va3RhLmNvbS9vYXV0aDIvZGVmYXVsdCIsImF1ZCI6IjBvYTE0bGw1ZzB4YnFvUUw5NHg3IiwiaWF0IjoxNjA1NTEyOTYxLCJleHAiOjE2MDU1MTY1NjEsImp0aSI6IklELjQ0WlF3TnRCYW9EUWhWbW1ZaGNtLThYdVg2SE5uMV9iSVBtaTI1SS1PRVUiLCJhbXIiOlsicHdkIl0sImlkcCI6IjAwb3IzcW5sd1UxNEVic1QzNHg2Iiwibm9uY2UiOiJIT3VCTHc4c1RTNk9ZQUJVdGxiMVV6cm9XaWhuT1lRV0hLclBnR3o1NzMydkRhWFBUZmJzVmZnem5UdDhPcmVnIiwiYXV0aF90aW1lIjoxNjA1NTEyOTYwLCJhdF9oYXNoIjoiZ29VQlhLblVpRTJEektBWkNxSHNqQSJ9.H08CQLOPwNjAMb7vC5dnYQ054Md9NMI0FQ7FQDoG2FeEXstFdZO-jfgFmjVsZEwjFnzlvdncAmYVPgC_8bnt51P-rqhttQenWSDa0gK7vzHSmep2H4b_Xe42zIjHg4z1cmkwzdNXv-sMkXr56CMcJh4TzjgUjdOtIRmbpPfb0Hr27qRbQDyf99y6oMSvsfoNX9xdRTP_6Vl9rcATvChpfHPLL5x8r9rq-lU4-nqLAusCqf2a2kPWZz1olKtpQUpL_mf-FSdpb6Zh1_iRN-fIV0g6S4p2WnUtA1nicixr6PDEGCNW7VYyzMRBox-DLS55cFODFdrNhthKPqCILQerCA&access_token=eyJraWQiOiI2SXIxdXNldlhFVTI2dVNRNTZWa1QzeGFYcjFTSGdzNkZRcmprQ1ZpWVFRIiwiYWxnIjoiUlMyNTYifQ.eyJ2ZXIiOjEsImp0aSI6IkFULlBGNkFNYnF2R0hCTU1OUHhIcWkxVDVHX1lFSjlWUXNsb3J0cFZMZnctWXciLCJpc3MiOiJodHRwczovL2Rldi01MzMyMzYub2t0YS5jb20vb2F1dGgyL2RlZmF1bHQiLCJhdWQiOiJhcGk6Ly9kZWZhdWx0IiwiaWF0IjoxNjA1NTEyOTYxLCJleHAiOjE2MDU1MTY1NjEsImNpZCI6IjBvYTE0bGw1ZzB4YnFvUUw5NHg3IiwidWlkIjoiMDB1cjNzenZ0S1hOcURBZ0s0eDYiLCJzY3AiOlsib3BlbmlkIiwiZW1haWwiXSwic3ViIjoidmFzYXZpLmF5eWFsYXNvbWF5YWp1bGFAYWJqYXlvbi5jb20ifQ.En3QWmGviJ0yqBBCMmGlYKIealCWKyLsgOPsbBc0rNCTlKPXk1ZWkLOkX8JZkEtfXpznp-iI5sIv-A42qLqwGj-qHkIaSqsLVGmu2fir8XlBNl8lKC2jXAo2oDiLrIpcH4pMwg3-n8vOFBwxhsvIGUCnNKfR-eARyglGxrwfw_OpijbQMAFVvhJlbrzBZ_f_2tHdJu-hVT60H9EeT1b_-zcVsjCZOX9jaRYrbdwFG8Pw2hMazGY1rkWeLNqrOwuD7N8T094qkJsYmLh-EyxPe9T-E8QbhQMXkNqDYikx8qSaXBkvzoDSxMUmwT25fqUjQaS1xjZmab9pCRY_0BkZ8A&token_type=Bearer&expires_in=3600&scope=openid+email&state=x0QehzYRCF3461TVZYX6EjOynR298VG5wkj5DAaFDRgfdhYXtUu2cGZdjyCF61Er

Expected behavior

const accessToken = await this.oktaAuth.getAccessToken(); should give me the accesstoken

Extra information about the use case/user story you are trying to implement

const accessToken = await this.oktaAuth.getAccessToken();
const getconfig = await this.oktaAuth.getOktaConfig();
console.log('getconfig------------',getconfig);
console.log('accessToken-----',accessToken);
this.isAuthenticated = await this.oktaAuth.isAuthenticated();
console.log('this.isAuthenticated----',this.isAuthenticated);
if (!!accessToken) {
this.oktaAuth.getUser().then((claims:UserClaims) => {

  });

access token always gives undefined in enviroment whereas everything is working as expected in the local.

{
path: 'user-manager/callback',
component: OktaCallbackComponent,

},

this is callback path..the same was configured in okta application

Previously I was using v3 of @okta/okta-angular .there I get only state and code in url .It was also working fine in local so, I switched to v1 .Thought it might help.

Environment

  • Package Version:@okta/okta-angular:1.0.7
  • Browser: chrome 85
  • OS:
  • Node version (node -v):10
  • Other:angular version 9
@sksaifuddin
Copy link

I am also the facing the same issue, can anyone help please..

@oleksandrpravosudko-okta
Copy link
Contributor

Thanks for reporting this issue, @yashwanth-yenugu. I will investigate and get back to you once I have more details on a potential root cause.

@oleksandrpravosudko-okta
Copy link
Contributor

@yashwanth-yenugu, I was not able to reproduce the behaviour you described in non-localhost environment
a few clarifying questions to help with further investigation:

  • are you able to share the details of your OKTA_CONFIG(w/ clientId and org subdomain scratched) and the login method + parameters you are using(e.g. signInWithRedirect)?
  • are there any error messages available in the non-local setup (either in URL or developer tools)?

@yashwanth-yenugu
Copy link
Author

Thank you for responding .I have attached the file which contains all the details we are using to integrate with okta
agular-okat.txt

there are no error messages in the developer tools. I can see the cookies as well.

@oleksandrpravosudko-okta
Copy link
Contributor

thanks for following up, @yashwanth-yenugu
my next questions and suggestions:

  • is accessToken still undefined when opening a new tab/doing page reload on a protected path(/providerMALogin)?
  • are you making sure redirectUri origin is getting set to a proper value? (by either using environment config property or doing a shortcut like window.location.origin + '/user-manager/callback')
  • did you have a chance to setup and deploy a sample app to the same environment OR would it be possible for you to try deploying your original app to a different environment? (to make sure there is no particular environment interference)

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants