okta-react-native
okta-react-native copied to clipboard
okta
OKTA endpoint resolves with 200 status, but OKTA SDK throw an error
I'm submitting a:
- [*] Bug report
- [ ] Feature request
- [ ] Other (Describe below)
Current behavior
NOTE: OKTA is configured correctly and it works fine on prod MAIN ERROR: { error_code: "-600", message: "Unable get authorisation code." } I haven't found any reference to this message at all in the SDK
Steps:
- user enter login and password and press submit
- okta endpoint is triggered and resolved with 200 status with session token, user and etc (it means that this user is successfully signed in)
- okta SDK throw an error { error_code: '-600', error_message: 'Unable to get authorization code.' } to the "onError" event listener but at the same time we can handle a success response in the regular method
const { status, sessionToken } = await getAuthClient().signIn({
username: email,
password,
}); // it resolves as expected
if (status !== "SUCCESS") {
throw new OktaStatusError(
Transaction status other than "SUCCESS" has been return. Status: ${status},
status,
);
}
await authenticate({ sessionToken }); // as I understand calling this method throw event onError
- to sum up an issue: When a user is authorized successfully some times
Expected behavior
When the endpoint is resolved successfully we can be sure that the event "signInSuccess" is triggered
Minimal reproduction of the problem with instructions
described in current behavior
Extra information about the use case/user story you are trying to implement
Okta is configured for some apps including different groups We want to allow users from other groups to sign in to the app. We test user that exists in the same okta but in another group.
Environment
- Package Version: 1.13.2
- React Native Version: 64.2
- OS: IOS/Android
- Node version (
node -v): 14.16.1 - Other:
Hi @MobWeb24,
At first glance, it's difficult to understand why the error is thrown as your code looks good so far.
But I can see you're using the old package version 1.13.2. The newest version is 2.2.0. It contains bunch of fixes and improvements so your issue may disappear. Try to upgrade to the latest version, here is a guide.
Can you reproduce the issue on our samples?
Hi @oleggnidets-okta
I've updated the library version on our project and still have this error. Don't have an idea how can I solve it without making a crutch.
Or maybe you can provide me a case when I can receive this error { error_code: "-600", error_message: "Unable to get authorization code" }
Hey @MobWeb24,
Nice to hear that you've upgraded to the latest version.
Maybe you have incorrect app configuration. How do you think may it relate to the issue #118?
Hi @oleggnidets-okta . We've been using the same okta setup on prod, and everything works as described in docs. And only this case produces pretty weird behavior
The user is active but isn't assigned to the application. So we would expect the behaviour to be: {"error_description":"User is not assigned to the client application.","error":"access_denied"} http 400 certainly this is what happens if we call the /authorise and /token endpoints directly
This happens to us very randomly as well, we have to restart the android simulator to get it working again (at least that has fixed it so far). @mcrobbj-abrdn can you give an update on case 01251320 ?
So... i'm having the same issue but with no explanation:
Getting 200 and session code on SignIn function but authenticate fails with this error:
error in sign-in Error: Okta Oidc error at Object.promiseMethodWrapper [as authenticate] (NativeModules.js:106) at _callee5$ (index.js:191) at tryCatch (regeneratorRuntime.js:86) at Generator._invoke (regeneratorRuntime.js:66) at Generator.next (regeneratorRuntime.js:117) at tryCatch (regeneratorRuntime.js:86) at invoke (regeneratorRuntime.js:124) at regeneratorRuntime.js:148 at new Promise (es.promise.constructor.js:205) at callInvokeWithMethodAndArg (regeneratorRuntime.js:147)
The event Emitter prints this onError: ANDROID: { error_code: "-600", error_message: "" }
IOS: error_code: "-600" error_message: "Authorization Error: Unexpected response format while retrieving authorization code. Status code: 400"
My setup is: Package Version: 2.6.0 React Native Version: 66.4 OS: IOS/Android Node version (node -v): 16.16.0
Code
try {
const response = await oktaAuth.signIn(payload);
if (response.sessionToken) {
const tokens = await authenticate({ sessionToken: response.sessionToken }); <= THIS FAILS
} catch (error) {
...
config object:
const createOktaConfig = async () => {
await createConfig({
issuer: 'https://{secret}/oauth2/default'
clientId: '{secret}',
redirectUri: 'http://localhost:3000/home',
endSessionRedirectUri: 'http://localhost:3000/login',
discoveryUri: 'https://{secret}/oauth2/default',
scopes: [defined scopes....],
requireHardwareBackedKeyStore: true,
androidChromeTabColor: '#FF00AA', // Optional
browserMatchAll: true, // Optional
httpConnectionTimeout: 15, // Optional
httpReadTimeout: 10, // Optional
});
};
Any idea?
I'm experiencing this as well, with a brand new app created by npx -y react-native init SecureApp. Everything works fine in iOS, but there are errors when launching on Android. I'm using Pixel 5 API 30. I can provide steps to reproduce if necessary.
My package.json:
{
"name": "SecureApp",
"version": "0.0.1",
"private": true,
"scripts": {
"android": "react-native run-android",
"ios": "react-native run-ios",
"start": "react-native start",
"test": "jest",
"lint": "eslint ."
},
"dependencies": {
"@okta/okta-react-native": "2.6.0",
"events": "3.3.0",
"react": "18.0.0",
"react-native": "0.69.4"
},
"devDependencies": {
"@babel/core": "^7.12.9",
"@babel/runtime": "^7.12.5",
"@oktadev/schematics": "file:../../oktadev-schematics-5.2.2.tgz",
"@react-native-community/eslint-config": "^2.0.0",
"babel-jest": "^26.6.3",
"enzyme": "3.11.0",
"enzyme-adapter-react-16": "1.15.6",
"enzyme-async-helpers": "0.9.1",
"eslint": "^7.32.0",
"jest": "^26.6.3",
"metro-react-native-babel-preset": "^0.70.3",
"react-dom": "18.2.0",
"react-test-renderer": "18.0.0"
},
"jest": {
"preset": "react-native",
"automock": false,
"testEnvironment": "jsdom",
"transformIgnorePatterns": [
"node_modules/(?!@okta|@react-native|react-native)"
],
"testMatch": [
"**/tests/*.js?(x)",
"**/?(*.)(spec|test).js?(x)"
],
"setupFiles": [
"./setupJest.js"
]
}
}
@mraible Hey did you get the solution I am also facing the same issue.
@nithin-ds-07 Hey Iam also facing same issue man. if i solve i will post it here. before that you got help me out
I tried the latest version today and I'm still facing this issue.
https://user-images.githubusercontent.com/17892/214643904-62ee393c-4f34-430b-9954-f230f6fde70c.mp4
@mraible, you need a browser supporting Chrome custom tabs installed on the device. I see that you are using the AOSP image in the emulator, which doesn't come installed with one. Could you check if it works if you have Chrome installed?
