samples-js-react icon indicating copy to clipboard operation
samples-js-react copied to clipboard
verified publisher icon okta

Custom login sample fails authentication with current instructions

Open r-tae opened this issue 5 years ago • 6 comments

Followed README, testing on my employer's dev Okta tenant. Using a custom domain name as the issuer, so it is different from the *-admin.oktapreview.com developer portal url.

Tested on Firefox. Steps taken:

  1. Run npm install in both custom-login and okta-hosted-login
  2. Create new SPA application as per documentation (no option given to provide a base URL, so the documentation is out of date)
  3. Assign "Everyone" to application on developer portal
  4. Create testenv file with issuer and client ID found on developer portal
  5. Run npm start in custom-login project
  6. Attempt sign in and observe POST request to {oktaBaseUrl}/api/v1/authn that returns HTTP 401
  7. Shut down custom-login and run npm start in okta-hosted-login
  8. Attempt sign in to and observe GET request to {oktaBaseUrl}/oauth2/default/api/v1/authorize that returns HTTP 200
  9. With a successful sign in, shut down okta-hosted-login and restart custom-login
  10. Observe login form bypassed, due to valid cookie, and a successful authentication

r-tae avatar Aug 26 '20 03:08 r-tae

Thanks for the report @actual-size - I'll take a stab at reproducing sometime today to see if I can get you any solutions. My immediate thought is the 401 error can pop up if the app you created was not a "SPA" app as you report. I'll look for other errors, but while I do so you can double check that step.

swiftone avatar Aug 26 '20 16:08 swiftone

Thanks for getting back quickly, I've double checked and it is a "SPA" app with the default settings.

r-tae avatar Aug 27 '20 00:08 r-tae

Also seeing this

image

The call to https://dev-96778528.okta.com/api/v1/authn appears to be valid

redgeoff avatar Mar 22 '21 21:03 redgeoff

I've been unable to reproduce the errors listed here. The steps I followed:

  • clone the samples repo
  • npm install
  • create the testenv file with CLIENT_ID and ISSUER at the root of the repo
  • cd custom-login
  • npm start

This leads me to believe we may be seeing some configuration issues at the Okta Admin Console-side.

  • Check the assigned users of your application: This can be seen on the Admin Console by going to Applications, selecting your application, then the Assignments tab to see who is listed. This can be individual user ids or groups, such as "Everyone".

I was able to see an error where the widget appears to just sit there, when the user was not assigned to the application in the Okta Admin Console, so that may be related. I'll file a ticket to get that error addressed, but in the meantime I'd like to unblock what you are observing.

swiftone avatar Mar 22 '21 21:03 swiftone

Internal ref: OKTA-358619

swiftone avatar Mar 22 '21 21:03 swiftone

Unfortunately I am no longer involved in the project that these issues were occurring on, so can no longer debug this. Hopefully it was just some configuration error.

r-tae avatar May 06 '21 00:05 r-tae