Widen / cloudfront-auth

An AWS CloudFront Lambda@Edge function to authenticate requests using Google Apps, Microsoft, Auth0, OKTA, and GitHub login
ISC License
626 stars 149 forks source link

Site unreachable after redirect #80

Open luisalguien opened 4 years ago

luisalguien commented 4 years ago

Hello, I've implemented Lambda@Edge to authenticate users to my CloudFront distribution using Okta, I'm serving a PWA through this infrastructure. It works fine for some time, but if I leave the app on my screen for some time (the time seems to be random maybe a whole day, couple hours or some minutes) it will stop responding and show an error that says the page is unreachable or its contents have been move to another site, and on the console I receive the following error:

Access to fetch at "https://xxxx.oktapreview.com/oauth2/v1/authorize?client_id=xxxx...index.html" (redirected from "https://mysite.com/index.html__WB_REVISION__=xxxx") from origin "https://mysite.com" has been blocked by CORS policy: No "Access-Control-Allow-Origin" header is present on the requested source.

What could be causing the issue? CORS is enabled on the Okta side since I'm able to access my site and work correctly on it. The error disappears if I do a hard refresh, clear the service worker storage or if I close the current tab and open in a new one. error2