aws-samples / bedrock-claude-chat

AWS-native chatbot using Bedrock + Claude (+Mistral)
MIT No Attribution
900 stars 322 forks source link

[BUG] Custom Domain Name and OIDC Login Doesn't Work #546

Open AaronSaposnik opened 1 month ago

AaronSaposnik commented 1 month ago

Describe the bug

I have setup an external OIDC provider and it is working successfully with the default cloudfront.net URL. I then added a custom branded URL to CloudFront. The login page loads and looks right, but when I hit the login button nothing happens. The URL does not change and there is no redirect to the OIDC provider. I also tried going into Cognito and using the test of the Hosted UI button and it will login to the OIDC provider and redirect back to the custom URL properly as a redirect URL but it returns to the login screen instead of the chat screen.

To Reproduce

1) Configure an OIDC provider using your provided instructions 2) Go to CloudFront and add an alternate domain name and an appropriate SSL cert 3) Load the alternate domain name and attempt to login 4) If the experience is the same, the login button will highlight but will do nothing no matter how many times it is clicked

Additional context

The OIDC provider is Azure AD if that makes a difference though I assume the experience should be the same for any provider since it is not even redirecting to Azure

DTheunis commented 1 month ago

We have the same issue using SAML SSO. (Login with SSO -> Land on login page without actually logging in rather than landing on the chat screen) Issue is since the Amplify upgrade -> Rollback to a version before that is a temporary fix...

(But we would also like to see this fixed)