search

okta / okta-auth-js

The official js wrapper around Okta's auth API
Other
454 stars 265 forks source link

okta-auth-js, Okta Browser Plugin, Firefox, Angular build optimization 'true' results in 504 on /token endpoint #1550

Open DustinBryant opened 1 week ago

DustinBryant commented 1 week ago

Describe the bug

When a user attempts to log in to our site on Firefox and they have the Okta Browser Plugin they will get a 504 error as a response from the /token endpoint that gets called from okta-auth-js. If they disable the Okta Browser Plugin it will work. Also, chromium based browsers do not error.

This is an Angular (15.2.9) app. If it's built with optimizations as false then there is no error either.

Console error in Firefox: image

Reproduction Steps?

Angular@15.2.9 build configuration optimization set to true @okta/okta-auth-js@7.8.1 @okta/okta-angular@6.4.0 @okta/okta-signin-widget@7.24.2 Firefox Okta Browser Plugin

Config

  oidc: {
    clientId: environment.oktaClientId,
    issuer: environment.oktaIssuer,
    redirectUri: environment.oktaRedirectUri,
    scopes: ['openid', 'profile', 'email', 'offline_access'],
    tokenManager: {
      storage: 'localStorage',
    },
  },

Component

    this.signIn = new OktaSignIn({
      baseUrl: config.oidc.issuer.split('/oauth2')[0],
      clientId: config.oidc.clientId,
      redirectUri: config.oidc.redirectUri,
      i18n: {
        en: {
          'primaryauth.title': 'Okta Sign-in',
        },
      },
      useClassicEngine: false,
      authClient: oktaAuth as unknown as WidgetOktaAuthInterface,
    });
    this.signIn
      .showSignInToGetTokens({
        el: '#sign-in-widget',
        scopes: config.oidc.scopes,
      })
      .then((tokens: Tokens) => {
        this.loginService.loginSuccess.next(true);

        // Remove the widget
        this.signIn.remove();

        if (this.dialogReference) {
          this.dialogReference?.close('ok');
          this.oktaAuth.tokenManager.setTokens(tokens);
          return;
        }

        this.oktaAuth.handleLoginRedirect(tokens);
      })
      .catch((err: any) => {
        // Typically due to misconfiguration
        throw err;
      });

The custom sign-in widget you enter your email, click Next, enter password, and then click Verify is when the error is hit.

SDK Versions

@okta/okta-auth-js@7.8.1 @okta/okta-angular@6.4.0 @okta/okta-signin-widget@7.24.2

Additional Information?

No response

Luxu2-Okta commented 1 week ago

Which Okta browser plugin version you are using? If the app is public, do you mind to provide the url and a test account? .

DustinBryant commented 1 week ago

Okta Browser Plugin 6.34.0 Unfortunately, it's an internal/private app.

Luxu2-Okta commented 1 week ago

Would you go to the plugin settings page (right click the toolbar icon -> Manage extension -> click Okta Browser Plugin ... -> Preferences) and turn on the Enable Okta plugin logs then open dev console, check all the log level, persist the log and filter it by shared.js, then go to your app and reproduce the issue, and send all the console logs to us, you can share it in a google doc if the logs are too many

Screenshot 2024-10-31 at 2 01 12 PM

DustinBryant commented 1 week ago

I don't see any glaring issues in the logs. But who/where am I sending them?

Luxu2-Okta commented 1 week ago

You can send it to my email lu.xu@okta.com