<LoginCallback> returns "AuthSdkError: Unable to retrieve OAuth redirect params cookie"

[kellengreen]

I'm submitting this issue for the package(s):

• [ ] jwt-verifier
• [ ] okta-angular
• [ ] oidc-middleware
• [x] okta-react
• [ ] okta-react-native

I'm submitting a:

• [x] Bug report
• [ ] Feature request
• [ ] Other (Describe below)

Current behavior

Seemingly at random <LoginCallback> returns AuthSdkError: Unable to retrieve OAuth redirect params cookie. I would guess the failure rate is roughly 5% of the time.

Expected behavior

<LoginCallback> should push users the URL provided to authService.login(url).

Minimal reproduction of the problem with instructions

This is the tricky part, it happens randomly. I however have witnessed it across all major browsers and operating systems. Throughout the lifetime of our project we've been upgrading @okta/okta-react from 1.x, 2.x, and 3.x with the issue persisting across all releases.

Extra information about the use case/user story you are trying to implement

All our sites are served over HTTPS.

Here is an example of our auth service.

export default new AuthService({
  issuer: OKTA_ISSUER,
  clientId: OKTA_CLIENT,
  redirectUri: OKTA_REDIRECT,
  pkce: true,
  scopes: [
    'openid',
    'email',
    'profile',
    'groups',
    ...
  ],
})

Environment

• Package Version: 1.x, 2.x, 3.0.7
• Browser: Chrome, FireFox, and Safari
• OS: OSX 10.15, 10.14, Windows 10
• Node version (node -v): v12.18.0
• Other:

[Joyeeta]

I am facing similar issue. I am using "@okta/okta-signin-widget": "^3.8.2" and "@okta/okta-angular": "^2.0.0", which has a dependency "okta-auth-js": 3.2.4. I have specified storage as 'localStorage' while initializing "OktaAuth" , const athClient = new OktaAuth({ url: 'XXX', redirectUri: redirectUri, responseMode: 'query', pkce: true, tokenManager: { storage: 'localStorage', expireEarlySeconds: 300 } }); While debugging,i noticed in token.js it is trying to read the okta-oauth-redirect-params from the sessionStorage rather than localStorage. As a result, the login redirects to /implicit/callback, which displays the error: AuthSdkError: Unable to retrieve OAuth redirect params from storage.

Has anybody else faced the issue? If yes, could you please help.

[kellengreen]

From reading similar reports, it would seem that this issue is also effecting the Vue and Angular libraries as well. (https://github.com/okta/okta-oidc-js/issues/870 https://github.com/okta/okta-oidc-js/issues/742 https://github.com/okta/okta-oidc-js/issues/736 https://github.com/okta/okta-oidc-js/issues/732 https://github.com/okta/okta-oidc-js/issues/714 https://github.com/okta/okta-oidc-js/issues/706 https://github.com/okta/okta-oidc-js/issues/675 https://github.com/okta/okta-oidc-js/issues/654)

[aarongranick-okta]

@kellengreen There was a flaw in our 3.2.4 release of okta-auth-js. We have corrected the flaw and released a new version, 3.2.5. okta-auth-js is an internal dependency of okta-react. Reinstalling your node modules should fix this issue.

[kellengreen]

Thanks, I will update and report back on our findings.

[Fahmi-PHTN]

My react app also facing the same issue. I was using okta-react 3.0.2 & okta-auth-js 3.1.4. I tried to update okta-react to 3.0.6 and okta-auth-js to 3.2.5. Now it's just loading and not redirecting to my react app.

@kellengreen does your app work after reinstalling node modules?

[kellengreen]

Yes my app is working correctly with 3.2.5.

So far, I haven't experienced the issue since. I'm going to give it a few more weeks in the wild before I close the door on this ticket.

Probably unrelated but we've also since moved to React 17.

[kellengreen]

Confirmed fixed.

[hellmean]

we are still experiencing this error with version 4.6.1:

Uncaught (in promise) AuthSdkError: Unable to retrieve OAuth redirect params from storage