/implicit/callback route not working for any version of @okta/okta-angular

[yashwanth-yenugu]

I'm submitting this issue for the package(s):

• [ ] jwt-verifier
• [ 1] okta-angular
• [ ] oidc-middleware

I'm submitting a:

• [1 ] Bug report
• [ ] Feature request
• [ ] Other (Describe below)

Current behavior

We are using @okta/okta-angular for our login page and to login the user which goes pretty smoothly but once the callback route gets called we get a blank page it does not redirect back to the app. With version 1.0.7 it is working fine locally.I am able to redirect and continue with my application . We are using Authorization Code flow with PKCE. I do see all the details in url and also in the cookies...

/callback#id_token=eyJraWQiOiI2SXIxdXNldlhFVTI2dVNRNTZWa1QzeGFYcjFTSGdzNkZRcmprQ1ZpWVFRIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiIwMHVyM3N6dnRLWE5xREFnSzR4NiIsImVtYWlsIjoidmFzYXZpLmF5eWFsYXNvbWF5YWp1bGFAYWJqYXlvbi5jb20iLCJ2ZXIiOjEsImlzcyI6Imh0dHBzOi8vZGV2LTUzMzIzNi5va3RhLmNvbS9vYXV0aDIvZGVmYXVsdCIsImF1ZCI6IjBvYTE0bGw1ZzB4YnFvUUw5NHg3IiwiaWF0IjoxNjA1NTEyOTYxLCJleHAiOjE2MDU1MTY1NjEsImp0aSI6IklELjQ0WlF3TnRCYW9EUWhWbW1ZaGNtLThYdVg2SE5uMV9iSVBtaTI1SS1PRVUiLCJhbXIiOlsicHdkIl0sImlkcCI6IjAwb3IzcW5sd1UxNEVic1QzNHg2Iiwibm9uY2UiOiJIT3VCTHc4c1RTNk9ZQUJVdGxiMVV6cm9XaWhuT1lRV0hLclBnR3o1NzMydkRhWFBUZmJzVmZnem5UdDhPcmVnIiwiYXV0aF90aW1lIjoxNjA1NTEyOTYwLCJhdF9oYXNoIjoiZ29VQlhLblVpRTJEektBWkNxSHNqQSJ9.H08CQLOPwNjAMb7vC5dnYQ054Md9NMI0FQ7FQDoG2FeEXstFdZO-jfgFmjVsZEwjFnzlvdncAmYVPgC_8bnt51P-rqhttQenWSDa0gK7vzHSmep2H4b_Xe42zIjHg4z1cmkwzdNXv-sMkXr56CMcJh4TzjgUjdOtIRmbpPfb0Hr27qRbQDyf99y6oMSvsfoNX9xdRTP_6Vl9rcATvChpfHPLL5x8r9rq-lU4-nqLAusCqf2a2kPWZz1olKtpQUpL_mf-FSdpb6Zh1_iRN-fIV0g6S4p2WnUtA1nicixr6PDEGCNW7VYyzMRBox-DLS55cFODFdrNhthKPqCILQerCA&access_token=eyJraWQiOiI2SXIxdXNldlhFVTI2dVNRNTZWa1QzeGFYcjFTSGdzNkZRcmprQ1ZpWVFRIiwiYWxnIjoiUlMyNTYifQ.eyJ2ZXIiOjEsImp0aSI6IkFULlBGNkFNYnF2R0hCTU1OUHhIcWkxVDVHX1lFSjlWUXNsb3J0cFZMZnctWXciLCJpc3MiOiJodHRwczovL2Rldi01MzMyMzYub2t0YS5jb20vb2F1dGgyL2RlZmF1bHQiLCJhdWQiOiJhcGk6Ly9kZWZhdWx0IiwiaWF0IjoxNjA1NTEyOTYxLCJleHAiOjE2MDU1MTY1NjEsImNpZCI6IjBvYTE0bGw1ZzB4YnFvUUw5NHg3IiwidWlkIjoiMDB1cjNzenZ0S1hOcURBZ0s0eDYiLCJzY3AiOlsib3BlbmlkIiwiZW1haWwiXSwic3ViIjoidmFzYXZpLmF5eWFsYXNvbWF5YWp1bGFAYWJqYXlvbi5jb20ifQ.En3QWmGviJ0yqBBCMmGlYKIealCWKyLsgOPsbBc0rNCTlKPXk1ZWkLOkX8JZkEtfXpznp-iI5sIv-A42qLqwGj-qHkIaSqsLVGmu2fir8XlBNl8lKC2jXAo2oDiLrIpcH4pMwg3-n8vOFBwxhsvIGUCnNKfR-eARyglGxrwfw_OpijbQMAFVvhJlbrzBZ_f2tHdJu-hVT60H9EeT1b-zcVsjCZOX9jaRYrbdwFG8Pw2hMazGY1rkWeLNqrOwuD7N8T094qkJsYmLh-EyxPe9T-E8QbhQMXkNqDYikx8qSaXBkvzoDSxMUmwT25fqUjQaS1xjZmab9pCRY_0BkZ8A&token_type=Bearer&expires_in=3600&scope=openid+email&state=x0QehzYRCF3461TVZYX6EjOynR298VG5wkj5DAaFDRgfdhYXtUu2cGZdjyCF61Er

Expected behavior

const accessToken = await this.oktaAuth.getAccessToken(); should give me the accesstoken

Extra information about the use case/user story you are trying to implement

const accessToken = await this.oktaAuth.getAccessToken(); const getconfig = await this.oktaAuth.getOktaConfig(); console.log('getconfig------------',getconfig); console.log('accessToken-----',accessToken); this.isAuthenticated = await this.oktaAuth.isAuthenticated(); console.log('this.isAuthenticated----',this.isAuthenticated); if (!!accessToken) { this.oktaAuth.getUser().then((claims:UserClaims) => {

  });

access token always gives undefined in enviroment whereas everything is working as expected in the local.

{ path: 'user-manager/callback', component: OktaCallbackComponent,

},

this is callback path..the same was configured in okta application

Previously I was using v3 of @okta/okta-angular .there I get only state and code in url .It was also working fine in local so, I switched to v1 .Thought it might help.

Environment

• Package Version:@okta/okta-angular:1.0.7
• Browser: chrome 85
• OS:
• Node version (node -v):10
• Other:angular version 9

[sksaifuddin]

I am also the facing the same issue, can anyone help please..

[oleksandrpravosudko-okta]

Thanks for reporting this issue, @yashwanth-yenugu. I will investigate and get back to you once I have more details on a potential root cause.

[oleksandrpravosudko-okta]

@yashwanth-yenugu, I was not able to reproduce the behaviour you described in non-localhost environment a few clarifying questions to help with further investigation:

• are you able to share the details of your OKTA_CONFIG(w/ clientId and org subdomain scratched) and the login method + parameters you are using(e.g. signInWithRedirect)?
• are there any error messages available in the non-local setup (either in URL or developer tools)?

[yashwanth-yenugu]

Thank you for responding .I have attached the file which contains all the details we are using to integrate with okta agular-okat.txt

there are no error messages in the developer tools. I can see the cookies as well.

[oleksandrpravosudko-okta]

thanks for following up, @yashwanth-yenugu my next questions and suggestions:

• is accessToken still undefined when opening a new tab/doing page reload on a protected path(/providerMALogin)?
• are you making sure redirectUri origin is getting set to a proper value? (by either using environment config property or doing a shortcut like window.location.origin + '/user-manager/callback')
• did you have a chance to setup and deploy a sample app to the same environment OR would it be possible for you to try deploying your original app to a different environment? (to make sure there is no particular environment interference)