failure to get sessionToken after successful authn when STATE_TOKEN_ALL_FLOWS enabled

andyclarke-okta commented 4 years ago

:information_source: If you have a question, please post it on the Okta Developer Forum instead. Issues in this repository are reserved for bug reports and feature requests.

I'm submitting a

[ x] bug report
[ ] feature request

Background info

using Okta Widget version 3.8.1, with only basic bootstrap ( Okta Org only)

    var options = {
        baseUrl: myOktaOrg
    };
    var oktaSignIn = new OktaSignIn(options);

Expected behavior

disabling FF STATE_TOKEN_ALL_FLOWS, after successful authn, receive sessionToken

res: user: {id: "00umslp9sjkLQRNPK0h7", passwordChanged: "2019-08-20T21:19:52.000Z", profile: {…}} type: "SESSION_SSO" session: {token: "20111XX24QpRBPNtE_UXV0SMM5-pYtraxFzeJHLq-3sEcWw-ibNddw3", setCookieAndRedirect: ƒ} status: "SUCCESS" proto: Object

What went wrong?

enabling FF STATE_TOKEN_ALL_FLOWS a successful authentication does not result with sessionToken

res: user: {id: "00umslp9sjkLQRNPK0h7", passwordChanged: "2019-08-20T21:19:52.000Z", profile: {…}} type: "SESSION_SSO" next: ƒ () status: "SUCCESS" proto: Object

Steps to reproduce

enable/disable FF STATE_TOKEN_ALL_FLOWS

Your environment

Okta Sign-In Widget Version: 3.8.1 ( found same behavior in other versions as well)
Browser: Chrome Version 80.0.3987.132 (Official Build) (64-bit)
OS: Windows 10
Language: en

swiftone commented 4 years ago

~Internal ref: https://oktainc.atlassian.net/browse/OKTA-284172~

tom-smith-okta commented 4 years ago

that ^^^ JIRA link is wrong. The correct JIRA link (one of them) is: https://oktainc.atlassian.net/browse/OKTA-256599

rckv880 commented 3 years ago

I have the same issue.

After successful authentication, onSuccess the response object does not have session object in it and fails with the below response. This happens when the type in the response is "SESSION_SSO". The response and the error are given below.

Please help as this is in production and the users are unable to login to the application. Thank you.

{ "user": { "id": "--MY-ID--", "profile": { "login": "---EMAIL-REMOVED---", "firstName": "R", "lastName": "V", "locale": "en", "timeZone": "--MY-TIMEZONE--" } }, "type": "SESSION_SSO", "status": "SUCCESS" }

The below code in the node_modules returns "SESSION_SSO" if the response does not have "type" in it which is causing this anamoly. File: node_modules/@okta/okta-signin-widget/dist/js/okta-sign-in.js

var successData = { user: res._embedded.user, type: res.type || Enums.SESSION_SSO };

ERROR: on Chrome Browser

TypeError: Cannot read property 'token' of undefined Login._this.onSuccess src/auth/Login.js:52 49 | onSuccess = res => { 50 | console.log(res); 51 | return this.props.auth.redirect({

52 | sessionToken: res.session.token | ^ 53 | }); 54 | }; 55 | View compiled ▶ 3 stack frames were collapsed.

okta / okta-signin-widget