search

okta / okta-signin-widget

HTML/CSS/JS widget that provides out-of-the-box authentication UX for your organization's apps
Other
374 stars 317 forks source link

Issuer mismatch error results in Promise returned by showSignInToGetTokens never resolving or erroring. #1741

Open sflanker opened 3 years ago

sflanker commented 3 years ago

I'm submitting a

Background info

I apparently misconfigured something such that I am getting a token with an incorrect issuer (I'm using a custom domain, but the issuer URL is my ___.okta.com url instead). This misconfiguration results in completely silent failure and the Promise that is returned by the showSignInToGetTokens function never resolves or errors.

Expected behavior

The handler specified using Promise.catch should be invoked with the error.

What went wrong?

The login dialog just hangs forever. There are no errors or warnings in the console.

Steps to reproduce

Follow the basic showSignInToGetTokens example. Specify the custom domain for your Okta SPA application as the baseUrl.

https://repl.it/@paulinvio/okta-aurelia-webpack-3-app#src/app.ts

Your environment

sflanker commented 3 years ago

It seems like there should be a call to settings.callGlobalError in here somewhere 😞:

https://github.com/okta/okta-signin-widget/blob/master/src/util/OAuth2Util.js#L46

shuowu commented 3 years ago

@sflanker Thanks for the report!

Internal Ref: OKTA-377480

sflanker commented 3 years ago

I'm curious if there's a rationale for this test: https://github.com/okta/okta-signin-widget/blob/master/test/unit/spec/PrimaryAuth_spec.js#L2986 or if it is just validating bad behavior.