byuweb / byu-browser-oauth-implicit Goto Github PK
View Code? Open in Web Editor NEWOAuth Implicit Grant provider for byu-browser-oauth
License: Apache License 2.0
OAuth Implicit Grant provider for byu-browser-oauth
License: Apache License 2.0
Your team may be aware of it, but I am posting it just in case.
Everything worked just fine a few hours ago. I suddenly received the error message.
Is there something I need to do in order to fix the error? Or will you fix it?
Unhandled Rejection (TypeError): Cannot use 'in' operator to search for 'clientId' in undefined
resolveConfig
../src/implicit-grant.js:55:6
52 | }
53 |
54 | function resolveConfig(rules, location) {
> 55 | if ('clientId' in rules) {
| ^ 56 | return rules;
57 | }
58 |
Module.configure
../src/implicit-grant.js:36:14
33 | * @param location
34 | */
35 | export async function configure(cfgOrRules, location = window.location) {
> 36 | const cfg = resolveConfig(cfgOrRules, location);
| ^ 37 | const globalConfig = window[GLOBAL_CONFIG_KEY];
38 |
39 | const config = Object.assign({
Thank you.
For some reasons, I started to receive this error message about 20 or 30 minutes ago.
Right now, if I access BYU CAS on an incognito mode, I have no problem with CAS. But I can't access CAS without an incognito mode. I tried to clear browser cache, wait for a bit and try logging in again, and tried to log in on a sub url. However, nothing has been worked.
My guess is that I have to wait for an hour or so to resolve this issue.
But after my web app launches, users shouldn't experience the same issue and wait for a long time to resolve it. How can I deal with the Internal Server Error in the future?
Type: Exception Report
Message: Ticket [09f7fc4f1a33090c96e9fa4a8dc31e4d301bfa86f2e2494b1cfedf6eebc40b5b137919382b4bc788aa406b8163d32e734cf81f30a3a93d3f9979e72708629db7 is of type class org.apereo.cas.ticket.registry.EncodedTicket when we were expecting interface org.apereo.cas.ticket.TicketGrantingTicket
Description: The server encountered an unexpected condition that prevented it from fulfilling the request.
Exception:
java.lang.ClassCastException: Ticket [09f7fc4f1a33090c96e9fa4a8dc31e4d301bfa86f2e2494b1cfedf6eebc40b5b137919382b4bc788aa406b8163d32e734cf81f30a3a93d3f9979e72708629db7 is of type class org.apereo.cas.ticket.registry.EncodedTicket when we were expecting interface org.apereo.cas.ticket.TicketGrantingTicket
org.apereo.cas.ticket.registry.AbstractTicketRegistry.getTicket(AbstractTicketRegistry.java:60)
org.apereo.cas.ticket.registry.DefaultTicketRegistrySupport.getAuthenticationFrom(DefaultTicketRegistrySupport.java:28)
org.apereo.cas.ticket.registry.DefaultTicketRegistrySupport.getAuthenticatedPrincipalFrom(DefaultTicketRegistrySupport.java:34)
org.apereo.cas.ticket.registry.DefaultTicketRegistrySupport$$FastClassBySpringCGLIB$$885171cb.invoke(<generated>)
org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:736)
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99)
org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:283)
org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:671)
org.apereo.cas.ticket.registry.DefaultTicketRegistrySupport$$EnhancerBySpringCGLIB$$d4786c8c.getAuthenticatedPrincipalFrom(<generated>)
org.apereo.cas.logging.web.ThreadContextMDCServletFilter.doFilter(ThreadContextMDCServletFilter.java:86)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:101)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:101)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:101)
org.springframework.boot.web.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:123)
org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:66)
org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:64)
org.springframework.boot.web.support.ErrorPageFilter.forwardToErrorPage(ErrorPageFilter.java:197)
org.springframework.boot.web.support.ErrorPageFilter.handleException(ErrorPageFilter.java:180)
org.springframework.boot.web.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:145)
org.springframework.boot.web.support.ErrorPageFilter.access$000(ErrorPageFilter.java:66)
org.springframework.boot.web.support.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:105)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
org.springframework.boot.web.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:123)
org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:66)
org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71)
Note: The full stack trace of the root cause is available in the server logs.
Using this sample code, I get 2 console log statements. This happens on every login
import { AuthenticationObserver, login } from '@byuweb/browser-oauth';
const observer = new AuthenticationObserver(({state, token, user, error}) => {
// React to the change in state
if (error) {
// React to authentication error
} else if (token && user) {
console.log(token);
// User is logged-in - start loading data or taking other actions
} else {
}
});
I am using React.js and using the code that you have provided.
I get an error saying that the observer is uninitialized on logout. It only occurs when I login, refresh the page, and logout
Normally logins/logouts work when I do not refresh the page
STEPS TO REPRODUCE:
export default function App() {
const dispatch = useDispatch();
const clearData = useSelector(state => state.global.clearData);
let authorizing = false;
let observer = null;
function loginUser() {
login();
}
function logoutUser() {
dispatch(flagAuthForClear());
logout();
}
useEffect(() => {
function loadData() {
const promises = [
axios.get("/api/year").then((res) => dispatch(setYears(res.data))),
axios
.get("/api/department")
.then((res) => dispatch(setDepartments(res.data))),
axios.get("/api/rule").then((res) => dispatch(setRules(res.data))),
axios.get("/api/right").then((res) => dispatch(setRights(res.data))),
];
Promise.all(promises).then(dispatch(appLoading(false)));
}
function authorizeUser(data) {
//We use the authorizing variable to prevent double login
//because the AuthenticationObserver returns the result twice
if (authorizing) return;
authorizing = true;
axios.post("/api/authorize", data).then((res) => {
dispatch(setRequestToken(res.data.bearerToken));
dispatch(setUser(res.data.user));
authorizing = false;
});
}
if (clearData)
dispatch(clearAuthData());
loadData();
observer = new AuthenticationObserver(({ state, token, user, error }) => {
if (error) {
console.log(error);
} else if (token && user) {
dispatch(setDisplayName(user.name.displayName));
authorizeUser({ byuBearerToken: token.bearer });
console.log(token);
console.log(user);
} else {
}
});
}, []);
return (
<Router>
<Header loginUser={loginUser} logoutUser={logoutUser} />
<PageManager />
<Footer />
</Router>
);
}
I'm seeing this error in the console coming from this file:
https://cdn.byu.edu/browser-oauth-implicit/node_modules/local-storage-fallback/lib/CookieStorage.js
Cookie “lS_oauth-state-nC1dAH5H_0AtHJBK99ZUKmZokXga” will be soon rejected because it has the “sameSite” attribute set to “none” or an invalid value, without the “secure” attribute. To know more about the “sameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Cookies
Though the error originate from the local-storage-fallback
module, I'm guessing it's because we aren't using it correctly... I could be wrong.
When I log out and immediately log into my dev web app, I got this error.
ReferenceError: cancelTimeout is not defined
ImplicitGrantProvider._scheduleExpirationCheck
../src/provider.js:186:13
183 | }
184 |
185 | _scheduleExpirationCheck(expirationTimeInMs) {
> 186 | if (this.__expirationTask) {
187 | cancelTimeout(this.__expirationTask);
188 | }
189 | return this.__expirationTask = this._schedulePeriodic(() => {
ImplicitGrantProvider._checkExpired
../src/provider.js:152:11
149 | const maybeFunkyExpiration = expiresInMs > FIFTY_FIVE_MINUTES_MILLIS;
150 |
151 | if (!definitelyExpired && !maybeFunkyExpiration) {
> 152 | this._scheduleExpirationCheck(expirationTimeInMs);
153 | return;
154 | }
155 |
View compiled
(...omitted...)
I have been experiencing this issue for a few days.
One or two weeks ago, I've never experienced a similar problem.
When I hit "sign in" button, my page gets refreshed, but it takes few seconds until my site retrieves the user information from CAS.
Here is the log.
byu-theme-components.js:25 --------------- Starting byu-theme-components 1.3.6 ---------------
log.js:122 [byu-browser-oauth-implicit] [info] (16:26:29,706+0600) starting up
log.js:122 [byu-browser-oauth-implicit] [info] (16:26:29,710+0600) state change: {state: "indeterminate", user: undefined, token: undefined, error: undefined}
log.js:122 [byu-browser-oauth-implicit] [info] (16:26:29,717+0600) state change: {state: "authenticating", user: undefined, token: undefined, error: undefined}
printWarnings @ webpackHotDevClient.js:120
handleWarnings @ webpackHotDevClient.js:125
push../node_modules/react-dev-utils/webpackHotDevClient.js.connection.onmessage @ webpackHotDevClient.js:190
push../node_modules/sockjs-client/lib/event/eventtarget.js.EventTarget.dispatchEvent @ eventtarget.js:56
(anonymous) @ main.js:282
push../node_modules/sockjs-client/lib/main.js.SockJS._transportMessage @ main.js:280
push../node_modules/sockjs-client/lib/event/emitter.js.EventEmitter.emit @ emitter.js:53
WebSocketTransport.ws.onmessage @ websocket.js:36
printWarnings @ webpackHotDevClient.js:120
handleWarnings @ webpackHotDevClient.js:125
push../node_modules/react-dev-utils/webpackHotDevClient.js.connection.onmessage @ webpackHotDevClient.js:190
push../node_modules/sockjs-client/lib/event/eventtarget.js.EventTarget.dispatchEvent @ eventtarget.js:56
(anonymous) @ main.js:282
push../node_modules/sockjs-client/lib/main.js.SockJS._transportMessage @ main.js:280
push../node_modules/sockjs-client/lib/event/emitter.js.EventEmitter.emit @ emitter.js:53
WebSocketTransport.ws.onmessage @ websocket.js:36
printWarnings @ webpackHotDevClient.js:120
handleWarnings @ webpackHotDevClient.js:125
push../node_modules/react-dev-utils/webpackHotDevClient.js.connection.onmessage @ webpackHotDevClient.js:190
push../node_modules/sockjs-client/lib/event/eventtarget.js.EventTarget.dispatchEvent @ eventtarget.js:56
(anonymous) @ main.js:282
push../node_modules/sockjs-client/lib/main.js.SockJS._transportMessage @ main.js:280
push../node_modules/sockjs-client/lib/event/emitter.js.EventEmitter.emit @ emitter.js:53
WebSocketTransport.ws.onmessage @ websocket.js:36
printWarnings @ webpackHotDevClient.js:120
handleWarnings @ webpackHotDevClient.js:125
push../node_modules/react-dev-utils/webpackHotDevClient.js.connection.onmessage @ webpackHotDevClient.js:190
push../node_modules/sockjs-client/lib/event/eventtarget.js.EventTarget.dispatchEvent @ eventtarget.js:56
(anonymous) @ main.js:282
push../node_modules/sockjs-client/lib/main.js.SockJS._transportMessage @ main.js:280
push../node_modules/sockjs-client/lib/event/emitter.js.EventEmitter.emit @ emitter.js:53
WebSocketTransport.ws.onmessage @ websocket.js:36
printWarnings @ webpackHotDevClient.js:120
handleWarnings @ webpackHotDevClient.js:125
push../node_modules/react-dev-utils/webpackHotDevClient.js.connection.onmessage @ webpackHotDevClient.js:190
push../node_modules/sockjs-client/lib/event/eventtarget.js.EventTarget.dispatchEvent @ eventtarget.js:56
(anonymous) @ main.js:282
push../node_modules/sockjs-client/lib/main.js.SockJS._transportMessage @ main.js:280
push../node_modules/sockjs-client/lib/event/emitter.js.EventEmitter.emit @ emitter.js:53
WebSocketTransport.ws.onmessage @ websocket.js:36
printWarnings @ webpackHotDevClient.js:116
handleWarnings @ webpackHotDevClient.js:125
push../node_modules/react-dev-utils/webpackHotDevClient.js.connection.onmessage @ webpackHotDevClient.js:190
push../node_modules/sockjs-client/lib/event/eventtarget.js.EventTarget.dispatchEvent @ eventtarget.js:56
(anonymous) @ main.js:282
push../node_modules/sockjs-client/lib/main.js.SockJS._transportMessage @ main.js:280
push../node_modules/sockjs-client/lib/event/emitter.js.EventEmitter.emit @ emitter.js:53
WebSocketTransport.ws.onmessage @ websocket.js:36
log.js:122 [byu-browser-oauth-implicit] [info] (16:26:30,162+0600) state change: {state: "authenticated", user: {…}, token: {…}, error: undefined}
provider.js:685 redacting token {bearer: "2b65b1c91aab5eea0aee64cb449b4b8", authorizationHeader: "Bearer 2b65b1c91aab5eea0aee64cb449b4b8", expiresAt: Fri Sep 13 2019 17:26:29 GMT-0600 (Mountain Daylight Time), client: {…}, rawUserInfo: {…}}
provider.js:687 {bearer: "2b65b1c91aab5eea0aee64cb449b4b8", authorizationHeader: "Bearer 2b65b1c91aab5eea0aee64cb449b4b8", expiresAt: Fri Sep 13 2019 17:26:29 GMT-0600 (Mountain Daylight Time), client: {…}, rawUserInfo: {…}}
provider.js:689 Fri Sep 13 2019 17:26:29 GMT-0600 (Mountain Daylight Time)
provider.js:690 object
log.js:122 [byu-browser-oauth-implicit] [info] (16:26:30,168+0600) state change: {state: "refreshing", user: {…}, token: {…}, error: undefined}
log.js:122 [byu-browser-oauth-implicit] [info] (16:26:30,170+0600) scheduling auto-refresh
log.js:122 [byu-browser-oauth-implicit] [info] (16:26:30,170+0600) state change: {state: "unauthenticated", user: undefined, token: undefined, error: undefined}
The resource https://cdn.byu.edu/theme-fonts/latest/ringside/fonts.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
log.js:122 [byu-browser-oauth-implicit] [info] (16:26:35,172+0600) starting refresh. displayType=iframe
log.js:122 [byu-browser-oauth-implicit] [info] (16:26:35,172+0600) Starting login. mode=iframe
log.js:122 [byu-browser-oauth-implicit] [info] (16:26:35,172+0600) Setting up hidden refresh iframe at https://api.byu.edu/authorize?response_type=token&client_id=xlF__onmKqfOshE92XJOEXTY8vka&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2F&scope=openid&state=af8c076140d853ac1f757ff2
VM38 components.min.js:1 --------------- Starting byu-theme-components 1.3.6 ---------------
VM36 implicit-grant.min.js:1 [byu-browser-oauth-implicit] [info] (16:26:35,716+0600) starting up
VM36 implicit-grant.min.js:1 [byu-browser-oauth-implicit] [info] (16:26:35,716+0600) state change: {state: "indeterminate", user: undefined, token: undefined, error: undefined}
VM36 implicit-grant.min.js:1 [byu-browser-oauth-implicit] [info] (16:26:35,722+0600) state change: {state: "authenticating", user: undefined, token: undefined, error: undefined}
VM36 implicit-grant.min.js:1 [byu-browser-oauth-implicit] [info] (16:26:36,042+0600) state change: {state: "authenticated", user: {…}, token: {…}, error: undefined}
VM36 implicit-grant.min.js:1 [byu-browser-oauth-implicit] [info] (16:26:36,051+0600) removing child iframe
VM40 1.chunk.js:74707 WebSocket connection to 'ws://localhost:3000/sockjs-node/029/gbu13kqt/websocket' failed: WebSocket is closed before the connection is established.
(anonymous) @ VM40 1.chunk.js:74707
triggerUnloadCallbacks @ VM40 1.chunk.js:75132
unloadTriggered @ VM40 1.chunk.js:75144
handleStateChange @ VM36 implicit-grant.min.js:90
(anonymous) @ VM36 implicit-grant.min.js:97
_dispatchEvent @ VM36 implicit-grant.min.js:97
_changeState @ VM36 implicit-grant.min.js:85
startup @ VM36 implicit-grant.min.js:90
async function (async)
startup @ VM36 implicit-grant.min.js:90
configure @ VM36 implicit-grant.min.js:121
(anonymous) @ VM35 :24
Hello,
I am a student developer at the college of mathematical and physical sciences. We are currently developing a web app for our upcoming student research conference using React and Redux. We access the CAS to let users login using their net id. We've noticed some odd behavior with logging in. Using the byu-user-info-oauth sign in button, we click on that link and get redirected to the login page for CAS. After entering in credentials and submitting and validating the duo request, we get redirected back to the website but the callback throws an error. It is only until we click sign again that we are authenticated as a user. We have checked our backend code and we pretty sure that it is not our React or Redux setup.
Way to replicate:
#1 Import the module in a react component
#2 Initialize the authentication observer
#3 Make a request using the byu-user-info-oauth button
Here are the error logs for the first sign in click, after entering in my credentials and being redirected back to our site.
Here is the console output of the second click of the byu-user-info-oauth link. The page refreshes immediately and gives us our authenticated user token without asking us again to sign in
I can attach some sample code if needed.
Regards,
CPMS.
The documentations says this about logout:
// Similarly, for logout:
logout().then(({state, token, user, error}) => {
// If we don't have to redirect the browser to log the user in, you can respond to the completed
// login here
});
What is the point of chaining the logout promise with .then() is it just for clean up?
I am looking for a way to prevent redirect on logout, but it seems like the oauth setup always redirects on logout.
Do you have any solutions to this?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.