byuweb / byu-browser-oauth-implicit Goto Github PK
View Code? Open in Web Editor NEWOAuth Implicit Grant provider for byu-browser-oauth
License: Apache License 2.0
byu-browser-oauth-implicit's People
Contributors
Stargazers
Watchers
byu-browser-oauth-implicit's Issues
Unhandled Rejection (TypeError): Cannot use 'in' operator to search for 'clientId' in undefined
Your team may be aware of it, but I am posting it just in case.
Everything worked just fine a few hours ago. I suddenly received the error message.
Is there something I need to do in order to fix the error? Or will you fix it?
Unhandled Rejection (TypeError): Cannot use 'in' operator to search for 'clientId' in undefined
resolveConfig
../src/implicit-grant.js:55:6
52 | }
53 |
54 | function resolveConfig(rules, location) {
> 55 | if ('clientId' in rules) {
| ^ 56 | return rules;
57 | }
58 |
Module.configure
../src/implicit-grant.js:36:14
33 | * @param location
34 | */
35 | export async function configure(cfgOrRules, location = window.location) {
> 36 | const cfg = resolveConfig(cfgOrRules, location);
| ^ 37 | const globalConfig = window[GLOBAL_CONFIG_KEY];
38 |
39 | const config = Object.assign({
Thank you.
Bearer Token being written to console
Not sure if this is really a security hole, but it feels like it may not be the best idea: the bearer token, byuID of the owner of the app, and other user info is being printed to the console:
HTTP Status 500 – Internal Server Error. How can I deal with this error?
For some reasons, I started to receive this error message about 20 or 30 minutes ago.
Right now, if I access BYU CAS on an incognito mode, I have no problem with CAS. But I can't access CAS without an incognito mode. I tried to clear browser cache, wait for a bit and try logging in again, and tried to log in on a sub url. However, nothing has been worked.
My guess is that I have to wait for an hour or so to resolve this issue.
But after my web app launches, users shouldn't experience the same issue and wait for a long time to resolve it. How can I deal with the Internal Server Error in the future?
Type: Exception Report
Message: Ticket [09f7fc4f1a33090c96e9fa4a8dc31e4d301bfa86f2e2494b1cfedf6eebc40b5b137919382b4bc788aa406b8163d32e734cf81f30a3a93d3f9979e72708629db7 is of type class org.apereo.cas.ticket.registry.EncodedTicket when we were expecting interface org.apereo.cas.ticket.TicketGrantingTicket
Description: The server encountered an unexpected condition that prevented it from fulfilling the request.
Exception:
java.lang.ClassCastException: Ticket [09f7fc4f1a33090c96e9fa4a8dc31e4d301bfa86f2e2494b1cfedf6eebc40b5b137919382b4bc788aa406b8163d32e734cf81f30a3a93d3f9979e72708629db7 is of type class org.apereo.cas.ticket.registry.EncodedTicket when we were expecting interface org.apereo.cas.ticket.TicketGrantingTicket
org.apereo.cas.ticket.registry.AbstractTicketRegistry.getTicket(AbstractTicketRegistry.java:60)
org.apereo.cas.ticket.registry.DefaultTicketRegistrySupport.getAuthenticationFrom(DefaultTicketRegistrySupport.java:28)
org.apereo.cas.ticket.registry.DefaultTicketRegistrySupport.getAuthenticatedPrincipalFrom(DefaultTicketRegistrySupport.java:34)
org.apereo.cas.ticket.registry.DefaultTicketRegistrySupport$$FastClassBySpringCGLIB$$885171cb.invoke(<generated>)
org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:736)
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
org.springframework.transaction.interceptor.TransactionInterceptor$1.proceedWithInvocation(TransactionInterceptor.java:99)
org.springframework.transaction.interceptor.TransactionAspectSupport.invokeWithinTransaction(TransactionAspectSupport.java:283)
org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:96)
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:671)
org.apereo.cas.ticket.registry.DefaultTicketRegistrySupport$$EnhancerBySpringCGLIB$$d4786c8c.getAuthenticatedPrincipalFrom(<generated>)
org.apereo.cas.logging.web.ThreadContextMDCServletFilter.doFilter(ThreadContextMDCServletFilter.java:86)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:101)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:101)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:101)
org.springframework.boot.web.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:123)
org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:66)
org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:64)
org.springframework.boot.web.support.ErrorPageFilter.forwardToErrorPage(ErrorPageFilter.java:197)
org.springframework.boot.web.support.ErrorPageFilter.handleException(ErrorPageFilter.java:180)
org.springframework.boot.web.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:145)
org.springframework.boot.web.support.ErrorPageFilter.access$000(ErrorPageFilter.java:66)
org.springframework.boot.web.support.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:105)
org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
org.springframework.boot.web.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:123)
org.apereo.inspektr.common.web.ClientInfoThreadLocalFilter.doFilter(ClientInfoThreadLocalFilter.java:66)
org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71)
Note: The full stack trace of the root cause is available in the server logs.
Double login
Using this sample code, I get 2 console log statements. This happens on every login
import { AuthenticationObserver, login } from '@byuweb/browser-oauth';
const observer = new AuthenticationObserver(({state, token, user, error}) => {
// React to the change in state
if (error) {
// React to authentication error
} else if (token && user) {
console.log(token);
// User is logged-in - start loading data or taking other actions
} else {
}
});
You may not be subscribed to the OpenID UserInfo endpoint error
Okay. I completely broke it. I tried creating a new endpoint for our production server and now it won't work at all. I've replaced code, cleared my cache, tried on different browsers. Nada.
Code to Accurately Reproduce:
Error logging out
I am using React.js and using the code that you have provided.
I get an error saying that the observer is uninitialized on logout. It only occurs when I login, refresh the page, and logout
Normally logins/logouts work when I do not refresh the page
STEPS TO REPRODUCE:
- Login
- Refresh page
- Logout
export default function App() {
const dispatch = useDispatch();
const clearData = useSelector(state => state.global.clearData);
let authorizing = false;
let observer = null;
function loginUser() {
login();
}
function logoutUser() {
dispatch(flagAuthForClear());
logout();
}
useEffect(() => {
function loadData() {
const promises = [
axios.get("/api/year").then((res) => dispatch(setYears(res.data))),
axios
.get("/api/department")
.then((res) => dispatch(setDepartments(res.data))),
axios.get("/api/rule").then((res) => dispatch(setRules(res.data))),
axios.get("/api/right").then((res) => dispatch(setRights(res.data))),
];
Promise.all(promises).then(dispatch(appLoading(false)));
}
function authorizeUser(data) {
//We use the authorizing variable to prevent double login
//because the AuthenticationObserver returns the result twice
if (authorizing) return;
authorizing = true;
axios.post("/api/authorize", data).then((res) => {
dispatch(setRequestToken(res.data.bearerToken));
dispatch(setUser(res.data.user));
authorizing = false;
});
}
if (clearData)
dispatch(clearAuthData());
loadData();
observer = new AuthenticationObserver(({ state, token, user, error }) => {
if (error) {
console.log(error);
} else if (token && user) {
dispatch(setDisplayName(user.name.displayName));
authorizeUser({ byuBearerToken: token.bearer });
console.log(token);
console.log(user);
} else {
}
});
}, []);
return (
<Router>
<Header loginUser={loginUser} logoutUser={logoutUser} />
<PageManager />
<Footer />
</Router>
);
}
Some cookies are misusing the recommended “sameSite“ attribute
I'm seeing this error in the console coming from this file:
https://cdn.byu.edu/browser-oauth-implicit/node_modules/local-storage-fallback/lib/CookieStorage.js
Cookie “lS_oauth-state-nC1dAH5H_0AtHJBK99ZUKmZokXga” will be soon rejected because it has the “sameSite” attribute set to “none” or an invalid value, without the “secure” attribute. To know more about the “sameSite“ attribute, read https://developer.mozilla.org/docs/Web/HTTP/Cookies
Though the error originate from the local-storage-fallback module, I'm guessing it's because we aren't using it correctly... I could be wrong.
NPM Package Error
I had to change the main attribute to byu-browser-oauthm.js because this script contains the m version. I was getting an import error because it had byu-browser-oauth.js
ReferenceError: cancelTimeout is not defined
When I log out and immediately log into my dev web app, I got this error.
ReferenceError: cancelTimeout is not defined
ImplicitGrantProvider._scheduleExpirationCheck
../src/provider.js:186:13
183 | }
184 |
185 | _scheduleExpirationCheck(expirationTimeInMs) {
> 186 | if (this.__expirationTask) {
187 | cancelTimeout(this.__expirationTask);
188 | }
189 | return this.__expirationTask = this._schedulePeriodic(() => {
ImplicitGrantProvider._checkExpired
../src/provider.js:152:11
149 | const maybeFunkyExpiration = expiresInMs > FIFTY_FIVE_MINUTES_MILLIS;
150 |
151 | if (!definitelyExpired && !maybeFunkyExpiration) {
> 152 | this._scheduleExpirationCheck(expirationTimeInMs);
153 | return;
154 | }
155 |
View compiled
(...omitted...)
'Sign in" button doesn't immediately trigger logging in.
I have been experiencing this issue for a few days.
One or two weeks ago, I've never experienced a similar problem.
When I hit "sign in" button, my page gets refreshed, but it takes few seconds until my site retrieves the user information from CAS.
Here is the log.
byu-theme-components.js:25 --------------- Starting byu-theme-components 1.3.6 ---------------
log.js:122 [byu-browser-oauth-implicit] [info] (16:26:29,706+0600) starting up
log.js:122 [byu-browser-oauth-implicit] [info] (16:26:29,710+0600) state change: {state: "indeterminate", user: undefined, token: undefined, error: undefined}
log.js:122 [byu-browser-oauth-implicit] [info] (16:26:29,717+0600) state change: {state: "authenticating", user: undefined, token: undefined, error: undefined}
printWarnings @ webpackHotDevClient.js:120
handleWarnings @ webpackHotDevClient.js:125
push../node_modules/react-dev-utils/webpackHotDevClient.js.connection.onmessage @ webpackHotDevClient.js:190
push../node_modules/sockjs-client/lib/event/eventtarget.js.EventTarget.dispatchEvent @ eventtarget.js:56
(anonymous) @ main.js:282
push../node_modules/sockjs-client/lib/main.js.SockJS._transportMessage @ main.js:280
push../node_modules/sockjs-client/lib/event/emitter.js.EventEmitter.emit @ emitter.js:53
WebSocketTransport.ws.onmessage @ websocket.js:36
printWarnings @ webpackHotDevClient.js:120
handleWarnings @ webpackHotDevClient.js:125
push../node_modules/react-dev-utils/webpackHotDevClient.js.connection.onmessage @ webpackHotDevClient.js:190
push../node_modules/sockjs-client/lib/event/eventtarget.js.EventTarget.dispatchEvent @ eventtarget.js:56
(anonymous) @ main.js:282
push../node_modules/sockjs-client/lib/main.js.SockJS._transportMessage @ main.js:280
push../node_modules/sockjs-client/lib/event/emitter.js.EventEmitter.emit @ emitter.js:53
WebSocketTransport.ws.onmessage @ websocket.js:36
printWarnings @ webpackHotDevClient.js:120
handleWarnings @ webpackHotDevClient.js:125
push../node_modules/react-dev-utils/webpackHotDevClient.js.connection.onmessage @ webpackHotDevClient.js:190
push../node_modules/sockjs-client/lib/event/eventtarget.js.EventTarget.dispatchEvent @ eventtarget.js:56
(anonymous) @ main.js:282
push../node_modules/sockjs-client/lib/main.js.SockJS._transportMessage @ main.js:280
push../node_modules/sockjs-client/lib/event/emitter.js.EventEmitter.emit @ emitter.js:53
WebSocketTransport.ws.onmessage @ websocket.js:36
printWarnings @ webpackHotDevClient.js:120
handleWarnings @ webpackHotDevClient.js:125
push../node_modules/react-dev-utils/webpackHotDevClient.js.connection.onmessage @ webpackHotDevClient.js:190
push../node_modules/sockjs-client/lib/event/eventtarget.js.EventTarget.dispatchEvent @ eventtarget.js:56
(anonymous) @ main.js:282
push../node_modules/sockjs-client/lib/main.js.SockJS._transportMessage @ main.js:280
push../node_modules/sockjs-client/lib/event/emitter.js.EventEmitter.emit @ emitter.js:53
WebSocketTransport.ws.onmessage @ websocket.js:36
printWarnings @ webpackHotDevClient.js:120
handleWarnings @ webpackHotDevClient.js:125
push../node_modules/react-dev-utils/webpackHotDevClient.js.connection.onmessage @ webpackHotDevClient.js:190
push../node_modules/sockjs-client/lib/event/eventtarget.js.EventTarget.dispatchEvent @ eventtarget.js:56
(anonymous) @ main.js:282
push../node_modules/sockjs-client/lib/main.js.SockJS._transportMessage @ main.js:280
push../node_modules/sockjs-client/lib/event/emitter.js.EventEmitter.emit @ emitter.js:53
WebSocketTransport.ws.onmessage @ websocket.js:36
printWarnings @ webpackHotDevClient.js:116
handleWarnings @ webpackHotDevClient.js:125
push../node_modules/react-dev-utils/webpackHotDevClient.js.connection.onmessage @ webpackHotDevClient.js:190
push../node_modules/sockjs-client/lib/event/eventtarget.js.EventTarget.dispatchEvent @ eventtarget.js:56
(anonymous) @ main.js:282
push../node_modules/sockjs-client/lib/main.js.SockJS._transportMessage @ main.js:280
push../node_modules/sockjs-client/lib/event/emitter.js.EventEmitter.emit @ emitter.js:53
WebSocketTransport.ws.onmessage @ websocket.js:36
log.js:122 [byu-browser-oauth-implicit] [info] (16:26:30,162+0600) state change: {state: "authenticated", user: {…}, token: {…}, error: undefined}
provider.js:685 redacting token {bearer: "2b65b1c91aab5eea0aee64cb449b4b8", authorizationHeader: "Bearer 2b65b1c91aab5eea0aee64cb449b4b8", expiresAt: Fri Sep 13 2019 17:26:29 GMT-0600 (Mountain Daylight Time), client: {…}, rawUserInfo: {…}}
provider.js:687 {bearer: "2b65b1c91aab5eea0aee64cb449b4b8", authorizationHeader: "Bearer 2b65b1c91aab5eea0aee64cb449b4b8", expiresAt: Fri Sep 13 2019 17:26:29 GMT-0600 (Mountain Daylight Time), client: {…}, rawUserInfo: {…}}
provider.js:689 Fri Sep 13 2019 17:26:29 GMT-0600 (Mountain Daylight Time)
provider.js:690 object
log.js:122 [byu-browser-oauth-implicit] [info] (16:26:30,168+0600) state change: {state: "refreshing", user: {…}, token: {…}, error: undefined}
log.js:122 [byu-browser-oauth-implicit] [info] (16:26:30,170+0600) scheduling auto-refresh
log.js:122 [byu-browser-oauth-implicit] [info] (16:26:30,170+0600) state change: {state: "unauthenticated", user: undefined, token: undefined, error: undefined}
The resource https://cdn.byu.edu/theme-fonts/latest/ringside/fonts.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
log.js:122 [byu-browser-oauth-implicit] [info] (16:26:35,172+0600) starting refresh. displayType=iframe
log.js:122 [byu-browser-oauth-implicit] [info] (16:26:35,172+0600) Starting login. mode=iframe
log.js:122 [byu-browser-oauth-implicit] [info] (16:26:35,172+0600) Setting up hidden refresh iframe at https://api.byu.edu/authorize?response_type=token&client_id=xlF__onmKqfOshE92XJOEXTY8vka&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2F&scope=openid&state=af8c076140d853ac1f757ff2
VM38 components.min.js:1 --------------- Starting byu-theme-components 1.3.6 ---------------
VM36 implicit-grant.min.js:1 [byu-browser-oauth-implicit] [info] (16:26:35,716+0600) starting up
VM36 implicit-grant.min.js:1 [byu-browser-oauth-implicit] [info] (16:26:35,716+0600) state change: {state: "indeterminate", user: undefined, token: undefined, error: undefined}
VM36 implicit-grant.min.js:1 [byu-browser-oauth-implicit] [info] (16:26:35,722+0600) state change: {state: "authenticating", user: undefined, token: undefined, error: undefined}
VM36 implicit-grant.min.js:1 [byu-browser-oauth-implicit] [info] (16:26:36,042+0600) state change: {state: "authenticated", user: {…}, token: {…}, error: undefined}
VM36 implicit-grant.min.js:1 [byu-browser-oauth-implicit] [info] (16:26:36,051+0600) removing child iframe
VM40 1.chunk.js:74707 WebSocket connection to 'ws://localhost:3000/sockjs-node/029/gbu13kqt/websocket' failed: WebSocket is closed before the connection is established.
(anonymous) @ VM40 1.chunk.js:74707
triggerUnloadCallbacks @ VM40 1.chunk.js:75132
unloadTriggered @ VM40 1.chunk.js:75144
handleStateChange @ VM36 implicit-grant.min.js:90
(anonymous) @ VM36 implicit-grant.min.js:97
_dispatchEvent @ VM36 implicit-grant.min.js:97
_changeState @ VM36 implicit-grant.min.js:85
startup @ VM36 implicit-grant.min.js:90
async function (async)
startup @ VM36 implicit-grant.min.js:90
configure @ VM36 implicit-grant.min.js:121
(anonymous) @ VM35 :24
Denied Access On First Sign In
Hello,
I am a student developer at the college of mathematical and physical sciences. We are currently developing a web app for our upcoming student research conference using React and Redux. We access the CAS to let users login using their net id. We've noticed some odd behavior with logging in. Using the byu-user-info-oauth sign in button, we click on that link and get redirected to the login page for CAS. After entering in credentials and submitting and validating the duo request, we get redirected back to the website but the callback throws an error. It is only until we click sign again that we are authenticated as a user. We have checked our backend code and we pretty sure that it is not our React or Redux setup.
Way to replicate:
#1 Import the module in a react component
#2 Initialize the authentication observer
#3 Make a request using the byu-user-info-oauth button
Here are the error logs for the first sign in click, after entering in my credentials and being redirected back to our site.
Here is the console output of the second click of the byu-user-info-oauth link. The page refreshes immediately and gives us our authenticated user token without asking us again to sign in
I can attach some sample code if needed.
Regards,
CPMS.
Looking for a way to not redirect on logout
The documentations says this about logout:
// Similarly, for logout:
logout().then(({state, token, user, error}) => {
// If we don't have to redirect the browser to log the user in, you can respond to the completed
// login here
});
What is the point of chaining the logout promise with .then() is it just for clean up?
I am looking for a way to prevent redirect on logout, but it seems like the oauth setup always redirects on logout.
Do you have any solutions to this?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.