Angular + Okta problem Sign-in on AWS

Questions OAuth/OIDC
1

Dear Okta, I can see a lot of unresolved questions on the internet, and also on the Okta forum, about the problem Sing-in Okta on AWS.

  • I created application backend SpringBoot and frontend Angular. Everything is working well when aplication is in local.
  • When I deployed application on the AWS, Okta Sign-in does not work. I must emphasize that I configured correct Applicaiton on Okta. On the xxxx://dev-xxxxxxxx-admin.okta.com/ setting the Sign-in redirect URIs and Sign-out redirect URIs from the AWS, URI from the deployed Angular application. Now, on the AWS, When I try to Sign-in, I can see next response:
    `{expiresAt: “2022-05-27T10:23:03.000Z”, status: “SUCCESS”,…}
    expiresAt: “2022-05-27T10:23:03.000Z”
    sessionToken: “XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX”
    status: “SUCCESS”
    _embedded: {user: {id: “XXXXXXXXXXXXXXXXXXX”, passwordChanged: “2022-04-03T11:17:33.000Z”,…}}
    user: {id: “XXXXXXXXXXXXXXXXXXX”, passwordChanged: “2022-04-03T11:17:33.000Z”,…}
    id: “XXXXXXXXXXXXXXXXXXX”
    passwordChanged: “2022-04-03T11:17:33.000Z”
    profile: {login: “xxxxxx@gmail.com”, firstName: “XXXXXX”, lastName: “XXXXXX”, locale: “en_US”,…}
    firstName: “XXXXXX”
    lastName: “XXXXXXX”
    locale: “en_US”
    login: “xxxxxx@gmail.com
    timeZone: “America/Los_Angeles”
    _links: {cancel: {href: “xxxx://dev-XXXXXXXX.okta.com/api/v1/authn/cancel”, hints: {allow: [“POST”]}}}
    cancel: {href: “xxxx://dev-XXXXXXXX.okta.com/api/v1/authn/cancel”, hints: {allow: [“POST”]}}
    hints: {allow: [“POST”]}
    allow: [“POST”]
    0: “POST”
    href: “xxxx://dev-XXXXXXXX.okta.com/api/v1/authn/cancel”``
    type or paste code here

- When I click on the xxxx://dev-XXXXXXXX.okta.com/api/v1/authn/cancel , I can see:
'{
"errorCode": "E0000022",
"errorSummary": "The endpoint does not support the provided HTTP method",
"errorLink": "E0000022",
"errorId": "XXXXXXXXXXXXXXXX",
"errorCauses": []
}'

Please Okta, could you give the answer? What is a problem? Is the problem on the Okta, or on the AWS? Please, give us the solution describing what to change on Okta or/and on the AWS? This problem is mandatory, because a lot of people has the same problem when use Okta on AWS?
I am sure that we together can solve the problem and help all other people to deplo aplciation with Okta on the AWS!
Thanks!
2

Tis picture describe situation after Sing-In. All the time spinner is working, but it is not logged in the application:

Response-SignIn
Response-SignIn1797×510 118 KB

3

In Okta Reports → System Log , I can see only:

Response-SignIn-02
Response-SignIn-021259×139 15.3 KB

However, it is expected to see these logs:

Expected-Response-SignIn-02
Expected-Response-SignIn-02543×767 68.3 KB

Please, Okta, could you tell me why do I not see expected System log in the Reports? Maybe that is key for the solution?

4

Analyzing the log, I can see, when I try to Sign-In, I pass the next phases:

  • User login to Okta
  • Evaluation of sign-on policy
  • Verify user identyty
    After these steps, all the time is shown spinner, and application is blocked.

However, It is expected to pass next phases:

  • User login to Okta
  • Evaluation of sign-on policy
  • Verify user identity
  • OAuth2 authorization code request
  • OAuth2 id token is granted
  • User single sign on to app
  • OAuth2 access token is granted
  • OAuth2 authorization code request
  • OAuth2 id token is granted
  • User single sign on to app
  • OAuth2 access token is granted

Please Okta, could you give me suggestion why it is stopped after the step Verify user identity, and not continued with the other next steps? Is that problem on Okta or on the AWS ?

5

I can see that a lot of topics are that Okta work in local but it is not working on the production (like these:
No okta-token-storage nor okta-original-uri-storage when user is signed in)? Please, could you tell me, does Okta wok on AWS or not? Could you try that? Maybe, the problem is on the Okta? If not, could you tell me what I need to setup additionally? In all questions on the forum you did not give a solution for the problem sign-in?

6

Reading the documentaion I found next on the link:

/cancel .cancel() .cancel() Cancel the current transaction during factor verification/enrollment (revokes the state token)

7

Dear Okta,
Could somebody tell me why is happened:

Cancels the current transaction and revokes the state token ?

8

Hello,
the cancel link support the POST method, clicking on the link will send a GET which is not supported.

9

Hello,
I assume when testing on localhost you are using http (non SSL) which is fine, the Okta SDK allows this for localhost and 127.0.0.1

If you try to deploy it to a host however you will need to use SSL (https) otherwise the Widget will just clock even though a valid response is returned for the /authn call.

10

Dear Erik,

Thanks for your reply and your suggestion. I Created https version on the EC2 on the AWS. However, now I have similar situation. It is shown in the picture bellow:

Response-SignIn-03
Response-SignIn-031764×557 76.4 KB

Please, could you give me a suggestion what can be a problem? I setup everything? For me is really important to setup application in cloud? Please, give me suggestion how can I solve current problem. Thanks Okta!

11

Dear Erik and Okta,

I researched, and maybe the solution is there:

However, I did not have success to improve and solve the problem. Please, could you help me with the suggestions?

Thanks Okta!

12

Dear Erik and Okta,

Finally I had success:
1. I created application to use https (on AWS, your application will not work with http)
2. Setup you application on AWS using EC2
3. I recreated Application on Okta from the scratch.

Now, I can tell that Okta work on the AWS!

13

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.