AuthSdkError: Unable to parse a token from the url


#1

During using Okta, I encountered the following error:

AuthSdkError: Unable to parse a token from the url

The implicit redirect url is:

http://ip_address_:8080/implicit/callback#id_token=eyJraWQiOiI5ZEh0MkxvLWJZakl5eFhhYkFVTjc1WUhTdFNwdzVZQWtRakZmSDQyazlvIiwiYWxnIjoiUlMyNTYifQ.eyJzdWIiOiIwMHVkNnoxdnBvZlBaeERoRTBoNyIsIm5hbWUiOiJNaWNoYWVsIFdlaSIsImVtYWlsIjoibWljaGFlbGRvdWRvdUBob3RtYWlsLmNvbSIsInZlciI6MSwiaXNzIjoiaHR0cHM6Ly9kZXYtOTM4NzYwLm9rdGFwcmV2aWV3LmNvbS9vYXV0aDIvZGVmYXVsdCIsImF1ZCI6IjBvYWQ2eW51MnM4TjJZTXVsMGg3IiwiaWF0IjoxNTE1MzAyMTM1LCJleHAiOjE1MTUzMDU3MzUsImp0aSI6IklELjUzSTZZSk5WdG4xYl9zLWRPaWUyT0JWa3lYdlMtNndDRTFDR2o0S0RPc2siLCJhbXIiOlsicHdkIl0sImlkcCI6IjAwb2Q2ejF2bjBTcmZNcDAzMGg3Iiwibm9uY2UiOiJrYm96V2FlVkJyNEFCekYxRkZMamxvOHBmcHFxdkFTT0p1VFBaSVNkVWlUdXZqQ3VHNkd2YkJ1ZE1YeE40Skc5IiwicHJlZmVycmVkX3VzZXJuYW1lIjoibWljaGFlbGRvdWRvdUBob3RtYWlsLmNvbSIsImF1dGhfdGltZSI6MTUxNTI5NzE4NywiYXRfaGFzaCI6InUxNkstVDFiNlFnY0tTZzhDcVlkVFEifQ.bwmOANLUZO0YAK6AZ_1A4dr8H7Nybb1CJrlmPQ9YApbu7JNrJowJzUmZGzXWg7yMIdg8_Av97B6OglbRqDvfB04W6X1Le3NQNpCFIHqcBjY6zAELHE7-0jHyV2EVXiVgNTGRteIwF-kYxAIbn9PA4UvwYsxPCQw7PT_CzRCJMQY_UMC6Nq6AGGqx53mm8g2tTTCOjYJb-kBaCpMoRHqp5c1ofzaJTBG1PQ5lIF_6mpJlIsadlGFi1wWhuHG2lBoTUQ79DtYWRiBgmO2-RYELNpLrsF6_-dmAAUtAVZBE_riBDquWJkq84iKsKvT2A2f_-M8JQzN4IoUhj7mYN1-3xQ
 &access_token=eyJraWQiOiI5ZEh0MkxvLWJZakl5eFhhYkFVTjc1WUhTdFNwdzVZQWtRakZmSDQyazlvIiwiYWxnIjoiUlMyNTYifQ.eyJ2ZXIiOjEsImp0aSI6IkFULmtDb043ZEQ2eG9ERTRPRjdFOGxxX3ZyUDM1QlVTMnlSVm82ZXd4RWI2cTQiLCJpc3MiOiJodHRwczovL2Rldi05Mzg3NjAub2t0YXByZXZpZXcuY29tL29hdXRoMi9kZWZhdWx0IiwiYXVkIjoiYXBpOi8vZGVmYXVsdCIsImlhdCI6MTUxNTMwMjEzNSwiZXhwIjoxNTE1MzA1NzM1LCJjaWQiOiIwb2FkNnludTJzOE4yWU11bDBoNyIsInVpZCI6IjAwdWQ2ejF2cG9mUFp4RGhFMGg3Iiwic2NwIjpbIm9wZW5pZCIsImVtYWlsIiwicHJvZmlsZSJdLCJzdWIiOiJtaWNoYWVsZG91ZG91QGhvdG1haWwuY29tIn0.RkjhnzMsg1QbprftcKvTR_Npn7M6SrP3rf1ge2wC2Z4hanKO9I-DgXQBRQYT8HRkFn0Gt5hgxwLjUcIYgZFjBnvNeoF6DzkkU_9dqPdokNjwclqClt6KiY5KSlnQxL6BFyQ6iyy9CLXgkVUGiSks6Q9hateVkg2n8kRllae5LpaPQWPXtk1NOt92dk-n2am9XeznM7tu5IfhL7XR79Z8IT9YPTRq5Y5c-3FGhkMhj-pktLLDO4d6mz6J2JZZcQNy-6mLZzeFAzqIB6fMD9ZHjckOrihKkcGs8Fcnc_fCClugYk9pV2aUM9GcMbEc-_nPUF4AtgzRHKPkFP_UfgPFlQ
 &token_type=Bearer
 &expires_in=3600
 &scope=openid+email+profile
 &state=AXpspFnZZM4ywfK7kKIfseHzpsilbdiqLwZh9GKTDBBjkobuyDrozulg2xXCGze7

The same code works fine on my localhost, but when I moved the code to Google Cloud, the browser generates the above error.

I have checked everything, including adding my ip_addr in the “application” configuration of Okta. What could be the cause of it?


#2

That is odd. Are there any other errors in the browser console or network inspector?

Can you post your code that calls the widget or Auth.js? What does that configuration look like?


#3

I was away for something else, just came back to this problem.

Several things to update:
(1) I checked okta website, the login was successful. That means that okta successfully received and parsed the token; but the web page shows: “AuthSdkError: Unable to parse a token form the url”.
(2) The same code works perfectly on my laptop with localhost as ip address. However, it doesn’t work on Google cloud where I use a company address.

Here is the code:
const config = {
issuer: ‘https://dev-938760.oktapreview.com/oauth2/default’,
redirect_uri: ‘http://’ + host_name + host_port + ‘/implicit/callback’,
client_id: auth_client_id
}

class Login extends Component {
render() {

console.log("login...")
return (
  <Router>
    <Security issuer={config.issuer}
              client_id={config.client_id}
              redirect_uri={config.redirect_uri}
    >
      <Route path='/' exact={true} component={Home}/>
      <Route path='/implicit/callback' component={ImplicitCallback}/>
    </Security>
  </Router>
);

}
}


#4

Never mind, I think I found problem.

After I changed from host name to ip address, it suddenly worked.


#5

That is really interesting… I don’t know how the hostname would cause the parser to break. Is there anything you would consider special about the hostname?


#6

Nope, there is nothing special about the hostname.