curityio/spa-using-token-handler

Problem encountered calling the OAuth Agent

berpcor opened this issue · 1 comments

berpcor commented

Mac OS, Docker Desktop (4.5.0 (74594)).
Everything done followed by instructions (https://github.com/curityio/spa-using-token-handler/blob/main/doc/Standard.md and video here - https://curity.io/resources/learn/token-handler-spa-example/), but..

Problem starts from here:
"Then browse to http://www.example.com/ and sign in with the following test user name and password:"

When I visit the link, I get:

image

My hosts file:

image

image

Looks like local hosts file is not working or something wrong with port 80.

I go to resources/docker-compose-standard.yml and change port to 8888:

image

Then I run ./deploy.sh again and ...

image

Any ideas?

gary-archer commented

Interesting - seems like it might be an issue where an online domain conflicts with the code example in your particular setup. You can quickly customize the deployment to get up and running. Please post back if you continue to encounter problems.

OPTION 1 (DIFFERENT PORT)

To run the SPA on port 8888, edit the detailed deployment script at resources\deploy.sh and edit this line:

if [ "$WEB_SUBDOMAIN" != "" ]; then
  WEB_DOMAIN="$WEB_SUBDOMAIN.$BASE_DOMAIN:8888"
fi

Then re-run the root level ./deploy.sh, then browse to http://www.example.com:8888 and the end-to-end solution will work.

OPTION 2 (DIFFERENT DOMAIN)

To run the SPA on your own choice of domain, such as mycompany.com, edit the base domain in the root level deployment script at deploy.sh

export BASE_DOMAIN='mycompany.com'

Then change the DNS setup accordingly:

127.0.0.1 localhost www.mycompany.com api.mycompany.com login.mycompany.com
:1        localhost

Then re-run the root level ./deploy.sh, then browse to http://www.mycompany.com and the end-to-end solution will work.

Problem encountered calling the OAuth Agent

In your case this occurred since CORS was not configured correctly for token handler components (browser development tools will show details of the CORS error). Using one of the above options will resolve this, and update the trusted web origins of the OAuth Agent and Reverse Proxy correctly.