vue.js - Okta Not Redirecting due to insecure connection

问题描述

I got a request from the partner website to establish SSO with them and they provided their OKTA keys to us.

Vue.use(Auth, {
  issuer: 'https://{theirURL}.com/',
  clientId: '{theirCliendId}',
  redirectUri: 'http://localhost:8080/auth/callback',
  scope: 'openid profile email'
})


let token = {};

const handleAuth = cb => {
  webAuth.parseHash((error, authResult) => {
    if (authResult && authResult.accessToken && authResult.idToken) {
      token.accessToken = authResult.accessToken;
      token.idToken = authResult.idToken;
      token.expiry = new Date().getTime() + authResult.expiresIn * 100000000;
      cb();
    } else {
      console.log(error);
    }
  });
};

const isLogged = () => {
  console.log("heyt", token)
  return token.accessToken && new Date().getTime() < token.expiry;
};

const login = () => {
  webAuth.authorize();
};

const logUserOut = () => {
  token = {};
};

above is the code I used for setting up and I was able to get to their Login page from my website and I was able to signin.

However, when it was redirecting to my side (LOCALHOST), it gave me an error as below

This site can’t provide a secure connection

What am I doing wrong? Is it impossible to test in on localhost? They mustve been testing on localhost when they were developing.

Please let me know what to do!! Thanks in advance!

Edit:

Access to fetch at 'https://{theirURL}' from origin 'http://localhost:8080' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

This message is shown on console after it was logged in and tried to redirect back to my page.

标签： vue.jssecuritysingle-sign-onopenidokta