GithubHelp home page GithubHelp logo

Comments (2)

ottokruse avatar ottokruse commented on July 1, 2024

Hi Ben,
Mmm ... strange.

The state is created like this:

      state:
        // Encode the state variable as base64 to avoid a bug in Cognito hosted UI when using multiple identity providers
        // Cognito decodes the URL, causing a malformed link due to the JSON string, and results in an empty 400 response from Cognito.
        urlSafe.stringify(
          Buffer.from(
            JSON.stringify({ nonce: state.nonce, requestedUri })
          ).toString("base64")
        ),

cloudfront-authorization-at-edge/src/lambda-edge/check-auth/index.ts

Line 119 in 7cd699a

state:

Which must mean I think that the requestedUri is super long? (Or we have a bug and a ridiculous long nonce is calculated)

Can you base64 decode the state param and have a look what is in there then?

from cloudfront-authorization-at-edge.

BenPortner avatar BenPortner commented on July 1, 2024

Dear @ottokruse,

thanks for your quick reply. I solved the problem meanwhile by creating a new CloudFront instance. I already deleted the old one, so I cannot check the state param anymore. I am certain that the nonce was fine, though. My guess is that there was a problem with the previous lambda function, which I used to enable basic HTTP authentification (based on this solution). I had removed the corresponding behavior but my guess is that it was still active somehow. Either way, it seems like the problem is not with your code :)

Sorry for the extra work. Hope this is still helpful for other people experiencing similar problems.
Keep up the great work!

Ben

from cloudfront-authorization-at-edge.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.