You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
{{ message }}
This repository has been archived by the owner on Jul 26, 2022. It is now read-only.
I have been bashing my head against the APIs for a couple of days trying to use it as my auth/user system for application without using the login window. I am new to auth and Okta and it's hard to figure out all the different parts.
Then when I thought I finally put everything together correctly, I got SigningKeyNotFoundError.
My code is almost identical to the example. I don't understand what I am doing different than what's in the repo.
I also saw this other issue that might be related #46 — just don't know how my situation is similar or different.
Check out my implementation
functiongetAccessToken({ code }){consturl=`https://dev-{code}.oktapreview.com/oauth2/v1/token?grant_type=authorization_code&code=${code}&redirect_uri=${redirectUri}`;constbase64ClientIdSecret=Buffer.from(`${clientId}:${clientSecret}`,).toString('base64');returnaxios({method: 'post',headers: {Authorization: `Basic ${base64ClientIdSecret}`,'Content-Type': 'application/x-www-form-urlencoded',},
url,});}// https://github.com/okta/okta-oidc-js/blob/master/packages/jwt-verifier/test/util.jsrouter.post('/login',(req,res)=>{console.log('login');login(req).then(response=>{getAuthCode({sessionToken: response.data.sessionToken}).then(authResponse=>{constresponseUrl=authResponse.request.res.responseUrl// eslint-disable-lineconstmatch=responseUrl.match(/access_token=([^&]+)/);constaccessToken=match&&match[1];console.log('responseUrl',responseUrl);console.log('accessToken',accessToken);oktaJwtVerifier.verifyAccessToken(accessToken).then(jwt=>{res.status(200).send({status: 'success', jwt });}).catch(err=>{console.log(err);res.status(401).send({status: 'failure',message: 'Unable to verify',});});}).catch(error=>{if(error.response){// The request was made and the server responded with a status code// that falls out of the range of 2xxconsole.log(error.response.data);console.log(error.response.status);console.log(error.response.headers);}elseif(error.request){// The request was made but no response was received// `error.request` is an instance of XMLHttpRequest in the browser and an instance of// http.ClientRequest in node.jsconsole.log(error.request);}else{// Something happened in setting up the request that triggered an Errorconsole.log('Error',error.message);}console.log(error.config);console.log('Error',error.message);});})// eslint-disable-next-line.catch(error=>{console.log(error.message);res.status(500).send({message: 'Server Error',});});});
I am new to Auth and all these things, I was hoping it be a little easier, most of the examples use the Okta login widget — I need a custom login.
The text was updated successfully, but these errors were encountered:
Hi @jeroenransijn. Looking at the code above, I see you're using oauth2/v1/token which is the org-level authorization server (AS). That is meant for logging into the Okta org itself. For your own application you'll need to create a custom AS. New orgs get a default custom AS with the URL oauth2/default/v1/token. This what we're talking about in #46. For both token creation and validation you'll want to use a custom AS. Hope this helps!
I have been bashing my head against the APIs for a couple of days trying to use it as my auth/user system for application without using the login window. I am new to auth and Okta and it's hard to figure out all the different parts.
Then when I thought I finally put everything together correctly, I got
SigningKeyNotFoundError
.My code is almost identical to the example. I don't understand what I am doing different than what's in the repo.
I also saw this other issue that might be related #46 — just don't know how my situation is similar or different.
Check out my implementation
I am new to Auth and all these things, I was hoping it be a little easier, most of the examples use the Okta login widget — I need a custom login.
The text was updated successfully, but these errors were encountered: