Okta JWT tokens not supported for offline authorizer

dherault / serverless-offline

Emulate AWS λ and API Gateway locally when developing your Serverless project

MIT License

5.16k stars 794 forks source link

Okta JWT tokens not supported for offline authorizer #1789

Closed ktwbc closed 1 month ago

ktwbc commented 1 month ago

Feature Request

I will have a PR for this request. The JWT Okta tokens use "scp" instead of "scopes" which is an array already on the JWT token. Since the offline authorizer was written around cognito, differences are making an Okta Dev JWT token not work. The fix was just a matter of detecting if scp already exists and then using it in favor of scopes parsing.

Sample Code

        const { aud, iss, scope, scp, client_id: clientId } = claims

       scopes = scp || scope.split(" ")

ktwbc commented 1 month ago

https://github.com/dherault/serverless-offline/pull/1790