search

mage-ai / mage-ai

🧙 Build, run, and manage data pipelines for integrating and transforming data.
https://www.mage.ai/
Apache License 2.0
7.87k stars 758 forks source link

[BUG] Okta Authentication Provider Does Not Work in All Cases #4808

Closed moseswynn closed 6 months ago

moseswynn commented 7 months ago

Mage version

0.9.67

Describe the bug

The Okta authentication provider does not work in all use cases. In Okta Preview and Trial instances, the deafult authorization server uri is /oauth2/default/v1/.... In other instances, the default authorization server uri is /oauth2/v1/.... Additionally, Okta customers have the ability to implement other custom authorization servers with different uri's.

To reproduce

  1. Configure an authorization server in Okta that does not use the default url pattern.
  2. Setup a mage instance configured with the new Okta server as the authentication provider.
  3. Attempt to login.
  4. Login will fail.

Expected behavior

Currently, mage has the oauth2/default/v1/... url pattern hardcoded into the authentication provider for Okta. Instead, using the OKTA_DOMAIN_URL provided in the settings the provider should discover the appropriate endpoints for authentication using the https://{OKTA_DOMAIN_URL}/.well-known/openid-configuration endpoint.

Screenshots

No response

Operating system

No response

Additional context

No response

moseswynn commented 7 months ago

I'd be happy to write the changes to fix this.