Open jjdonov opened 2 years ago
@jjdonov Thanks for reporting the issue!
There is a PR (https://github.com/okta/okta-oidc-js/pull/978) that handles this issue. It will be merged and released soon.
@shuowu but they are separate code paths. Unless okta/okta-oidc-js#978 expands the scope of its fix, I don't think it will solve this issue.
@jjdonov Sorry, linked the wrong PR.. I just created a internal ticket for the issue.
Internal Ref: OKTA-437624
I'm submitting this issue for the package(s):
I'm submitting a:
This bug report is related to okta/okta-oidc-js#978 in that both are demonstrating issues when working with Organization Auth Servers and are caused by the same url path issue.
Current behavior
It seems like the oidc-middleware cannot work with Okta Org Auth Servers.
After entering credentials, the request results in a 404 due to bad string concatenation in
createLoginHandler
when redirecting to theauthorization_endpoint
.For Org Auth Servers, the issuer is
https://${yourOktaOrg}
(note that it doesn't include/oauth2
). Making a request tohttps://${yourOktaOrg}/.well-known/openid-configuration
yields(truncated for brevity)
However,
createLoginHandler
redirects tohttps://${yourOktaOrg}/v1/authorize
Expected behavior
That the oidc-middleware work with Okta Org Auth Servers. Perhaps it should use the
authorization_endpoint
that is returned by/.well-known/openid-configuration
rather than doing its own string concatenation.Minimal reproduction of the problem with instructions
Configure oidc middleware with issuer from organization auth server
Extra information about the use case/user story you are trying to implement
It is a simple use case, trying to integrate an app using oidc with the Organization Auth Server that came with out Okta instance.
Environment
node -v
): v12.22.1