Module not found: Can't resolve 'fs' with Next.js

[carolina-cascade]

Hi, I am trying to use okta-sdk in an app running on Next.js. However, I am having trouble initializing the client:

const okta = require('@okta/okta-sdk-nodejs');

produces

[ error ] ./node_modules/@okta/okta-sdk-nodejs/src/config-loader.js
Module not found: Can't resolve 'fs' in '/Users/home/app/node_modules/@okta/okta-sdk-nodejs/src'

Issues about fs Next's repo (for example 7755, 9866) suggest adding:

module.exports = {
  webpack: (config, { isServer }) => {
    // Fixes npm packages that depend on `fs` module
    if (!isServer) {
      config.node = {
        fs: 'empty'
      }
    }

    return config
  }
}

as the files read with fs will only be available on server side, not during client rendering.

This solution fails because of the calls:

  applyDefaults() {
    const localYamlPath = path.join(process.cwd(), 'okta.yaml');
    const globalYamlPath = path.join(os.homedir(), '.okta', 'okta.yaml');
    if (fs.existsSync(globalYamlPath)) {
      this.applyYamlFile(globalYamlPath);
    }
    if (fs.existsSync(localYamlPath)) {
      this.applyYamlFile(localYamlPath);
    }
    this.applyEnvVars();
  }

According to the docs, when creating a new client, a file okta.yaml is searched in local directories before searching for environment variables or properties directly passed to the constructor. Is there a way to bypass the searching for files?

Thank you!

[bretterer]

@carolina-cascade we currently do not support any client side usage of the Nodejs SDK. The use of our SSWS token inside of the SDK would mean that having this used on client side could potentially leak the private token opening you up to security risk and vulnerability.

Depending on what you are looking to do with your system, we can suggest using our auth-js package to handle any authentication you need.

If you have any specifics on your needs, please let us know and we can lead you in the right direction.

[carolina-cascade]

Thank you for your reply! Our app is not very complex at this time. We are running a React app over Next.js, deployed with Netlify. We are in the early stages of implementing our User system, and for the time being we aim to provide signup, login, logout, change password, forgot password for our internal users.

We don't use the Okta signin widget, but our own React forms. We used auth-js for all cases we could: login, logout and forgot password work. However, signup is not possible with auth-js (it's not listed in the API reference), and during the implementation of the signup form we came across okta-sdk-nodejs. If there is another way we would be very glad to hear about it.

[swiftone]

Hey @carolina-cascade - You didn't say WHY you don't use the sign-in widget, which would be the first go-to. I suggest you contact our support team at developers@okta.com and describe your case in detail with them and they can steer you into what products would best satisfy your needs.

As an alternative, you can examine the API calls documented at developers.okta.com to see which serve your needs. It wouldn't provide the convenience of some our SDK wrappers, but it may provide the customization you require.

You can examine the API calls the sign-in widget makes in the repo (benefits of being open source!) here: https://github.com/okta/okta-signin-widget/blob/master/src/RegistrationController.js

We are already reviewing any gaps in what auth-js provides, so details like this are helpful.

Hope that helps!

[swiftone]

We're closing this ticket as the core request appears to either be "add signup/registration options to okta-auth-js" or "add client capability to okta-sdk-nodejs", and neither of those are on our current roadmap. Anyone running into obstacles are encouraged to contact our support team at developers@okta.com with their use-cases.