hectron
commented
4 years ago Any thoughts on merging this, @dandrews ?
Closed hectron closed 4 years ago
hectron
commented
4 years ago Any thoughts on merging this, @dandrews ?
dandrews
commented
4 years ago Thanks @hectron - the PR is much appreciated
Problem
I ran into the issue where I have multiple authorization servers in Okta and did not use the
defaultauthorization server.OmniAuth::Strategies::Oktahard codes theuserinfoendpoint to thedefaultauthorization server. Additionally, it tries to use the base URL authorization server to decode the JWT, as well as determine the audience (e.g.http://my-okta-url/oauth2/v1as opposed tohttp://my-okta-url/oauth2/<custom or default>/v1. The default audience isapi://default.)Proposal
Add some configuration to allow us to support more than just the
defaultauthorization server, and also remove any kind of hard-coded endpoints.