add okta #402
add okta #402
Conversation
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@ ## dev #402 +/- ## ========================================= Coverage 100.00% 100.00% ========================================= Files 1 1 Lines 2 2 ========================================= Hits 2 2 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
| Would be nice to have the ability to customize the okta url to utilize different dev modes. |
| @rgylling - That was a super-simple config to add in. Please let me know how it works for you. 😀 |
| @metasean Awesome thanks for the quick fix. I was editing your source code to get it working locally so this will be much better! |
| Base branch conflicts have been resolved. Any chance we can get this merged? |
| Just following up on this. |
| can this get merged? |
| interesting, I'm looking for this solution.. any chance this can be merged? |
build/config.gypi Outdated
| @@ -0,0 +1,75 @@ | |||
| # Do not edit. File was generated by node-gyp's "configure" step | |||
docs/providers/okta.md Outdated
| | ||
| 2. Okta defaults to `/implicit/callback` instead of `callback`, so you _MUST_ ensure that you _EITHER_ have a corresponding callback component (i.e. `pages/implicit/callback.vue`) _OR_ that you change your Okta settings (Applications >> \<app\> >> General >> Logout redirect URIs). | ||
| | ||
| 3. These instructions use the `@nuxtjs/dotenv` module extensively. This module and approach isn't strictly necessary, but is *_highly_* recommended, particularly if you are going to be using different Okta domains or server ids across environments (e.g. for different stages of CI). |
There was a problem hiding this comment.
I think highly recommended should have a reason and IMO it is not recommended to use a .env file, especially for CI/CD, flows but recommend using environment variables. Suggest to read The Twelve-Factor App
There was a problem hiding this comment.
imo its useful for local dev it keeps you env variables isolated per project and someone can transfer their .env file for quick dev setup and it is easy to add or remove env variables.
There was a problem hiding this comment.
@noobling I would be happy to discuss more but I think is out of the scope of this PR review and even if we finally end up recommended .env file, it should be module-wise not just for a specific provider that with the implicit flow doesn't even contain a server secret.
There was a problem hiding this comment.
@pi0 I agree it is out of scope of this PR and should be removed.
From my understanding using a .env file is using environment variables. https://cli.vuejs.org/guide/mode-and-env.html#environment-variables.
Using separate .env files per environment/mode and adding them to .gitignore seems to work well foor CI/CD. I'm absolutely open to other methods for configuration of single-page apps. (although out of scope of this PR)
docs/providers/okta.md Outdated
| ### 1. Install dependencies | ||
| `npm install @nuxtjs/auth @nuxtjs/axios @nuxtjs/dotenv` | ||
| | ||
| <details> |
docs/providers/okta.md Outdated
| | ||
| auth: { | ||
| redirect: { | ||
| callback: process.env.REDIRECT_CALLBACK_URI, // optional |
There was a problem hiding this comment.
Maybe as a demo we can simply put defaults and comments here? + As of implicit flow, I don't see any point obscuring configuration with a dotenv file by default unless there is a deployment requirement to have different values for prod which is out of scope of this intro example or can be mentioned in footer to use either environment fallback like '/' || process.env.OKTA_REDIRECT_CALLBACK_API or node config package or dotenv
docs/providers/okta.md Outdated
| | ||
| ## 4. Initialize your vuex store | ||
| | ||
| Create an `index.js` file in your `store` directory. An empty `index.js` is perfectly acceptable for this purpose. |
There was a problem hiding this comment.
It's a part of module installement not provider. Can be simply a note about ensure having store dir :)
docs/providers/okta.md Outdated
| - Okta does *_NOT_* provide a default logout redirect, therefore it *_MUST_* be set or users will get an error on logout. This module provides a default logout redirect value of `/`. | ||
| | ||
| - `auth.strategies.okta.url` is optional and defaults to `okta.com`. | ||
| - |
lib/schemes/oauth2.js Outdated
| // Handle callbacks on page load | ||
| const redirected = await this._handleCallback() | ||
| | ||
| // TODO: determine if it is necessary to pull user info on EACH and EVERY page request? |
There was a problem hiding this comment.
Indeed it is. HTTP is stateless by nature! So for each SSR request, we need to either restore user from cookies (which implies transferring an object 2x per request) or fetching from remote.
Clarified config usage and removed doc requirements dotenv package. Also cleaned up a few comments.
| Updated PR. Tests are passing now that I merge the right dev branch as opposed to master 🤦♂ |
| Would it make more sense to wait until PKCE is implemented? The commit: #507 Is there any reason we shouldn't consider moving all default flows to PKCE where possible, once it's available? |
| any progress on this merge? |
8 participants
This pull request adds support for Okta (specifically via "implicit flow").