I currently use Active Directory (using the middleware activedirectory2
) with passport to allow users to login. We are slowly moving everything in our company over to OKTA SSO; in the meantime I will have to allow for login with both OKTA and Active Directory (for now let’s just get OKTA to work). I have the example apps working on our OKTA dev environment (so I know the App Settings are correct) and am trying to integrate it to my application, but am running into a problem.
After initializing OKTA, I get the custom login screen but after I enter the UN/ PW I get the following Error message:
Cannot POST /login
Here is my code
var express = require('express');
var app = express();
const asyncConfig = require('config/async').asyncConfig;
const getSecret = require('../lib/secretManager');
var session = require('express-session');
app.use(session({
secret: asyncConfig(getSecret('session-secret')),
proxy: true,
resave: true,
saveUninitialized: true
}));
const { ExpressOIDC } = require('@okta/oidc-middleware');
const oktaConfig = require('./config/okta.env');
const oidc = new ExpressOIDC({
issuer: oktaConfig.ISSUER,
client_id: oktaConfig.CLIENT_ID,
client_secret: oktaConfig.CLIENT_SECRET,
appBaseUrl: oktaConfig.APP_BASE_URL,
scope: oktaConfig.SCOPE,
routes: {
login: {
path: '/oktaLogin',
viewHandler: (req, res, next) => {
const fullURL = new URL(oktaConfig.ISSUER);
const baseUrl = fullURL.protocol + '//' + fullURL.host;
var token = req.csrfToken();
res.cookie('XSRF-TOKEN', token);
res.locals.csrfToken = token;
console.dir('View Handler')
res.render(path.join(__dirname, './subapps/login/views/oktaLogin'), {
req: req,
csrfToken: token,
baseUrl: baseUrl
});
}
},
callback: {
path: '/authorization-code/callback',
handler: (req, res, next) => {
console.dir('Success callback')
},
defaultRedirect: '/'
}
}
});
app.use(oidc.router);
function addUserContext(req, res, next) {
if (!req.userContext) {
return next();
}
req.locals.user.name = req.userContext.userinfo.name;
req.locals.user.groups = req.userContext.userinfo.groups;
next();
}
app.use(addUserContext);
require('./routes/public')(app, oidc.router);
require('./routes/private')(app); // <- I will ensure authenticated here
module.exports = {app, oidc};
Then in my routes/public
I have the following:
var loginRouter = require('../subapps/login/routes/index');
var healthcheckRouter = require('../subapps/healthcheck/routes/healthcheck');
module.exports = function(app, oidcRouter){
app.get('/', (req, res, next) => {
console.dir('public')
if (req.userContext) {
next()
} else {
res.redirect('/OGLogin');
}
});
app.use('/login', oidcRouter);
app.use('/authorization-code/callback', (req, res, next) => {
console.dir('Public callback')
})
app.use('/OGLogin', loginRouter);
app.use('/healthcheck', healthcheckRouter);
};
Even though I tried in both place (and each separately) I cannot get the POST to /login
to work.