zeekhoo-okta / okta-django-samples Goto Github PK

@zeekhoo, @westsaharut , & @deadbeef404
I've been trying to run this sample app locally and have set up everything as directed in the README.md but I keep getting this error

Access to XMLHttpRequest at 'http://dev-6764913.okta.com/api/v1/authn' from origin 'http://localhost:8000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request. POST http://dev-6764913.okta.com/api/v1/authn net::ERR_FAILED XHR failed loading: POST "http://dev-6764913.okta.com/api/v1/authn".

Any thoughts?

I am receiving this error when trying to login. I have done everything from the Basic set-up, including adding the localhost:8000 to the trusted sources in Okta console.
I do not have a lot of experience with Django and the resources on this topic are limited. I would appreciate any feedback.

Hi,

I'm testing a couple of configurations of okta authentication. One is a development setup, the other production.

My problem is that the authorization URI wants to double of the v1 in the like
https://<org_url>/oauth2/v1/v1/authorize?client_id=<client_ID>

This is what the production URIs look like:
ISSUER: "https://<org_url>/oauth2/v1"
AUTH_URI: "https://<org_url/oauth2/v1/authorize"

If I drop the v1 on ISSUER I cannot log in at all. It claims to be a CORS Allow Missing Origin error even though the site is a valid trusted origin (and works up to the point of passing the login screen if I add the v1 back to ISSUER).

The development URIs look like this:
ISSUER: "https://<org_url>/oauth2/default"
AUTH_URI: "https://<org_url>/oauth2/default/v1/authorize"

And they seem to work just fine. However the difference is that I'm just running this as django runserver whereas the production is being run via uwsgi as HTTPS.

Is the code in some way adding that extra v1 to the issuer when building the authorization URL?

Thanks!

Hi,

Running this without any modifications and it works for Firefox. I get this error on Chrome, however:
okta_oauth2/okta_oauth2/views.py", line 86, in callback_controller cookie_state = request.COOKIES["okta-oauth-state"] KeyError: 'okta-oauth-state'

This happens in both windows and mac for me. Any thoughts why this is happening?

Thanks!

Hi,

How does the logout_controller function log out of okta? It appears to just be logging out of the django session at least as far as I can follow in the fucntion itself.
Where does it construct the openid_connect logout url? If I wanted to pass a post_logout redirect I'd need to add to the logout url.
Is there a way to tell if it logged me out of the okta session?

Thanks!

I want to add the application in OKTA dashboard as Chiclet.
In order to do so, I enabled Implicit Grant Type.
In that case, the code is giving error:

MultiValueDictKeyError
'code'

Is there any solution for it?

Very nice plugin,i use it, but i need user local database eg. i am using postgres , user table which provide by django.
how we can register new user from our django project if we use okta.

1. Integrate using Okta org
2. After login, /authorize will return
   

Identity Provider: Unknown Error Code: server_error Description: The requested feature is not enabled in this environment.

Hi,

Would it be possible to implement something like this?
I'm implementing a React front end with a Django rest framework backend and I've found little info regarding how to do this.

Thoughts?

Hey Guys!

Thanks for this great example of integrating OKTA into Django. I'm not sure if you intended for this code to be open source, but if so could you add an open source license? If not no worries but thanks for your time!

Inside Okta:
Applications > Add Application > Create New App > Web
Options are:
SWA, SAML, OpenID. Select OpenID (or any of them).
There is no Base URI field to fill out.

Hi,

Where in the code is the authorization endpoint being used? I think it's coming from the DocumentDiscovery method but I don't see authorization_endpoint being invoked.

The reason I ask is that I'm getting a 500 error after authenticating:
https://mysite.com/oidc/callback?state=Gihv7byIRJUD1iEDneM8Oi00SH1I4quwYjTOZEE7bKNyXgWlH7RzsdOqNscd4O5q&error=access_denied&error_description=Policy+evaluation+failed+for+this+request%2C+please+check+the+policy+configurations.

I don't recall this happening before but I'm exactly sure how to deal with it.
from my issuer "https://my.okta.com/oauth2/default/.well-known/openid-configuration"
the authorization_endpoint is "https://my.okta.com/oauth2/default/v1/authorize" however I'm not certain the default is necessary. (I've tried this on a flask web app authenticating oidc and I receive so no access denied errors).

Any clue what might be causing this? I'm afraid I may be chasing the wrong problem here.

Thanks!

I'm receiving error after login > callback. Since these values are not visible
cookie_state = request.COOKIES["okta-oauth-state"]
cookie_nonce = request.COOKIES["okta-oauth-nonce"]