Okta是否使用Passport.js?
[英]Okta with Passport.js or not?
问题描述
I was looking into improving my sing-up and login workflows and I looked into Okta . 
我当时正在寻找改善我的注册和登录工作流程的机会,而我也曾研究Okta 。
At the moment we are using passport with our custom database and customs strategies and sessions remote storage. 目前,我们正在将护照与我们的自定义数据库和海关策略以及会话远程存储配合使用。 It seems like Okta can be used on its own. Okta似乎可以单独使用。 I did find some custom libraries online to use it with Passport.js . 我确实在网上找到了一些自定义库,以将其与Passport.js结合使用。 I don't see why you would tough. 我不明白你为什么要坚强。
Anyone has any experience with Okta and any opinion on why you would use it with passport ? 任何人都对Okta有任何经验,并且对为什么要与passport一起使用有任何意见吗?
Here is a passport library to work with okta: https://github.com/techstars/passport-okta-oauth-example/blob/master/config/passport.js 这是与okta一起使用的passport库: https : //github.com/techstars/passport-okta-oauth-example/blob/master/config/passport.js
Here is a "simple" way of using okta: https://developer.okta.com/quickstart/#/okta-sign-in-page/nodejs/express 这是使用okta的“简单”方法: https : //developer.okta.com/quickstart/#/okta-sign-in-page/nodejs/express
2 个解决方案
解决方案1
1 2018-05-15 02:42:01
I'm not familiar with passport.js, but I tend to agree with you, with Okta you might not need it. 我不熟悉passport.js,但是我倾向于同意您的观点,对于Okta,您可能不需要它。 Okta can handle most of the authentication, depending on how your app is developed you might need passport. Okta可以处理大部分身份验证,具体取决于您的应用开发方式,您可能需要护照。
For example, if you are developing a SPA app or something that runs in serverless environment, you could use a Bearer token from Oauth. 例如,如果您正在开发SPA应用程序或在无服务器环境中运行的程序,则可以使用Oauth的Bearer令牌。 If your app is older, you might need something to persist the session. 如果您的应用较旧,则可能需要一些东西来保持会话状态。 So, maybe that is what passport does for ya. 因此,也许这就是护照为您服务的。
Okta is about to release self service registration, which after email confirmation, or registration will create a Users Session. Okta将要发布自助服务注册,在确认电子邮件或注册后,它将创建一个用户会话。
https://support.okta.com/help/Documentation/Knowledge_Article/Okta-Self-Service-Registration-685599529 https://support.okta.com/help/Documentation/Knowledge_Article/Okta-Self-Service-Registration-685599529
Don't know if that helps. 不知道这是否有帮助。
解决方案2
1 已采纳 2018-06-27 17:23:23
The two links you shared does the same thing. 您共享的两个链接具有相同的作用。 Mainly, get id or access token. 主要是获取ID或访问令牌。
The Signin widget can establish a session and get the token via this config: 登录小部件可以通过以下配置建立会话并获取令牌:
Application Name My Web App
Base URIs http://localhost:{port}
Login redirect URIs http://localhost:{port}/authorization-code/callback
Grant Types Allowed Authorization Code
the other link you shared gets the same token via this config: 您共享的其他链接通过此配置获得相同的令牌:
passport.use(new OktaStrategy({
audience: nconf.get("OKTA_AUDIENCE"),
clientID: nconf.get("OKTA_CLIENTID"),
clientSecret: nconf.get("OKTA_CLIENTSECRET"),
idp: nconf.get("OKTA_IDP"),
scope: ['openid', 'email', 'profile'],
response_type: 'code',
callbackURL: "http://localhost:3000/auth/okta/callback"
}
so you should not need to use both of them. 因此您无需同时使用它们。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.