When a User click on the Login w/ Okta button, and get directed to okta
,but the user is not loggged into Okta yet User sees an error saying
User does not have code, when the error is because they don't have
a session w/ Okta.

Error Displayed on Page: Required query parameter "code" is missing

http://localhost:3000/authorization-code/callback?state=oArfSWypYbUON2FWF0iDcvgl6qFdM0VYXSYOHvjjtCaDBQwIFn7iO5tr88jfwxLb&error=access_denied&error_description=User+is+not+assigned+to+the+client+application.
Check for this error in addition to the code, say User is not logged in.

When I run npm run mock-okta it runs fine but when I visit http://127.0.0.1:7777 on the browser, it throws the following error on the console:

And the browser shows the following:

I am unable to find documentation on how to add IDP IDs to the OIDC middleware config to display social authentication for this particular example (nodejs-express).

{
"webServer": {
"port": 8080,
"oidc": {
"clientId": "xxxx",
"clientSecret": "xxxx",
"issuer": "https://jay.okta.com/oauth2/xxxxxx",
"redirectUri": "http://localhost:8080/authorization-code/callback",
"scope": "openid profile email"
}
},
"resourceServer": {
"port": 8000,
"oidc": {
"issuer": "https://jay.okta.com/oauth2/xxxxxx"
},
"assertClaims": {
"aud": "api://default",
"cid": "xxxxxx"
}
}
}

regarding your "sample-web-server.js" for okta-hosted login, if i want to send cURL request to your protected endpoint (the /profile endpoint), do i need access token & then include it as Authentication Bearer token inside cURL request? or what kind of token do I need?

jws should be a dependency instead of a dev-dependency

It seems a little weird that the default instructions in the README outline how to get up and running with a mock org, and you have to scroll pretty far down the page to see the link with instructions on getting up and running with a real org.

1. What is the point of the mock? Okta sandbox orgs are free, and we want people to register and test stuff out... :)

2. If most people are registering for Okta and testing this out using their own orgs, the default instructions in the README should outline the steps for that. The big difference between the two (mock vs real) is setting up CORS. This should be easily searchable in the main README.

https://github.com/okta/samples-nodejs-express-4/blob/master/okta-hosted-login/README.md

When I clone this project and put in my uri, clientID, and client secret I get a 404 page after clicking the "Login with Okta" button

We use Okta for internal Infrastructure and I have been unable to authenticate. I am able to login and my browser redirects and ends up doing a POST to the entry point and I get a 404. I have tried two other node.js express libraries and have the same result. One of the other libraries ends up doing constant redirects. My issuer's urls do not follow this convention.

Issuer - This is the URL of the authorization server that will perform authentication. All Developer Accounts have a "default" authorization server. The issuer is a combination of your Org URL (found in the upper right of the console home page) and /oauth2/default. For example, https://dev-1234.oktapreview.com/oauth2/default.

My issuer URL has the name of the app, the issuer id and ends in sso/saml

The title of this issue should be used in the context of the Express & Okta-Hosted Login Page Example.

The Prerequisites section states:

Before running this sample, you will need the following:

• An Okta Developer Account, you can sign up for one at https://developer.okta.com/signup/.
• An Okta Application, configured for Web mode. This is done from the Okta Developer Console and you can find instructions here. When following the wizard, use the default properties. They are designed to work with our sample applications.

Note the boldfaced text An Okta Application, configured for Web mode. Despite seeing this, I was happily able to glance over that and happily used the application configured as SPA instead. The obvious problem with this is that I could not find the Client Secret for this SPA app -- and spent hours searching through all docs for information where to find it.

Perhaps the Client Credentials section should look like this (in the case of a SPA app):

To app

Express & Custom Login Page Example

The screenshot below should explain what this is about:

Hello team

I see most of the libraries are already deprecated when i run npm install on the project after cloning it .

Since the dependencies are already deprecated and when i run the project with npm run custom-login-server. I end up with the below issue

does this project works with the OIE version of Okta ? and how to fox these issues that i am running into ?

Running npm run okta-hosted-login-server I get Okta 400 when I click on the login from the sample page. This is saying:

Your request resulted in an error. The 'redirect_uri' parameter must be a Login redirect URI in the client app settings

The redirect url the express/node server constructs is

https://dev-7*25.okta.com/oauth2/default/v1/authorize?client_id=0o3trFVY5d7&scope=openid%20profile%20email&response_type=code&redirect_uri=http*%2Flocalhost%080%2Fauthorization-code%2Fcallback&state=yaN1Cp5V_RDQGXG_g0DldPxXWjO7x1-F09**5h78

But if you decode the redirect_uri it shows:

http://localhost:8080/authorization-code/callback&state=yaN1Cp5V_R*_g0DldPxXWjO7x1-F*w5h78

Where I think it meant to have state as a query string? callback&state= looks incorrect

The code goes to /authorization-code/callback with state and code querystring but throws "Unauthorized" error after successful openid connection.

Following errors are returned when I try to run the sample.

@okta/[email protected] okta-hosted-login-server /Users/sohaibajmal/Documents/OktaDeveloperSamples/Okta_NodeMiddleware/samples-nodejs-express-4-master
node okta-hosted-login/server.js

(node:4071) UnhandledPromiseRejectionWarning: Unhandled promise rejection (rejection id: 1): RequestError: write EPROTO 140736950694848:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:../deps/openssl/openssl/ssl/s23_clnt.c:797:

(node:4071) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.

Steps followed

1 - Checkout sample

2 - npm installl

3 - Update .sample.json.config with org and OIDC app information

4 - npm run custom-login-server

Node Versions Tried: 7.9.0 and 8.1.1

 hostname: 'myorg.okta.com',
  method: 'GET',
  path: '/oauth2/default/.well-known/openid-configuration',
  protocol: 'https:',
  url: 'https://myorg.okta.com/oauth2/default/.well-known/openid-configuration',
  statusCode: 401,
  statusMessage: 'Unauthorized',

Simply cannot get it to start correctly.

pretty sure settings are correct..

{
  "webServer": {
    "port": 8080,
    "oidc": {
      "clientId": "xx",
      "clientSecret": "yy",
      "issuer": "https://myorg.okta.com/oauth2/default",
      "redirectUri": "http://localhost:8080/authorization-code/callback",
      "scope": "openid profile email"
    }
  },
  "resourceServer": {
    "port": 8000,
    "oidc": {
      "issuer": "https://myorg.okta.com/oauth2/default"
    },
    "assertClaims": {
      "aud": "api://default",
      "cid": "xx"
    }
  }
}

any ideas?

Also, your recent changes to the admin UI the url for org is no longer shown in dashboard, I presume its https://xxx.okta.com as noted in docs that it's same as dashboard minus the "-admin".

There is additional documentation on your site that needs to be updated as well, I am thoroughly NOT enjoying the experience right now after trying this sample, my own custom one, seeing the high no of open issues on "okta-oidc-js" and reading your forums. GRR

Hello,
I am getting the following error when I execute 'npm start' from windows command line.
Kindly help.

'DIST_OUT' is not recognized as an internal or external command,
operable program or batch file.
child_process.js:524
throw err;
^

Error: Command failed: DIST_OUT=D:\Public\okta\samples-nodejs-express-4-master\dist npm run build
at checkExecSyncError (child_process.js:481:13)
at execSync (child_process.js:521:13)
at Object. (D:\Public\okta\samples-nodejs-express-4-master\node_modules@okta\samples-js-angular-1\scripts\build-frontend.js:
at Module._compile (module.js:570:32)
at Object.Module._extensions..js (module.js:579:10)
at Module.load (module.js:487:32)
at tryModuleLoad (module.js:446:12)
at Function.Module._load (module.js:438:3)
at Module.runMain (module.js:604:10)
at run (bootstrap_node.js:389:7)

npm ERR! Windows_NT 6.1.7601
npm ERR! argv "D:\Public\node.exe" "D:\Public\node_modules\npm\bin\npm-cli.js" "start"
npm ERR! node v6.11.1
npm ERR! npm v3.10.10
npm ERR! code ELIFECYCLE
npm ERR! @okta/[email protected] prestart: build-frontend
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the @okta/[email protected] prestart script 'build-frontend'.
npm ERR! Make sure you have the latest version of node.js and npm installed.
npm ERR! If you do, this is most likely a problem with the @okta/samples-nodejs-express-4 package,
npm ERR! not with npm itself.
npm ERR! Tell the author that this fails on your system:
npm ERR! build-frontend
npm ERR! You can get information on how to open an issue for this project with:
npm ERR! npm bugs @okta/samples-nodejs-express-4
npm ERR! Or if that isn't available, you can get their info via:
npm ERR! npm owner ls @okta/samples-nodejs-express-4
npm ERR! There is likely additional logging output above.

npm ERR! Please include the following file with any support request:
npm ERR! D:\Public\okta\samples-nodejs-express-4-master\npm-debug.log

I cloned the repo, followed the instruction for resource-server but when I run npm run resource-server and go to localhost:8000/secure or /api/messages I get Unauthorized.
I've added the .samples.config.json with the Client ID, following the docs.

npm --version
6.4.1
$ npm run resource-server

> @okta/[email protected] resource-server <path>/samples-nodejs-express-4
> node resource-server/server.js

Resource Server Ready on port 8000
Unauthorized
Unauthorized
Unauthorized

I encountered this same issue at a different okta sample and described the problem as well as presented the solution. As nobody responded, I could think that keeping the samples current exceeds the okta team's ability to do - let me please know if that is the case; I would then stop writing such observations 😄

Running npm install for the Express & Okta-Hosted Login Page Example results with:

λ npm install                                                                                                                    
                                                                                                                                 
> @okta/[email protected] postinstall c:\work\learning\okta\samples-nodejs-express-4                                
> node post-install.js                                                                                                           
                                                                                                                                 
Creating default configuration file                                                                                              
                                                                                                                                 
Sample project is ready to go!  Please add your configuration to c:\work\learning\okta\samples-nodejs-express-4\.samples.config.j
son, see the README for instructions.                                                                                            
                                                                                                                                 
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: [email protected] (node_modules\fsevents):                                          
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for [email protected]: wanted {"os":"darwin","arch":"any"} (curre
nt: {"os":"win32","arch":"x64"})                                                                                                 
                                                                                                                                 
added 380 packages from 351 contributors and audited 1332 packages in 14.251s                                                    
found 25 vulnerabilities (4 low, 16 moderate, 5 high)                                                                            
  run `npm audit fix` to fix them, or `npm audit` for details                                                                                                                        

Subsequent execution of the npm audit results with the following suggestions:

1. Run npm install --save-dev [email protected] to resolve 4 vulnerabilities
2. Run npm install @okta/[email protected] to resolve 3 vulnerabilities
3. Run npm install @okta/[email protected] to resolve 3 vulnerabilities
4. Run npm update fsevents --depth 3 to resolve 13 vulnerabilities
5. Run npm update fill-range --depth 7 to resolve 1 vulnerability

I did try to run these suggested commands, only to find that the total number of vulnerabilities dropped from 25 to 16, meaning that there is more work to be done, because of various inter-dependencies.

dotenv is a runtime dependency, but is listed as a dev depency in package.json. This causes issues if NODE_ENV=production, under which dependencies are installed, but not devDependencies.

Steps to recreate:

• Clone repository
• export NODE_ENV=production
• npm install
• ISSUER={validOktaDomain}/oauth2/default CLIENT_ID={validClientId} CLIENT_SECRET={validClientSecret} npm run okta-hosted-login-server

Expected results:

> @okta/[email protected] okta-hosted-login-server
> node okta-hosted-login/server.js

(...)
App started on port 8080

Actual results:

> @okta/[email protected] okta-hosted-login-server
> node okta-hosted-login/server.js

internal/modules/cjs/loader.js:883
  throw err;
  ^

Error: Cannot find module 'dotenv'
Require stack:
- /(...)/samples-nodejs-express-4/config.js
- /(...)/samples-nodejs-express-4/okta-hosted-login/server.js
    at Function.Module._resolveFilename (internal/modules/cjs/loader.js:880:15)
    at Function.Module._load (internal/modules/cjs/loader.js:725:27)
    at Module.require (internal/modules/cjs/loader.js:952:19)
    at require (internal/modules/cjs/helpers.js:88:18)
    at Object.<anonymous> (/Users/derek.tiffany/Documents/GitHub/samples-nodejs-express-4/config.js:2:16)
    at Module._compile (internal/modules/cjs/loader.js:1063:30)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:1092:10)
    at Module.load (internal/modules/cjs/loader.js:928:32)
    at Function.Module._load (internal/modules/cjs/loader.js:769:14)
    at Module.require (internal/modules/cjs/loader.js:952:19) {
  code: 'MODULE_NOT_FOUND',
  requireStack: [
    '/(...)/samples-nodejs-express-4/config.js',
    '/(...)/samples-nodejs-express-4/okta-hosted-login/server.js'
  ]
}

Note:
Fix is to simply move dotenv from devDependencies to dependencies in package.json

This issue describes the failure of the Express Resource Server Example, where the command npm run resource-server results with

> @okta/[email protected] resource-server C:\work\learning\okta\samples-nodejs-express-4
> node resource-server/server.js

C:\work\learning\okta\samples-nodejs-express-4\node_modules\@okta\configuration-validation\dist\lib.js:66
    throw new ConfigurationValidationError('Your client ID is missing. ' + copyCredentialsMessage);
    ^

Error: Your client ID is missing. You can copy it from the Okta Developer Console in the details for the Application you created. Follow these instructions to find it: https://bit.ly/finding-okta-app-credentials
    at new ConfigurationValidationError (C:\work\learning\okta\samples-nodejs-express-4\node_modules\@okta\configuration-validation\dist\lib.js:27:141)
    at configUtil.assertClientId (C:\work\learning\okta\samples-nodejs-express-4\node_modules\@okta\configuration-validation\dist\lib.js:66:11)
    at new OktaJwtVerifier (C:\work\learning\okta\samples-nodejs-express-4\node_modules\@okta\jwt-verifier\lib.js:25:5)
    at Object.<anonymous> (C:\work\learning\okta\samples-nodejs-express-4\resource-server\server.js:19:25)
    at Module._compile (internal/modules/cjs/loader.js:689:30)
    at Object.Module._extensions..js (internal/modules/cjs/loader.js:700:10)
    at Module.load (internal/modules/cjs/loader.js:599:32)
    at tryModuleLoad (internal/modules/cjs/loader.js:538:12)
    at Function.Module._load (internal/modules/cjs/loader.js:530:3)
    at Function.Module.runMain (internal/modules/cjs/loader.js:742:12)
npm ERR! code ELIFECYCLE
npm ERR! errno 1
npm ERR! @okta/[email protected] resource-server: `node resource-server/server.js`
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the @okta/[email protected] resource-server script.
npm ERR! This is probably not a problem with npm. There is likely additional logging output above.

The gist of this failure is described as Error: Your client ID is missing.

I believe that the data in the file .samples.config.json are correct - in particular, the client ID is set to 0oah36nrrdAZ7r4a00h7 - as defined at https://dev-621259-admin.oktapreview.com/admin/app/oidc_client/instance/0oah36nrrdAZ7r4a00h7/#tab-general - and the only possible problem that I can see is the use of the key "cid" to refer to client ID in the "assertClaims"section (shown below):

   "assertClaims": {
      "aud": "api://default",
      "cid": "0oah36nrrdAZ7r4a00h7"
    }

Am I missing something obvious?

I cloned this repo and run nom install. After that, I modify the .samples.config.json to be my app on okta. But I got below errors when run nom start.

> node lib/index.js

Unable to configure ExpressOIDC { HTTPError: Response code 401 (Unauthorized)
    at stream.catch.then.data (/Users/joey/dev/bigcrunch/samples-nodejs-express-4/node_modules/got/index.js:182:13)
    at process._tickCallback (internal/process/next_tick.js:109:7)
  name: 'HTTPError',
  host: 'ev-883158-admin.oktapreview.com',
  hostname: 'ev-883158-admin.oktapreview.com',
  method: 'GET',
  path: '/oauth2/default/.well-known/openid-configuration',
  protocol: 'https:',
  url: 'https://ev-883158-admin.oktapreview.com/oauth2/default/.well-known/openid-configuration',
  statusCode: 401,
  statusMessage: 'Unauthorized',
  headers:
   { date: 'Wed, 15 Nov 2017 10:50:05 GMT',
     server: 'nginx',
     'public-key-pins-report-only': 'pin-sha256="jZomPEBSDXoipA9un78hKRIeN/+U4ZteRaiX8YpWfqc="; pin-sha256="axSbM6RQ+19oXxudaOTdwXJbSr6f7AahxbDHFy3p8s8="; pin-sha256="SE4qe2vdD9tAegPwO79rMnZyhHvqj3i5g1c2HkyGUNE="; pin-sha256="ylP0lMLMvBaiHn0ihLxHjzvlPVQNoyQ+rMiaj0da/Pw="; max-age=60; report-uri="https://okta.report-uri.io/r/default/hpkp/reportOnly"',
     'content-type': 'application/json',
     'x-okta-request-id': 'Wgwb3bZQfnLAHp9WzIM-1AAABpg',
     p3p: 'CP="HONK"',
     'x-rate-limit-limit': '10000',
     'x-rate-limit-remaining': '9998',
     'x-rate-limit-reset': '1510743012',
     'cache-control': 'no-cache, no-store',
     pragma: 'no-cache',
     expires: '0',
     'set-cookie':
      [ 'sid=""; Expires=Thu, 01-Jan-1970 00:00:10 GMT; Path=/',
        'JSESSIONID=665A7C6EA378A07968363748159589E1; Path=/' ],
     connection: 'close',
     'transfer-encoding': 'chunked' } }

I am reporting this bug which throws an error but little else by way of error handling to detect root cause.

 npm start

> @okta/[email protected] prestart /home/trophy12/public_html/okta/samples/samples-nodejs-express-4
> build-frontend

node[1728]: pthread_create: Resource temporarily unavailable
child_process.js:524
    throw err;
    ^

Error: Command failed: DIST_OUT=/home/trophy12/public_html/okta/samples/samples-nodejs-express-4/dist npm run build
    at checkExecSyncError (child_process.js:481:13)
    at execSync (child_process.js:521:13)
    at Object.<anonymous> (/home/trophy12/public_html/okta/samples/samples-nodejs-express-4/node_modules/@okta/samples-js-angular-1/scripts/build-frontend.js:23:1)
    at Module._compile (module.js:570:32)
    at Object.Module._extensions..js (module.js:579:10)
    at Module.load (module.js:487:32)
    at tryModuleLoad (module.js:446:12)
    at Function.Module._load (module.js:438:3)
    at Module.runMain (module.js:604:10)
    at run (bootstrap_node.js:389:7)

npm ERR! Linux 2.6.32-042stab094.7
npm ERR! argv "/usr/local/bin/node" "/usr/local/bin/npm" "start"
npm ERR! node v6.11.0
npm ERR! npm  v3.10.10
npm ERR! code ELIFECYCLE
npm ERR! @okta/[email protected] prestart: `build-frontend`
npm ERR! Exit status 1
npm ERR!
npm ERR! Failed at the @okta/[email protected] prestart script 'build-frontend'.
npm ERR! Make sure you have the latest version of node.js and npm installed.
npm ERR! If you do, this is most likely a problem with the @okta/samples-nodejs-express-4 package,
npm ERR! not with npm itself.
npm ERR! Tell the author that this fails on your system:
npm ERR!     build-frontend
npm ERR! You can get information on how to open an issue for this project with:
npm ERR!     npm bugs @okta/samples-nodejs-express-4
npm ERR! Or if that isn't available, you can get their info via:
npm ERR!     npm owner ls @okta/samples-nodejs-express-4
npm ERR! There is likely additional logging output above.

npm ERR! Please include the following file with any support request:
npm ERR!     /home/trophy12/public_html/okta/samples/samples-nodejs-express-4/npm-debug.log


]# cat  /home/trophy12/public_html/okta/samples/samples-nodejs-express-4/npm-debug.log
0 info it worked if it ends with ok
1 verbose cli [ '/usr/local/bin/node', '/usr/local/bin/npm', 'start' ]
2 info using [email protected]
3 info using [email protected]
4 verbose run-script [ 'prestart', 'start', 'poststart' ]
5 info lifecycle @okta/[email protected]~prestart: @okta/[email protected]
6 verbose lifecycle @okta/[email protected]~prestart: unsafe-perm in lifecycle true
7 verbose lifecycle @okta/[email protected]~prestart: PATH: /usr/local/lib/node_modules/npm/bin/node-gyp-bin:/home/trophy12/public_html/okta/samples/samples-nodejs-express-4/node_modules/.bin:/usr/local/jdk/bin:/home/trophy12/perl5/bin:/usr/kerberos/bin:/usr/local/bin:/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin:/home/trophy12/bin
8 verbose lifecycle @okta/[email protected]~prestart: CWD: /home/trophy12/public_html/okta/samples/samples-nodejs-express-4
9 silly lifecycle @okta/[email protected]~prestart: Args: [ '-c', 'build-frontend' ]
10 silly lifecycle @okta/[email protected]~prestart: Returned: code: 1  signal: null
11 info lifecycle @okta/[email protected]~prestart: Failed to exec prestart script
12 verbose stack Error: @okta/[email protected] prestart: `build-frontend`
12 verbose stack Exit status 1
12 verbose stack     at EventEmitter.<anonymous> (/usr/local/lib/node_modules/npm/lib/utils/lifecycle.js:255:16)
12 verbose stack     at emitTwo (events.js:106:13)
12 verbose stack     at EventEmitter.emit (events.js:191:7)
12 verbose stack     at ChildProcess.<anonymous> (/usr/local/lib/node_modules/npm/lib/utils/spawn.js:40:14)
12 verbose stack     at emitTwo (events.js:106:13)
12 verbose stack     at ChildProcess.emit (events.js:191:7)
12 verbose stack     at maybeClose (internal/child_process.js:891:16)
12 verbose stack     at Process.ChildProcess._handle.onexit (internal/child_process.js:226:5)
13 verbose pkgid @okta/[email protected]
14 verbose cwd /home/trophy12/public_html/okta/samples/samples-nodejs-express-4
15 error Linux 2.6.32-042stab094.7
16 error argv "/usr/local/bin/node" "/usr/local/bin/npm" "start"
17 error node v6.11.0
18 error npm  v3.10.10
19 error code ELIFECYCLE
20 error @okta/[email protected] prestart: `build-frontend`
20 error Exit status 1
21 error Failed at the @okta/[email protected] prestart script 'build-frontend'.
21 error Make sure you have the latest version of node.js and npm installed.
21 error If you do, this is most likely a problem with the @okta/samples-nodejs-express-4 package,
21 error not with npm itself.
21 error Tell the author that this fails on your system:
21 error     build-frontend
21 error You can get information on how to open an issue for this project with:
21 error     npm bugs @okta/samples-nodejs-express-4
21 error Or if that isn't available, you can get their info via:
21 error     npm owner ls @okta/samples-nodejs-express-4
21 error There is likely additional logging output above.
22 verbose exit [ 1, true ]

I used implicit flow to integrate Okta OAuth2 with Angular6, my front-end config is like below:
clientId: '0oa1l1418lWpy6uGE357',
issuer: 'https://dev-351004.okta.com/oauth2/default',
redirectUri: 'http://localhost:4200/implicit/callback',
scopes: ['openid', 'profile', 'email'],
responseTypes: ['id_token', 'token'],
pkce: true
but when I clicked login button and url redirect to 'http://localhost:4200/implicit/callback', I got below error:
"OAuthError: The response type is not supported by the authorization server. Configured response types: [id_token, token]."
I checked my r Request URL: https://dev-351004.okta.com/oauth2/default/v1/authorize?client_id=0oa1l1418lWpy6uGE357
&code_challenge=c8Gt0U161p1-qi2DrbvS9gyOKzrDFRpHyGfTSuUqfJs
&code_challenge_method=S256&nonce=8xgaOy9IOCqZLgeXH9lRPQ46au0d9AHzQpuHDxQsM6w1aEjGGotYhihxOdhrZAF1
&redirect_uri=http%3A%2F%2Flocalhost%3A4200%2Fimplicit%2Fcallback
&response_mode=fragment
&response_type=code
&state=N8vyXkQyYd7EMONcBelO3I9qwTzr9JjAcEMY7ttHDPi9SQglxSksoetnnuuuxiAC
&scope=openid%20profile%20email
Anybody come across this issue？

Hi i am trying to use the sign-in widget. After i login, i get:
error 400
Error Code: invalid_client
Description: Invalid value for 'client_id' parameter.

this is what my client ID says it is

here is the url:

https://dev-387826.oktapreview.com/oauth2/default/v1/authorize?nonce=8bf46ef6-5499-4a70-b3f0-7d47e49a983a&state=ec07e2cd-b82f-4cab-af57-6f252da851ec&client_id=0oaituw8sjQRYE5v60h7&redirect_uri=http%3A%2F%2Flocalhost%3A6006%2Fauthorization-code%2Fcallback&scope=openid%20profile%20email&response_type=code&sessionToken=20111wN123JyC3iCpKk15t3NrKyr6rZXfEAkzotJGGHSuHYzlmGHLSi

and here is my .samples.config.json ( changed client secret)

{
    "webServer": {
        "port": 6006,
        "oidc": {
            "clientId": "0oaituw8sjQRYE5v60h7",
            "clientSecret": "ImFQHIDDENHIDDENHIDDENHIDDENOXofajqJamb-",
            "issuer": "https://dev-387826.oktapreview.com/oauth2/default",
            "redirectUri": "http://localhost:6006/authorization-code/callback",
            "scope": "openid profile email"
        }
    }
}

1 - Click on Login

2 - When redirected to http://localhost:3000/implicit/callback:

OAuthError: The response type is not supported by the authorization server. Configured response types: [code].

Trying to Integrate with the Sandbox environment. All the required configurations are set, but on login face the "id_token could not be decoded from the response" error.

To help avoid misconfiguration, this library should implement these checks against common errors: https://oktawiki.atlassian.net/wiki/spaces/PM/pages/552049922/Library+configuration+checks

For this library, these checks apply:

• Issuer
• Client ID
• Client secret

Additionally, make sure these placeholders are always used in documentation or samples:

• https://{yourOktaDomain} (not {yourOktaDomain}.com)
• {clientId}
• {clientSecret}

ISSUER=https://yourOktaDomain.com/oauth2/default
SPA_CLIENT_ID=123xxxxx123

In which file we need to add the above field? not understand testenv

I have followed the README, I have all environment variables set but "npm test" fails:

[11:30:32] I/launcher - Running 1 instances of WebDriver
[11:30:32] I/local - Starting selenium standalone server...
[11:30:32] E/launcher - Error: Error: Server terminated early with status 1
at /Users/ivangotti/samples-nodejs-express-4/node_modules/selenium-webdriver/remote/index.js:255:52
at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
[11:30:32] E/launcher - Error: ReferenceError: browser is not defined

How can I define the browser?

Operating System - Windows
'google-chrome' is not recognized as an internal or external command,
operable program or batch file.
child_process.js:648
throw err;
^

Error: Command failed: google-chrome --product-version
'google-chrome' is not recognized as an internal or external command,
operable program or batch file.

at checkExecSyncError (child_process.js:609:11)
at execSync (child_process.js:645:15)
at Object.<anonymous> (C:\Visual Studio Code\NodeJs\samples-nodejs-express-4\scripts\update-se-drivers.js:26:19)
at Module._compile (internal/modules/cjs/loader.js:1128:30)
at Object.Module._extensions..js (internal/modules/cjs/loader.js:1167:10)
at Module.load (internal/modules/cjs/loader.js:983:32)
at Function.Module._load (internal/modules/cjs/loader.js:891:14)
at Function.executeUserEntryPoint [as runMain] (internal/modules/run_main.js:71:12)
at internal/main/run_main_module.js:17:47 {

status: 1,
signal: null,

$ npm start
npm ERR! Windows_NT 6.1.7601
npm ERR! argv "C:\Program Files\nodejs\node.exe" "C:\Users\USER\AppData\Roaming\npm\node_modules\npm\bin\npm-cli.js" "start"
npm ERR! node v9.4.0
npm ERR! npm v3.10.10

npm ERR! missing script: start
npm ERR!
npm ERR! If you need help, you may report this error at:
npm ERR! https://github.com/npm/npm/issues

npm ERR! Please include the following file with any support request:
npm ERR! C:\Users\USER\Desktop\samples-nodejs-express-4\npm-debug.log

npm start gives following error:

$ npm start

> @okta/[email protected] prestart D:\GitRepo\github\samples-nodejs-express-4
> build-frontend

'DIST_OUT' is not recognized as an internal or external command,
operable program or batch file.
child_process.js:526
    throw err;
    ^

Error: Command failed: DIST_OUT=D:\GitRepo\github\samples-nodejs-express-4\dist npm run build
    at checkExecSyncError (child_process.js:483:13)
    at execSync (child_process.js:523:13)
    at Object.<anonymous> (D:\GitRepo\github\samples-nodejs-express-4\node_modules\@okta\samples-js-angular-1\scripts\build-frontend.js:23:1)
    at Module._compile (module.js:570:32)
    at Object.Module._extensions..js (module.js:579:10)
    at Module.load (module.js:487:32)
    at tryModuleLoad (module.js:446:12)
    at Function.Module._load (module.js:438:3)
    at Module.runMain (module.js:604:10)
    at run (bootstrap_node.js:394:7)

Unable to configure ExpressOIDC { RequestError: connect ECONNREFUSED 127.0.0.1:7777
at ClientRequest.req.once.err (C:\TFS\nodejs-okta-api\node_modules\got\index.js:219:22)
at Object.onceWrapper (events.js:315:30)
at emitOne (events.js:121:20)
at ClientRequest.emit (events.js:211:7)
at Socket.socketErrorListener (_http_client.js:387:9)
at emitOne (events.js:116:13)
at Socket.emit (events.js:211:7)
at emitErrorNT (internal/streams/destroy.js:64:8)
at _combinedTickCallback (internal/process/next_tick.js:138:11)
at process._tickCallback (internal/process/next_tick.js:180:9)
name: 'RequestError',
code: 'ECONNREFUSED',
host: '127.0.0.1:7777',
hostname: '127.0.0.1',
method: 'GET',
path: '/oauth2/default/.well-known/openid-configuration',
protocol: 'http:',
url: 'http://127.0.0.1:7777/oauth2/default/.well-known/openid-configura

I see the state token but where i can see the access token or bearer token ?

tl;dr In the config for oktaUrl, I accidentally used http instead of https. The resulting error is obscure, and I had a hard time troubleshooting.

Steps to reproduce

1. Follow the OIDC setup to create a new organization and app
2. Follow the readme quick start, but use"oktaUrl": "http://{{yourOktaOrg}}.oktapreview.com" instead of https.
3. Run npm start and open localhost:3000.
4. Go to "Log in by redirecting to Okta" and click "Sign in".
5. Submit the Okta sign in form with your credentials

Result

"id_token could not be decoded from the response":

I tried to debug by printing the token. I searched my local source for the error message, found route-handlers.js:174, and added + json to the status message. This revealed a redirect message instead of a token:

Following the redirect link revealed a server error response:

I did not mentally connect this back to my config URL. It wasn't until I was comparing my config file with someone else's that I noticed the http/https difference.

Thanks to @nbarbettini for helping me debug!

Potential improvements

• Catch non-token responses and throw a more descriptive error. It's true that the token could not be decoded, but that's because it wasn't actually a JWT to start with.
• Use an https oktaUrl in the default .samples.config.json, to make safe copy-pastes that don't include the protocol. This might align with issue #14.
• Improve E0000022's documentation (or summary) to clearly state that https is required, not merely that http is not supported.

getting error after running this command: npm run okta-hosted-login-server

@okta/[email protected] okta-hosted-login-server C:\Users\kcf\Desktop\Okta\Javascript\samples-nodejs-express-4-master
node okta-hosted-login/server.js

(node:26464) UnhandledPromiseRejectionWarning: RequestError: Request timed out
at timeoutFn (C:\Users\kcf\Desktop\Okta\Javascript\samples-nodejs-express-4-master\node_modules\got\index.js:319:53)
at asPromise (C:\Users\kcf\Desktop\Okta\Javascript\samples-nodejs-express-4-master\node_modules\got\index.js:397:18)
at got (C:\Users\kcf\Desktop\Okta\Javascript\samples-nodejs-express-4-master\node_modules\got\index.js:637:10)
at Function.got.(anonymous function) [as get] (C:\Users\kcf\Desktop\Okta\Javascript\samples-nodejs-express-4-master\node_modules\got\ind
ex.js:655:31)
at Object.get (C:\Users\kcf\Desktop\Okta\Javascript\samples-nodejs-express-4-master\node_modules\openid-client\lib\http.js:15:14)
at Function.discover (C:\Users\kcf\Desktop\Okta\Javascript\samples-nodejs-express-4-master\node_modules\openid-client\lib\issuer.js:195:
28)
at Object.oidcUtil.createClient.context [as createClient] (C:\Users\kcf\Desktop\Okta\Javascript\samples-nodejs-express-4-master\node_mod
ules@okta\oidc-middleware\src\oidcUtil.js:30:17)
at new ExpressOIDC (C:\Users\kcf\Desktop\Okta\Javascript\samples-nodejs-express-4-master\node_modules@okta\oidc-middleware\src\ExpressO
IDC.js:109:14)
at new SampleWebServer (C:\Users\kcf\Desktop\Okta\Javascript\samples-nodejs-express-4-master\common\sample-web-server.js:30:16)
at Object. (C:\Users\kcf\Desktop\Okta\Javascript\samples-nodejs-express-4-master\okta-hosted-login\server.js:19:1)
(node:26464) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async func
tion without a catch block, or by rejecting a promise which was not handled with .catch(). (rejection id: 1)
(node:26464) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handl
ed will terminate the Node.js process with a non-zero exit code.

I have downloaded the code and also updated config.js and testenv file and then after i start the npm. I getting below error.

PS C:\Users\jitesh.rathod\Downloads\samples-nodejs-express-4-master\samples-nodejs-express-4-master> npm start
npm ERR! Missing script: "start"
npm ERR!
npm ERR! Did you mean one of these?
npm ERR! npm star # Mark your favorite packages
npm ERR! npm stars # View packages marked as favorites
npm ERR!
npm ERR! To see a list of scripts, run:
npm ERR! npm run

npm ERR! A complete log of this run can be found in:
npm ERR! C:\Users\jitesh.rathod\AppData\Local\npm-cache_logs\2022-07-25T06_15_51_717Z-debug-0.log
PS C:\Users\jitesh.rathod\Downloads\samples-nodejs-express-4-master\samples-nodejs-express-4-master>