I am using passport-okta-oauth
to login to my Node RED instance and have confirmed that the login is succeeding (by logging to the console the profile
object inside of of the verify
callback), however after redirecting back to my instance it reloads the homepage with "Sign in using Okta" still visible instead of to the dashboard.
It seems I must be missing a final step, but can't figure it out. Here is my code:
adminAuth: {
type:"strategy",
strategy: {
name: "okta",
label: "Sign in using Okta",
icon:"fa-key",
strategy: require("passport-okta-oauth").Strategy,
options: {
audience: "https://mycompany.okta.com",
clientID: "XXXXXXX",
clientSecret: "xxxxxx",
scope: ["openid", "email", "profile", "offline_access"],
response_type: "code",
callbackURL: "https://mycompany.com/auth/strategy/callback",
verify: function(accessToken, refreshToken, profile, done) {
console.log(profile);
return profile;
}
}
},
users: [
{ username: "justAnotherDev", permissions: ["*"] }
]
},
The console prints out the signed in profile object:
{ provider: 'okta',
id: 'xxxxxxxx',
displayName: 'justAnotherDev',
username: 'justAnotherDev@mycompany.com',
name:
{ fullName: 'justAnotherDev',
emails: [ { value: 'justAnotherDev@mycompany.com' } ],
_raw:
'{"sub":"xxxxxxxx","name":"justAnotherDev","locale":"US","email":"justAnotherDev@mycompany.com","updated_at":1587413637,"email_verified":true}',
_json:
{ sub: 'xxxxxxxx',
name: 'justAnotherDev',
locale: 'US',
email: 'justAnotherDev@mycompany.com',
nickname: 'justAnotherDev',
preferred_username: 'justAnotherDev@mycompany.com',
zoneinfo: 'America/Los_Angeles',
updated_at: 1587413637,
email_verified: true } }
What am I missing? I have tried adding done(null, profile);
before (and in place of) returning the profile object but that didn't help either.