Skip to content

dancinnamon-okta/okta_api_demo

BranchesTags
 
 

Repository files navigation

Okta-API-Demo

This sample project provides an easy to deploy demo app which demonstrates out-of-the-box features of Okta API Products.

It showcases the Okta Sign-In Widget, but also contains one sample each for log-in using two other integration methods:

  1. Redirecting to Okta's signin page
  2. Purely using API (AuthJS example).

This application will help you demonstrate:

  1. Authentication and Authorization:
  2. Inbound Federation (SAML)
  3. Social Auth
  4. MFA
  5. Universal Directory
  6. Centralized Identity Management
  7. API Access Management

Note: This project is built with Django and runs on Python 3.4.

You can either run the Django app locally by cloning this repo or, more conveniently, use an available Docker container.

1. Run in Docker

There is a Docker container so you can readily run the app with docker run. But first you need to provide the container with environment variables.

  1. Create a directory and cd into it

  2. In this directory, create a file named env.list. There is already a template env.list file in the root of this project repo, so simply copy it and edit it:

    • Edit env.list file and provide values to your Okta API-Products configuration values.

      Note: comments begin with an # - be sure to read the comments!

    • You don't need to update all the variables in env.list, only the first 5 (these are clearly marked out in the template env.list file).

    • You can edit the other environment variables to suit the custom needs of your demo, but for out-of-the-box setup, the default values will work just fine.

    An example completed env.list looks like the text below: (The keys and secrets below are made-up values):

    AUTH_SERVER_ID=aus8sghq3euRD33KN0h7
OKTA_ORG=atko.okta.com
CLIENT_ID=0oa4ox4jzjHj9vWgR1t7
CLIENT_SECRET=Ar-zht2498sdfxaerjwmsjd9s!je49rw8#a
API_KEY=00xcfd2308490aeuxcvbEarsddffffdgjfhgf012xz
DEFAULT_SCOPES=openid,email,profile,com.zeek.p1.resource1.admin,com.zeek.p1.resource1.user
REDIRECT_URI=http://localhost:8000/oauth2/callback
CUSTOM_LOGIN_URL=login.atko.com
GOOGLE_IDP_ID=0oa1bnct4t7RQEwao1t7
FB_IDP_ID=0oaxmxaszOUXlhDAu1t6
LNKD_IDP_ID=0oatmj8l3QhUvJ3lQ1t6
SAML_IDP_ID=0oayqdoj63vdxXHtI1t6
BACKGROUND_IMAGE=/img/okta-brand/background/SFBayBridge.jpg
BACKGROUND_IMAGE_CSS=/img/okta-brand/background/SFBayBridge.jpg
BACKGROUND_IMAGE_AUTHJS=/img/okta-brand/background/focus.jpg
BACKGROUND_IMAGE_IDP=/img/okta-brand/background/NewYork.jpg

  3. In Okta, configure your App to support both authorization_code and Implicit flow. Also, be sure to check both boxes "Allow ID Token with Implicit grant type" and "Allow Access Token with implicit grant type"

  4. In your Okta org, you must add CORS and a redirect_uri for your application. Please add the following to your Okta org:

    • Add redirect_uri = http://localhost:8000/oauth2/callback to your OpenID Connect app
    • Add a CORS entry for http://localhost:8000

  5. Run the command:

    docker run -it -p 8000:8000 --env-file=env.list -t zzkhoo/okta-api-demo:latest

    Notes:

    • This project has a Dockerfile which you can use to build your own images.
    • Or, you can simply run okta-api-demo from the public repo https://hub.docker.com/r/zzkhoo/okta-api-demo/tags/ as shown above.
    • The Dockerfile exposes the project on port 8000, so map your port to 8000. And be sure to inject the env.list into your container with the --env-file option as shown.

Demoing Idp Discovery

This app can demo IdP discovery, but there are some configuration steps to take care of. To demo IdP Discovery:

  1. Add the settting IDP_DISCO_PAGE in env.list. Set it to the relative path of your App's EMBED_LINK: Example

    AUTH_SERVER_ID=....
OKTA_ORG=...
...
IDP_DISCO_PAGE=/home/oidc_client/0oa4ox4jzjHj9vWgR1t7/alntwmdyyUB5fs8d50g4

  2. In Okta, configure your OIDC App's settings with the following:

    Login Initiated by = Either Okta or App

    Initiate login URI = http://localhost:8000/login-noprompt?from=login_idp_disco

  3. Now you should see an "Idp Discovery" tab in the demo app.

2. Local setup

You can also run this demo locally, without Docker:

  1. Clone this repository. Then cd into its directory
  2. Create a virtualenv environment: 
    python3 -m venv venv
    or 
    virtualenv -p <path-to-Python3.4> venv
  3. Activate the virtualenv 
    source venv/bin/activate
  4. Install requirements 
    pip install -r requirements.txt
  5. Edit the .env file and provide values to your Okta API-Products configuration values.
  6. An example of a completed .env file looks like the following (Note: keys and secrets below are made-up values): 
    export AUTH_SERVER_ID=default
export OKTA_ORG=atko.okta.com
export CLIENT_ID=0oa4ox4jzjHj9vWgR1t7
export CLIENT_SECRET=Ar-zht2498sdfxaerjwmsjd9s!je49rw8#a
export API_KEY=00xcfd2308490aeuxcvbEarsddffffdgjfhgf012xz
export DEFAULT_SCOPES=openid,email,profile,com.zeek.p1.resource1.admin,com.zeek.p1.resource1.user
export REDIRECT_URI=http://localhost:8000/oauth2/callback
export CUSTOM_LOGIN_URL=login.atko.com
export GOOGLE_IDP_ID=0oa1bnct4t7RQEwao1t7
export FB_IDP_ID=0oaxmxaszOUXlhDAu1t6
export LNKD_IDP_ID=0oatmj8l3QhUvJ3lQ1t6
export SAML_IDP_ID=0oayqdoj63vdxXHtI1t6
export BACKGROUND_IMAGE=/static/img/okta-brand/background/SFBayBridge.jpg
export BACKGROUND_IMAGE_CSS=/static/img/okta-brand/background/SFBayBridge.jpg
export BACKGROUND_IMAGE_AUTHJS=/static/img/okta-brand/background/focus.jpg
export BACKGROUND_IMAGE_IDP=/static/img/okta-brand/background/NewYork.jpg
  7. Source the .env file 
    source .env
  8. Make migrations 
    python manage.py migrate
  9. Start the server 
    python manage.py runserver

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

1 star

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 38.3%
  • JavaScript 22.7%
  • HTML 21.8%
  • CSS 15.9%
  • Shell 1.2%
  • Dockerfile 0.1%