/dhs-saml-okta-starter

OKTA nodejs typescript starter for the federal government projects. SAML SSO

Primary LanguageTypeScript

Description

OKTA SAML nodejs TypeScript starter repository for DHS.

Nest nodejs backend framework.

Okta for SAML.

Installation

$ pnpm install

Running the app

# development
$ pnpm run start

# watch mode
$ pnpm run start:dev

# production mode
$ pnpm run start:prod

# docker 
$ docker compose up -d

Generate key and cert

Create the server private key

openssl genrsa -out oktapk.key 2048

Create the certificate signing request (CSR)

openssl req -new -key oktapk.key -out servercert.csr

Sign the certificate using the private key and CSR

openssl x509 -req -days 3650 -in servercert.csr -signkey oktapk.key -out dhscert.crt

Generate Metadata

http://localhost:3000/auth/meta

Make sure to add config folder in the root directory of project and store cert and private key, refer saml.strategy.ts

OKTA Authentication Process

DHS OKTA will generate a 509 certificate with an entity Id and IDP entry point. Please ensure that the application callback URL is passed, as it will be called after a successful authentication request. A SAML response will then be generated with user information.

.env file

Create .env file in the project with following keys and provide valid information

# public cert
SAML_SERVER_PUBLIC_CERT=<PLACEHOLDER>
# private key
SAML_SERVER_PRIVATE_KEY=<PLACEHOLDER>
# entry point
OKTA_SAML_ENTRY_POINT=<PLACEHOLDER>
# issuer
OKTA_SAML_ISSUER=<PLACEHOLDER>
# app callback url
OKTA_SAML_CALLBACK_URL=<PLACEHOLDER>

Contact

info@wasatchinfotech.com

Screens

After starting the application navigate to http://localhost:3000/ will display page with login button.

image

Submit action should take to DHS SSO OKTA application for the authentication.

image