fix: okta and active directory with endpoints provided without additi…

…onal config (#923)

CHANGELOG.md

@@ -7,6 +7,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [unreleased]
 
+## [20.1.1] - 2024-09-10
+
+-   Fixes an issue with Okta / Active Directory providers where we check for additional config if `oidcDiscoveryEndpoint` is not defined. It would not be necessary in the cases where other endpoints are already provided.
+
 ## [20.1.0] - 2024-09-09
 
 -   Add edge compatibility for custom frameworks and Next.JS

lib/build/recipe/thirdparty/providers/activeDirectory.js

@@ -30,19 +30,15 @@ function ActiveDirectory(input) {
         const oGetConfig = originalImplementation.getConfigForClientType;
         originalImplementation.getConfigForClientType = async function ({ clientType, userContext }) {
             const config = await oGetConfig({ clientType, userContext });
-            if (config.additionalConfig == undefined || config.additionalConfig.directoryId == undefined) {
-                if (config.oidcDiscoveryEndpoint === undefined) {
-                    throw new Error(
-                        "Please provide the directoryId in the additionalConfig of the Active Directory provider."
-                    );
-                }
-            } else {
+            if (config.additionalConfig !== undefined && config.additionalConfig.directoryId !== undefined) {
                 config.oidcDiscoveryEndpoint = `https://login.microsoftonline.com/${config.additionalConfig.directoryId}/v2.0/.well-known/openid-configuration`;
             }
-            // The config could be coming from core where we didn't add the well-known previously
-            config.oidcDiscoveryEndpoint = utils_1.normaliseOIDCEndpointToIncludeWellKnown(
-                config.oidcDiscoveryEndpoint
-            );
+            if (config.oidcDiscoveryEndpoint !== undefined) {
+                // The config could be coming from core where we didn't add the well-known previously
+                config.oidcDiscoveryEndpoint = utils_1.normaliseOIDCEndpointToIncludeWellKnown(
+                    config.oidcDiscoveryEndpoint
+                );
+            }
             if (config.scope === undefined) {
                 config.scope = ["openid", "email"];
             }

lib/build/recipe/thirdparty/providers/okta.js

@@ -32,19 +32,17 @@ function Okta(input) {
         const oGetConfig = originalImplementation.getConfigForClientType;
         originalImplementation.getConfigForClientType = async function (input) {
             const config = await oGetConfig(input);
-            if (config.additionalConfig == undefined || config.additionalConfig.oktaDomain == undefined) {
-                if (config.oidcDiscoveryEndpoint === undefined) {
-                    throw new Error("Please provide the oktaDomain in the additionalConfig of the Okta provider.");
-                }
-            } else {
+            if (config.additionalConfig !== undefined && config.additionalConfig.oktaDomain !== undefined) {
                 const oidcDomain = new normalisedURLDomain_1.default(config.additionalConfig.oktaDomain);
                 const oidcPath = new normalisedURLPath_1.default("/.well-known/openid-configuration");
                 config.oidcDiscoveryEndpoint = oidcDomain.getAsStringDangerous() + oidcPath.getAsStringDangerous();
             }
-            // The config could be coming from core where we didn't add the well-known previously
-            config.oidcDiscoveryEndpoint = utils_1.normaliseOIDCEndpointToIncludeWellKnown(
-                config.oidcDiscoveryEndpoint
-            );
+            if (config.oidcDiscoveryEndpoint !== undefined) {
+                // The config could be coming from core where we didn't add the well-known previously
+                config.oidcDiscoveryEndpoint = utils_1.normaliseOIDCEndpointToIncludeWellKnown(
+                    config.oidcDiscoveryEndpoint
+                );
+            }
             if (config.scope === undefined) {
                 config.scope = ["openid", "email"];
             }

lib/ts/recipe/thirdparty/providers/activeDirectory.ts

@@ -29,18 +29,14 @@ export default function ActiveDirectory(input: ProviderInput): TypeProvider {
         originalImplementation.getConfigForClientType = async function ({ clientType, userContext }) {
             const config = await oGetConfig({ clientType, userContext });
 
-            if (config.additionalConfig == undefined || config.additionalConfig.directoryId == undefined) {
-                if (config.oidcDiscoveryEndpoint === undefined) {
-                    throw new Error(
-                        "Please provide the directoryId in the additionalConfig of the Active Directory provider."
-                    );
-                }
-            } else {
+            if (config.additionalConfig !== undefined && config.additionalConfig.directoryId !== undefined) {
                 config.oidcDiscoveryEndpoint = `https://login.microsoftonline.com/${config.additionalConfig.directoryId}/v2.0/.well-known/openid-configuration`;
             }
 
-            // The config could be coming from core where we didn't add the well-known previously
-            config.oidcDiscoveryEndpoint = normaliseOIDCEndpointToIncludeWellKnown(config.oidcDiscoveryEndpoint);
+            if (config.oidcDiscoveryEndpoint !== undefined) {
+                // The config could be coming from core where we didn't add the well-known previously
+                config.oidcDiscoveryEndpoint = normaliseOIDCEndpointToIncludeWellKnown(config.oidcDiscoveryEndpoint);
+            }
 
             if (config.scope === undefined) {
                 config.scope = ["openid", "email"];

lib/ts/recipe/thirdparty/providers/okta.ts

@@ -30,19 +30,17 @@ export default function Okta(input: ProviderInput): TypeProvider {
         originalImplementation.getConfigForClientType = async function (input) {
             const config = await oGetConfig(input);
 
-            if (config.additionalConfig == undefined || config.additionalConfig.oktaDomain == undefined) {
-                if (config.oidcDiscoveryEndpoint === undefined) {
-                    throw new Error("Please provide the oktaDomain in the additionalConfig of the Okta provider.");
-                }
-            } else {
+            if (config.additionalConfig !== undefined && config.additionalConfig.oktaDomain !== undefined) {
                 const oidcDomain = new NormalisedURLDomain(config.additionalConfig.oktaDomain);
                 const oidcPath = new NormalisedURLPath("/.well-known/openid-configuration");
 
                 config.oidcDiscoveryEndpoint = oidcDomain.getAsStringDangerous() + oidcPath.getAsStringDangerous();
             }
 
-            // The config could be coming from core where we didn't add the well-known previously
-            config.oidcDiscoveryEndpoint = normaliseOIDCEndpointToIncludeWellKnown(config.oidcDiscoveryEndpoint);
+            if (config.oidcDiscoveryEndpoint !== undefined) {
+                // The config could be coming from core where we didn't add the well-known previously
+                config.oidcDiscoveryEndpoint = normaliseOIDCEndpointToIncludeWellKnown(config.oidcDiscoveryEndpoint);
+            }
 
             if (config.scope === undefined) {
                 config.scope = ["openid", "email"];

lib/ts/version.ts

@@ -12,7 +12,7 @@
  * License for the specific language governing permissions and limitations
  * under the License.
  */
-export const version = "20.1.0";
+export const version = "20.1.1";
 
 export const cdiSupported = ["5.1"];
 

package.json

@@ -1,6 +1,6 @@
 {
     "name": "supertokens-node",
-    "version": "20.1.0",
+    "version": "20.1.1",
     "description": "NodeJS driver for SuperTokens core",
     "main": "index.js",
     "scripts": {