Description

OKTA SAML nodejs TypeScript starter repository for DHS.

Nest nodejs backend framework.

Okta for SAML.

Installation

$ pnpm install

Running the app

# development
$ pnpm run start

# watch mode
$ pnpm run start:dev

# production mode
$ pnpm run start:prod

# docker 
$ docker compose up -d

Generate key and cert

Create the server private key

openssl genrsa -out oktapk.key 2048

Create the certificate signing request (CSR)

openssl req -new -key oktapk.key -out servercert.csr

Sign the certificate using the private key and CSR

openssl x509 -req -days 3650 -in servercert.csr -signkey oktapk.key -out dhscert.crt

Generate Metadata

http://localhost:3000/auth/meta

Make sure to add config folder in the root directory of project and store cert and private key, refer saml.strategy.ts

OKTA Authentication Process

DHS OKTA will generate a 509 certificate with an entity Id and IDP entry point. Please ensure that the application callback URL is passed, as it will be called after a successful authentication request. A SAML response will then be generated with user information.

.env file

Create .env file in the project with following keys and provide valid information

# public cert
SAML_SERVER_PUBLIC_CERT=<PLACEHOLDER>
# private key
SAML_SERVER_PRIVATE_KEY=<PLACEHOLDER>
# entry point
OKTA_SAML_ENTRY_POINT=<PLACEHOLDER>
# issuer
OKTA_SAML_ISSUER=<PLACEHOLDER>
# app callback url
OKTA_SAML_CALLBACK_URL=<PLACEHOLDER>

Contact

info@wasatchinfotech.com

Screens

After starting the application navigate to http://localhost:3000/ will display page with login button.

Submit action should take to DHS SSO OKTA application for the authentication.