Comments (22)
Hi everyone, thank you for your thoughts. We've discussed this and have decided that Typescript should get some first-party support from us, so we will start working it into our roadmap. Continue to watch this issue for updates. Thanks!
from okta-auth-js.
After not finding any decent type definitions for version 2 I decided to go through the documentation and compile my own. As I'm only using the web flow, I've not covered the session related methods or transactions (or any methods on the main client for the matter of fact) but nonetheless I think it's a good start.
You can find them here in a gist I've created: https://gist.github.com/codeaid/1deacf28ab56cea3b715e83e520aae32
I don't think it would take much work to complete them so let me know if anyone's interested in having this finished and we can think about 😉
from okta-auth-js.
Here, I made a little something to get people started on their own.
Paste it in your code where you use okta.
Or put it in it's own file, but then you must remember to add the "export" in front of every interface and also in front the class declaration at the bottom.
I made a loose definition of IPromise<T>
at the bottom. If you already have a definition of Promises (e.g. AngularJS's ng.IPromise<T>
or Angular's Promise<T>
then I encourage you to use that instead.
/** OktaAuth TypeScript Definitions */
interface OktaConfig
{
url:string;
clientId?:string,
redirectUri?:string;
issuer?:string;
}
interface OktaCredentials
{
username:string;
password:string;
}
interface OktaTransaction
{
readonly status:string;
readonly sessionToken:string;
cancel():IPromise<OktaTransaction>;
}
interface OktaOAuthOptions
{
responseType:string|string[];
sessionToken?:string;
}
interface OktaToken
{
getWithoutPrompt(oauthOptions:OktaOAuthOptions):IPromise<any>;
getWithPopup(oauthOptions:OktaOAuthOptions):IPromise<any>;
getWithRedirect(oauthOptions:OktaOAuthOptions):void
parseFromUrl():ng.IPromise<any>;
decode(idTokenString:string):string
refresh(tokenToRefresh:string):IPromise<string>;
getUserInfo(accessTokenObject:string):IPromise<any>;
verify(idTokenObject:string):IPromise<any>;
}
interface OktaTokenManager
{
/** After receiving an access_token or id_token, add it to the tokenManager to manage token expiration and refresh operations.
* When a token is added to the tokenManager, it is automatically refreshed when it expires.
* @param {string} key Unique key to store the token in the tokenManager. This is used later when you want to get, delete, or refresh the token.
* @param {string} token Token object that will be added */
add(key:string, token:string):void;
/** Get a token that you have previously added to the tokenManager with the given key */
get(key:string):string;
/** Remove a token from the tokenManager with the given key. */
remove(key:string):void;
/** Remove all tokens from the tokenManager. */
clear():void;
/** Manually refresh a token before it expires. */
refresh(key:string):void;
/** Subscribe to an event published by the tokenManager. */
on(event:'expired'|'error'|'refreshed', callback:Function, context?:any);
/** Unsubscribe from tokenManager events. If no callback is provided, unsubscribes all listeners from the event. */
off(event:'expired'|'error'|'refreshed', callback:Function);
}
declare class OktaAuth
{
readonly token:OktaToken;
readonly tokenManager:OktaTokenManager;
constructor(config:OktaConfig);
public signIn(options:OktaCredentials):IPromise<OktaTransaction>;
public signOut():IPromise<any>;
[fn:string]:any;
}
The code below is mostly for those who don't already have promises in their project. If you use AngularJS or Angular, just use their definitions instead and change the code above accordingly.
interface IPromise<T>
{
then(onSuccess:(arg:T)=>any):IPromise<any>;
then<TOut>(onSuccess:(arg:T)=>TOut):IPromise<TOut>;
catch(onReject:(err:any)=>void):IPromise<void>;
finally(finallyCallback:()=>void):IPromise<void>;
}
from okta-auth-js.
Don't want to be harsh but I think it's appalling that in this day and age one of the largest OIDC providers hasn't bothered to add TypeScript support for their SDK and people have to resort to hacking their own definitions. Even libraries like oidc-client-js have full support but unfortunately the library doesn't work when it comes to refreshing tokens as Okta decided to require Basic authentication during the call to /token
endpoint which no-one else does.
To add insult to the injury - this issue has been open for 2 years now with nothing coming out of it!
from okta-auth-js.
Thanks for the feedback @codeaid. This is something I'd like to do, but we've had higher-priority features and bug fixes in the pipeline for a while. Sorry about the lack of TypeScript love. I'm leaving this open to continue to collect votes and +1s for TypeScript definitions.
I'm not sure why oidc-client-js wouldn't work with Okta's endpoints. Their library is spec-compliant, and so are our endpoints. Okta supports all of the client authentication styles defined by the spec, including client_secret_post
(and client_secret_basic
, as you mentioned). Maybe is a configuration error in that case?
from okta-auth-js.
just lazily hacked the errors by suppressing them with //@ts-ignore
I'm done...🤣🤣🤣🤣🤣
from okta-auth-js.
Absent typings included in the package, our best bet is to collaborate on community-provided typings in the DefinitelyTyped project.
from okta-auth-js.
When do you expect for the the Type definitions to be available?
from okta-auth-js.
@shihlinlu (and the many interested) - we try our best not to make promises we may then not make because of the reality of software development, so all I can say is that we are well aware of the interest in adding these definitions and appreciate your (enthusiastic!) patience.
...which may not be a satisfying answer, but it is a sincere one.
from okta-auth-js.
Typescript is supported in okta-auth-js
since v4.0. Please see the migration guide to upgrade.
from okta-auth-js.
@codeaid - Thanks for sharing! When we're ready to support and maintain TS definitions, we would love to consider your code - are you willing to sign a CLA for us? (https://developer.okta.com/cla/ ) I don't know if one is legally required, but better safe than sorry.
Either way, I'm sure others appreciate you sharing your efforts!
from okta-auth-js.
+1
from okta-auth-js.
Internal ref: OKTA-241766
from okta-auth-js.
Also the comment about not making promises because of the nature of software development is disingenuous at best. Problems that are prioritised get done. This comment belies a reality which says "we don't care about this" or worse "we want to do this but our management won't let us".
from okta-auth-js.
@shuowu worth noting that @okta/jwt-verifier
has no types.
from okta-auth-js.
These are basically standard for any package at this point. Please add them!! Pretty please?
from okta-auth-js.
Here, I made a little something to get people started on their own.
Paste it in your code where you use okta.
Or put it in it's own file, but then you must remember to add the "export" in front of every interface
doesn't seem to correspond with what i'm seeing.. for example props.auth object looks like this:
handleAuthentication: ƒ, isAuthenticated: ƒ, …}
getAccessToken: ƒ ()
getIdToken: ƒ ()
getUser: ƒ ()
handleAuthentication: ƒ ()
isAuthenticated: ƒ ()
login: ƒ ()
logout: ƒ ()
redirect: ƒ ()
...
from okta-auth-js.
When do you think you'll be ready to support and maintain TS definitions @swiftone ?
from okta-auth-js.
@erichulburd - great question! I don't set the timeline for such features and don't to create a false expectation by giving a commitment I (or anyone else on the team) can't meet, but I'd venture it is safer to use the workaround provided by @codeaid over waiting for a change - we have an investigation task but nothing will happen rapidly.
from okta-auth-js.
We have just signed an agreement with Okta and are only now realising that Okta has claimed to have this on their roadmap for many years now. We're going to cancel and find a different provider. This sort of thing is third-rate.
from okta-auth-js.
@nick-myers-dt I agree it's taking a while. I'm a big fan of TypeScript and I've used it with many of our JS SDKs. The good news is there's an active pull request in the works. See #380 for more information.
from okta-auth-js.
+1
from okta-auth-js.
Related Issues (20)
- Circular dependency b/n esm\browser\myaccount\request.js and all the files in the transactions subfolder HOT 4
- Web workers for token renew and expiry HOT 4
- `issuer` type can be undefined but it results in a runtime error HOT 1
- is cancelling transaction critical to do? HOT 4
- Use GitHub Discussions instead of devforum
- Snyk High Vulnerability: SNYK-JS-INFLIGHT-6095116 through [email protected] HOT 2
- Validate claims does not follow OpenID spec for audience validation HOT 3
- Okta License appears in build 196 times HOT 3
- token.getWithRedirect not happening immediately HOT 3
- 'OktaAuthModule' does not appear to be an NgModule class. HOT 1
- TokenManager.emitAdded() called multiple times on tab duplication HOT 1
- Error when httpRequest deletes STATE_TOKEN_KEY_NAME from storage HOT 4
- Migrate type tests to TSTyche HOT 4
- Uncaught (in promise) TypeError: wellKnownResponse is undefined HOT 3
- "autoRenew" deprecation notice should link to new functionallity
- Cannot sign out when DSSO is enabled HOT 1
- field validation errors not showing up with associated fields
- getTokens() - Add check to see if tokens are expired (or will in 30s) and try to refresh if so HOT 1
- creating a new account sdk does not crete session HOT 3
- index.js:76 [okta-auth-sdk] WARN: a saved auth transaction exists in storage. This may indicate another auth flow is already in progress. HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from okta-auth-js.