Use environment vars w/ optional dotenv file in shared samples config

.gitignore

@@ -4,6 +4,6 @@ dist
 npm-debug.log
 .DS_Store
 .vscode
-.samples.config.js
+.samples.config.js*
 testenv
 okta-oidc-tck

README.md

@@ -2,10 +2,50 @@
 
 This repository contains several sample applications that show you how to integrate various Okta use-cases into your Node.js application that uses the Express framework.
 
+## Configuration
+
+All of the samples share a single configuration file, [config.js](config.js). The config uses environment variables which can be either exported in the shell or stored in a file named `testenv` in this directory. See [dotenv](https://www.npmjs.com/package/dotenv) for more details on this file format. It may look something like:
+
+```ini
+ISSUER=https://yourOktaDomain.com/oauth2/default
+
+# Web app
+CLIENT_ID=123XX
+CLIENT_SECRET=456XX
+
+# SPA app
+SPA_CLIENT_ID=123YY
+
+```
+
 Please find the sample that fits your use-case from the table below.
 
 | Sample | Description | Use-Case |
 |--------|-------------|----------|
 | [Okta-Hosted Login](/okta-hosted-login) | An application server that uses the hosted login page on your Okta org, then creates a cookie session for the user in the Express application. | Traditional web applications with server-side rendered pages. |
 | [Custom Login Page](/custom-login) | An application server that uses the Okta Sign-In Widget on a custom login page within the application, then creates a cookie session for the user in the Express application. | Traditional web applications with server-side rendered pages. |
 | [Resource Server](/resource-server) | This is a sample API resource server that shows you how to authenticate requests with access tokens that have been issued by Okta. | Single-Page applications. |
+
+## Running the tests
+
+Before running the tests you will need to gather values for ALL required environment variables.
+You can export these variables in the shell or store them in a file named `testenv` in the current directory.
+
+You will need two Okta applications, one Web app and one SPA app. Save the clientId for the Web app as `CLIENT_ID` and the clientId for the SPA app as `SPA_CLIENT_ID`
+
+The Web app needs a couple of settings in the Developer console:
+Add a `Login redirect URI`: `http://localhost:8080/authorization-code/callback`
+Add a `Logout redirect URI`: `http://localhost:8080/logout/callback`
+
+You will also need credentials for a test user.
+
+```ini
+ISSUER=https://yourOktaDomain.com/oauth2/default
+CLIENT_ID=123xxxxx123
+CLIENT_SECRET=1234XXX
+SPA_CLIENT_ID=123yyyy123
+USERNAME=testuser
+PASSWORD=testpass
+```
+
+With all variables set, run `npm test`

config.js

@@ -0,0 +1,40 @@
+var path = require('path');
+
+// Users can also provide the testenv configuration at the root folder: https://www.npmjs.com/package/dotenv
+require('dotenv').config({ path: path.join(__dirname, 'testenv') });
+
+var ISSUER = process.env.ISSUER || 'https://{yourOktaDomain}.com/oauth2/default';
+var CLIENT_ID = process.env.CLIENT_ID || '{clientId}';
+var CLIENT_SECRET = process.env.CLIENT_SECRET || '{clientSecret}';
+var SPA_CLIENT_ID = process.env.SPA_CLIENT_ID || '{spaClientId}';
+var OKTA_TESTING_DISABLEHTTPSCHECK = process.env.OKTA_TESTING_DISABLEHTTPSCHECK ? true : false;
+
+module.exports = {
+  webServer: {
+    port: 8080,
+    oidc: {
+      clientId: CLIENT_ID,
+      clientSecret: CLIENT_SECRET,
+      issuer: ISSUER,
+      appBaseUrl: 'http://localhost:8080',
+      scope: 'openid profile email',
+      testing: {
+        disableHttpsCheck: OKTA_TESTING_DISABLEHTTPSCHECK
+      }
+    },
+  },
+  resourceServer: {
+    port: 8000,
+    oidc: {
+      clientId: SPA_CLIENT_ID,
+      issuer: ISSUER,
+      testing: {
+        disableHttpsCheck: OKTA_TESTING_DISABLEHTTPSCHECK
+      }
+    },
+    assertClaims: {
+      aud: 'api://default',
+      cid: SPA_CLIENT_ID
+    }
+  }
+};

custom-login/README.md

@@ -33,21 +33,12 @@ Now you need to gather the following information from the Okta Developer Console
 
 - **Issuer** - This is the URL of the authorization server that will perform authentication.  All Developer Accounts have a "default" authorization server.  The issuer is a combination of your Org URL (found in the upper right of the console home page) and `/oauth2/default`. For example, `https://dev-1234.okta.com/oauth2/default`.
 
-Now place these values into the file `.samples.config.js` that was created for you in the root of this project:
-
-```javascript
-module.exports = {
-  "webServer": {
-    "port": 8080,
-    "oidc": {
-      "clientId": "{clientId}",
-      "clientSecret": "{clientSecret}",
-      "issuer": "https://{yourOktaDomain}.com/oauth2/default",
-      "appBaseUrl": "http://localhost:8080",
-      "scope": "openid profile email"
-    }
-  }
-}
+Now place these values into a file `testenv` at the root of this project (this is the parent directory relative to this README):
+
+```ini
+ISSUER=https://yourOktaDomain.com/oauth2/default
+CLIENT_ID=123xxxxx123
+CLIENT_SECRET=1234XXX
 ```
 
 Now start the app server:

custom-login/server.js

@@ -11,7 +11,7 @@
  */
 
 const url = require('url');
-const sampleConfig = require('../.samples.config.js');
+const sampleConfig = require('../config.js');
 const SampleWebServer = require('../common/sample-web-server');
 
 const oidcMiddlewareConfig = {

okta-hosted-login/README.md

@@ -33,24 +33,14 @@ Now you need to gather the following information from the Okta Developer Console
 
 - **Issuer** - This is the URL of the authorization server that will perform authentication.  All Developer Accounts have a "default" authorization server.  The issuer is a combination of your Org URL (found in the upper right of the console home page) and `/oauth2/default`. For example, `https://dev-1234.okta.com/oauth2/default`.
 
-Now place these values into the file `.samples.config.js` that was created for you in the root of this project:
-
-```javascript
-module.exports = {
-  "webServer": {
-    "port": 8080,
-    "oidc": {
-      "clientId": "{clientId}",
-      "clientSecret": "{clientSecret}",
-      "issuer": "https://{yourOktaDomain}.com/oauth2/default",
-      "appBaseUrl": "http://localhost:8080",
-      "scope": "openid profile email"
-    },
-  }
-}
+Now place these values into a file `testenv` at the root of this project (this is the parent directory relative to this README):
 
+```ini
+ISSUER=https://yourOktaDomain.com/oauth2/default
+CLIENT_ID=123xxxxx123
 ```
 
+
 Now start the app server:
 
 ```

okta-hosted-login/server.js

@@ -10,7 +10,7 @@
  * See the License for the specific language governing permissions and limitations under the License.
  */
 
-const sampleConfig = require('../.samples.config.js');
+const sampleConfig = require('../config.js');
 const SampleWebServer = require('../common/sample-web-server');
 
 /**

package.json

@@ -11,7 +11,6 @@
   "homepage": "https://github.com/okta/samples-nodejs-express-4",
   "scripts": {
     "banners": "node tools/maintain-banners.js {common,custom-login,okta-hosted-login,resource-server,tools}/{*.js,**/*.js} ./*.js common/assets/css/samples.css",
-    "postinstall": "node post-install.js",
     "custom-login-server": "node custom-login/server.js",
     "test:custom-login": "protractor okta-oidc-tck/e2e-tests/custom-login/conf.js",
     "okta-hosted-login-server": "node okta-hosted-login/server.js",

resource-server/README.md

@@ -36,23 +36,11 @@ Now you need to gather the following information from the Okta Developer Console
 - **Client Id** - The client ID of the SPA application that you created earlier. This can be found on the "General" tab of an application, or the list of applications.  The resource server will validate that tokens have been minted for this application.
 - **Issuer** - This is the URL of the authorization server that minted the tokens.  All Developer Accounts have a "default" authorization server.  The issuer is a combination of your Org URL (found in the upper right of the console home page) and `/oauth2/default`. For example, `https://dev-1234.oktapreview.com/oauth2/default`.
 
-Now place these values into the file `.samples.config.js` that was created for you in the root of this project:
-
-```javascript
-module.exports = {
-  "resourceServer": {
-    "port": 8000,
-    "oidc": {
-      "clientId": "{spaClientId}",
-      "issuer": "https://{yourOktaDomain}.com/oauth2/default"
-    },
-    "assertClaims": {
-      "aud": "api://default",
-      "cid": "{spaClientId}"
-    }
-  }
-}
+Now place these values into a file `testenv` at the root of this project (this is the parent directory relative to this README):
 
+```ini
+ISSUER=https://yourOktaDomain.com/oauth2/default
+SPA_CLIENT_ID=123xxxxx123
 ```
 
 Now start the resource server:

resource-server/server.js

@@ -14,7 +14,7 @@ const express = require('express');
 const OktaJwtVerifier = require('@okta/jwt-verifier');
 var cors = require('cors');
 
-const sampleConfig = require('../.samples.config.js');
+const sampleConfig = require('../config.js');
 
 const oktaJwtVerifier = new OktaJwtVerifier({
   clientId: sampleConfig.resourceServer.oidc.clientId,

scripts/setup-env.js

@@ -7,34 +7,11 @@ const path = require('path');
 // Users can also provide the testenv configuration at the root folder
 require('dotenv').config({ path: path.join(__dirname, '..', 'testenv') });
 
-function updateConfig() {
+function validateConfig() {
   if (!process.env.ISSUER || !process.env.CLIENT_ID || !process.env.CLIENT_SECRET || !process.env.USERNAME || !process.env.PASSWORD) {
     console.log('[ERROR] Please set the necessary Environment variables (ISSUER, CLIENT_ID, CLIENT_SECRET, USERNAME, PASSWORD)');
     process.exit(1);
   }
-
-  const file = path.join(__dirname, '..', '.samples.config.js');
-  const data = fs.readFileSync(file, 'utf8');
-  let result = data.replace(/https:\/\/{yourOktaDomain}.com\/oauth2\/default/g, process.env.ISSUER);
-
-  if(data.indexOf('{clientId}') >= 0){
-    result = result.replace(/{clientId}/g, process.env.CLIENT_ID);
-  }
-
-  if(data.indexOf('{clientSecret}') >= 0){
-    result = result.replace(/{clientSecret}/g, process.env.CLIENT_SECRET);
-  }
-
-  if(data.indexOf('{spaClientId}') >= 0){
-    result = result.replace(/{spaClientId}/g, process.env.SPA_CLIENT_ID);
-  }
-
-  // Only used for testing to support non-https orgs
-  if (process.env.OKTA_TESTING_DISABLEHTTPSCHECK) {
-    result = result.replace(/disableHttpsCheck: false/g, 'disableHttpsCheck: true');
-  }
-
-  fs.writeFileSync(file, result, 'utf8');
 }
 
 function cloneRepository(repository, directory) {
@@ -54,5 +31,5 @@ function cloneRepository(repository, directory) {
   });
 }
 
-updateConfig();
+validateConfig();
 cloneRepository('https://github.com/okta/okta-oidc-tck.git', 'okta-oidc-tck');