Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
export const register = ( app: any ) => {
// Create the OIDC client
const oidc = new ExpressOIDC( {
client_id: process.env.OKTA_CLIENT_ID,
client_secret: process.env.OKTA_CLIENT_SECRET,
issuer: `${ process.env.OKTA_ORG_URL }/oauth2/default`,
redirect_uri: `${ process.env.HOST_URL }/authorization-code/callback`,
scope: "openid profile"
} );
// Configure Express to use authentication sessions
app.use( session( {
resave: true,
saveUninitialized: false,
secret: process.env.SESSION_SECRET
} ) );
// Configure Express to use the OIDC client router
app.use( oidc.router );
module.exports = function SampleWebServer(sampleConfig, extraOidcOptions, homePageTemplateName) {
const oidc = new ExpressOIDC(Object.assign({
issuer: sampleConfig.oidc.issuer,
client_id: sampleConfig.oidc.clientId,
client_secret: sampleConfig.oidc.clientSecret,
appBaseUrl: sampleConfig.oidc.appBaseUrl,
scope: sampleConfig.oidc.scope,
testing: sampleConfig.oidc.testing
}, extraOidcOptions || {}));
const app = express();
app.use(session({
secret: 'this-should-be-very-random',
resave: true,
saveUninitialized: false
}));