Stormpath to Okta migration - authentication

We are currently using Stormpath for authentication. Our web application seems to be using a combination of Stormpath SDK calls and some REST calls.
I am aware that the Stormpath SDK will be shutting down August 17, 2017.
I'm trying to get my head around how we are going to migrate our code to Okta or even if we should. Should I just plan on rewriting the authentication portion of our application from the ground up? Stormpath says that Okta has not rewritten the SDK but will have REST apis that we can use temporarily. That sounds somewhat flaky.
Are there alternatives to Okta? My first priority is to find a service that is as stable as possible so that we don't have to migrate again anytime soon.

Related

Is it required to migrate to GIS when you're using google-oauth2?

This link https://developers.googleblog.com/2022/03/gis-jsweb-authz-migration.html says
Your full suite of apps and platforms may be using different methods of authentication and authorization from Google. The following are NOT affected by this deprecation announcement:
Android or iOS native app SDKs,
Backend platforms directly calling Google’s OAuth 2.0 or OpenID services.
I'm currently trying to understand our huge legacy code which might be affected by the GIS migration. Currently, we just redirect to https://accounts.google.com/o/oauth2/v2/auth to start the oauth2 process, once the user clicks the "Sign in with google" button. I've seen this link in the example of the old way from the migration document here: https://developers.google.com/identity/oauth2/web/guides/migration-to-gis#oauth-2.0-endpoints however I'm not sure if it is required to migrate to GIS or not.
From what I understand, only the frontend related libraries should be worried, but I'm dumb so maybe I'm misunderstanding. Can anyone help enlighten me?
Thanks.
You do not need to migrate if you are directly making calls to the Google's OAuth 2.0 endpoints.
The guide you reference recommends using the library with the note use the Google Identity Services library to support a less intrusive popup UX mode and to avoid having to manage complex OAuth 2.0 requests and responses. The intent there is to simplify your implementation not to force a migration.

Authentication and Subscription in Web Application Best Practice

I have an application with Angular in frontend and NodeJs as a Backend.
I want to add a Login/Authentication and Subribtions/Payments to the app and wondering what is the best and easiest solution today. I read about services like Memberstack!?
I also worked with OpenId before and know that some cloud provider got their own solutions.

Has anyone successfully implemented Azure AD auth using Server Side Rendering Angular (Angular Universal)?

Currently We have an app that is using Angular Universal for Rendering. We have MSAL auth installed but we get random infinite loops with auth, especially new users.
We have tried catching these events and handling them but it does not seem to work. Looked at some documentation that says, MSAL is still not supported with Node and Server Side Apps.
I cannot use AUTH0. Does anyone have any ideas on how to accomplish the auth against azure ad in this type of app?
MSAL.js at the moment works only with single page applications. Support for Node applications is on the roadmap.
Still, there are a number of 3rd party libraries that you can use for this. I would suggest using passport-azure-ad. You can see a sample application here.

Azure Websites Authentication / Authorization

I am using new feature of Azure that enables the active directory authentication for your website without writing any code.
http://azure.microsoft.com/blog/2014/11/13/azure-websites-authentication-authorization/
But the problem is my web application is also hosting some Web APIs, which need to be called without any authentication.
Is there a way (some attributes?) so that I can call Web APIs without any authentication?
Tushar, I see that Byron also replied to your question on his post- and suggested creating another website as for APIs as a work around. However I suggest that you wire-up auth separately for your Web App and APIs following our samples here: https://github.com/AzureADSamples/WebApp-OpenIDConnect-DotNet, https://github.com/AzureADSamples/WebApp-WebAPI-OpenIDConnect-DotNet
Let me know if you run into any issues.
From the very same article you refer:
Current Limitations
There are some limitation to the current preview
release of this feature:
...
With the current release the whole site is placed behind login the
requirement.
Head less authentication/authorization for API scenarios
or service to service scenarios are not currently supported.
So, no, you cannot have partial APIs or pages anonymously available - all pages and API will be protected by the Azure Active Directory.

CakePHP and RESTful with PhoneGap

I have built a cakephp site with RESTFul calls. Happy to say these calls work when using curl from another php site. (This is all testing at the moment)
The next stage is setting up authorization, from my understand I'd be looking at either basic or digest loging to make RESTful calls.
I'd like to build a phonegap app, that requires login. Would RESTful calls to CakePHP be the way to go. i.e making a RESTful API for my site?
I'd like to provide an API key. How would this key be secured in a phonegap app?
How secure is phonegap in general? If the files for an app are css, html, js can't the app be broken into and the files revealed
Just looking for general advice and a direction to continue researching.
I believe what you need would be a stateless authentication system. CakePHP comes with 2 built in. Take a look at this example