IDP_DISCOVERY + STATE AUTHENTICATION

1. signIn.renderEl(
2.     // Assumes there is an empty element on the page with an id of 'widget-container'
3.     {el: '#widget-container'},
4.     function success(res){
5.         if (res.status === 'SUCCESS') {
6.             if (res.type === 'SESSION_STEP_UP') {
7.                 // Session step up response
8.                 // If the widget is not configured for OIDC and the authentication type is SESSION_STEP_UP,
9.                 // the response will contain user metadata and a stepUp object with the url of the resource
10.                 // and a 'finish' function to navigate to that url
11.                
12.                 console.log(res.type);
13.                 console.log(res.user);
14.                 console.log('Target resource url: ' + res.stepUp.url);
15.                 res.stepUp.finish();
16.                return;
17.             }
18.         }
19.         else if (res.status === 'IDP_DISCOVERY') {
20.             var username = document.getElementById("idp-discovery-username").value;
21.             var xhttp = new XMLHttpRequest();
22.             var orgUrl = "https://{{YOUR_OKTA_DOMAIN}}.com/";
23.             var webFingerUrl = orgUrl+".well-known/webfinger?resource="+encodeURIComponent("okta:acct:"+username);
24.             var finalRedirectUrl = {{SAML_APP_EMBEDDED_LINK}};
25.             xhttp.open("GET", webFingerUrl, true);
26.             xhttp.responseType = "json";
27.             xhttp.send();
28.             xhttp.onload = function(){
29.               var response = xhttp.response;
30.               var link = response.links[0].href;
31.               var idp = link.slice(0, (link.length - 1)); // slincing is required to remove the '#' from the end of the idp link.
32.               window.location.href = idp+"&fromURI="+encodeURIComponent(finalRedirectUrl);
33.             }
34.         }
35.     }
36. );