netlob · September 16, 2019 20:36
diff --git a/MSM3.js b/MSM3.js
 import phin from "phin";
 import { Cookie } from "tough-cookie";
 import { Issuer, generators } from "openid-client";
 import { extractQueryParameter } from "./util";
 import { tenant, username, password, authCode } from "./config.json";

 // Create a file named config.json first:
 // {
 //   "username": "",
 //   "password": "",
 //   "tenant": "",
 //   "authCode": "50b7ddfb6916c1"
 // }


 const codeVerifier = generators.codeVerifier();
 const issuerUrl = "https://accounts.magister.net";

 function validate(res) {
  const code = res.statusCode;

  if (code === 200) {
    return;
  } else {
    throw new Error(res.body.error || code);
  }
 }

 async function login() {
  const issuer = await Issuer.discover(issuerUrl);
  console.log("Got issuer", issuer.issuer);

  const client = new issuer.Client({
    authority: issuerUrl,
    client_id: "M6LOAPP",
    redirect_uris: ["m6loapp://oauth2redirect/"],
    response_types: ["code id_token"],
    id_token_signed_response_alg: "RS256"
  });

  const state = generators.state();
  const nonce = generators.nonce();

  const codeChallenge = generators.codeChallenge(codeVerifier);
  const authUrl = client.authorizationUrl({
    scope: issuer.scopes_supported.join(" "),
    code_challenge: codeChallenge,
    code_challenge_method: "S256",
    acr_values: `tenant:${tenant}.magister.net`,
    client_id: "M6LOAPP",
    state: state,
    nonce: nonce,
    prompt: "select_account"
  });

  const auth = await phin(authUrl).then(res => phin(res.headers.location));
  const location = auth.headers.location;
  const sessionId = extractQueryParameter(
    `${issuerUrl}${location}`,
    "sessionId"
  );
  const returnUrl = extractQueryParameter(
    `${issuerUrl}${location}`,
    "returnUrl"
  );

  const xsrf = Cookie.parse(auth.headers["set-cookie"][1]).value;

  await phin({
    url: `${issuerUrl}/challenge/username`,
    method: "post",
    parse: "json",
    data: {
      authCode,
      sessionId,
      returnUrl,
      username
    },
    headers: {
      cookie: auth.headers["set-cookie"],
      "X-XSRF-TOKEN": xsrf
    }
  }).then(res => {
    return validate(res);
  });

  const cookies = await phin({
    url: `${issuerUrl}/challenge/password`,
    method: "post",
    parse: "json",
    data: {
      authCode,
      sessionId,
      returnUrl,
      password
    },
    headers: {
      cookie: auth.headers["set-cookie"],
      "X-XSRF-TOKEN": xsrf
    }
  }).then(res => {
    validate(res);
    return res.headers["set-cookie"];
  });

  return await phin({
    url: `${issuerUrl}${returnUrl}`,
    headers: {
      cookie: cookies
    }
  }).then(res => {
    const url = res.headers.location;
    const code = url.split("#code=")[1].split("&")[0];

    client
      .callback(
        "m6loapp://oauth2redirect/",
        { code: code },
        { code_verifier: codeVerifier, nonce },
        { exchangeBody: { client_id: "M6LOAPP", headers: {} } }
      )
      .then(tokenSet => {
        console.log("Received the following items in tokenSet:", Object.keys(tokenSet))
      });
  });
 }

 login();
	import phin from "phin";
	import { Cookie } from "tough-cookie";
	import { Issuer, generators } from "openid-client";
	import { extractQueryParameter } from "./util";
	import { tenant, username, password, authCode } from "./config.json";

	// Create a file named config.json first:
	// {
	// "username": "",
	// "password": "",
	// "tenant": "",
	// "authCode": "50b7ddfb6916c1"
	// }


	const codeVerifier = generators.codeVerifier();
	const issuerUrl = "https://accounts.magister.net";

	function validate(res) {
	const code = res.statusCode;

	if (code === 200) {
	return;
	} else {
	throw new Error(res.body.error \|\| code);
	}
	}

	async function login() {
	const issuer = await Issuer.discover(issuerUrl);
	console.log("Got issuer", issuer.issuer);

	const client = new issuer.Client({
	authority: issuerUrl,
	client_id: "M6LOAPP",
	redirect_uris: ["m6loapp://oauth2redirect/"],
	response_types: ["code id_token"],
	id_token_signed_response_alg: "RS256"
	});

	const state = generators.state();
	const nonce = generators.nonce();

	const codeChallenge = generators.codeChallenge(codeVerifier);
	const authUrl = client.authorizationUrl({
	scope: issuer.scopes_supported.join(" "),
	code_challenge: codeChallenge,
	code_challenge_method: "S256",
	acr_values: `tenant:${tenant}.magister.net`,
	client_id: "M6LOAPP",
	state: state,
	nonce: nonce,
	prompt: "select_account"
	});

	const auth = await phin(authUrl).then(res => phin(res.headers.location));
	const location = auth.headers.location;
	const sessionId = extractQueryParameter(
	`${issuerUrl}${location}`,
	"sessionId"
	);
	const returnUrl = extractQueryParameter(
	`${issuerUrl}${location}`,
	"returnUrl"
	);

	const xsrf = Cookie.parse(auth.headers["set-cookie"][1]).value;

	await phin({
	url: `${issuerUrl}/challenge/username`,
	method: "post",
	parse: "json",
	data: {
	authCode,
	sessionId,
	returnUrl,
	username
	},
	headers: {
	cookie: auth.headers["set-cookie"],
	"X-XSRF-TOKEN": xsrf
	}
	}).then(res => {
	return validate(res);
	});

	const cookies = await phin({
	url: `${issuerUrl}/challenge/password`,
	method: "post",
	parse: "json",
	data: {
	authCode,
	sessionId,
	returnUrl,
	password
	},
	headers: {
	cookie: auth.headers["set-cookie"],
	"X-XSRF-TOKEN": xsrf
	}
	}).then(res => {
	validate(res);
	return res.headers["set-cookie"];
	});

	return await phin({
	url: `${issuerUrl}${returnUrl}`,
	headers: {
	cookie: cookies
	}
	}).then(res => {
	const url = res.headers.location;
	const code = url.split("#code=")[1].split("&")[0];

	client
	.callback(
	"m6loapp://oauth2redirect/",
	{ code: code },
	{ code_verifier: codeVerifier, nonce },
	{ exchangeBody: { client_id: "M6LOAPP", headers: {} } }
	)
	.then(tokenSet => {
	console.log("Received the following items in tokenSet:", Object.keys(tokenSet))
	});
	});
	}

	login();