Skip to content

Instantly share code, notes, and snippets.

@watahani

watahani/authlete-handson-0606.ts

Created June 6, 2019 14:45
Show Gist options
  • Save watahani/47798e93d0566fb03c18863359713f9e to your computer and use it in GitHub Desktop.
Save watahani/47798e93d0566fb03c18863359713f9e to your computer and use it in GitHub Desktop.
Download ZIP
authlete handson 0606 idp with rp https://authlete.connpass.com/event/130452/
Raw
authlete-handson-0606.ts
import * as express from "express";
import * as request from "request";
import * as crypto from "crypto"
import config from "./config"
const app = express();
const port = 3000;
const baseUri = "https://api.authlete.com/api/auth/"
const serviceId = config.serviceId
const serviceSecret = config.serviceSecret
const clientId = config.clientId
const clientSecret = config.clientSecret
const headers = {
'Content-Type': 'application/json',
'accept': 'application/json'
}
const option = {
url: "",
method: 'POST',
headers: headers,
auth: {
user: serviceId,
password: serviceSecret
},
body: ""
}
const redirect_uri = 'http://localhost:3000/cb/'
app.get('/login/', (req, res) => {
//logged in
//client sent code challenge
const code_challenge = "E9Melhoa2OwvFrEMTJguCHaoeK1t8URWbuGJSstw-cM"
const code_challenge_method = "S256"
let params = [
"redirect_uri=" + redirect_uri,
"response_type=code",
"client_id=" + clientId,
"code_challenge=" + code_challenge,
"code_challenge_method=" + code_challenge_method
].join("&")
const body = {
parameters: params
}
const startCodeRequsetOption = Object.assign({}, option)
startCodeRequsetOption.body = JSON.stringify(body);
startCodeRequsetOption.url = baseUri + "authorization/"
console.log('POST:' + startCodeRequsetOption.url)
request(startCodeRequsetOption, (err, resonse, body) => {
if(err){
console.log(err)
res.send(body)
}
const codeResponse = JSON.parse(body)
const ticket= codeResponse.ticket;
if(!ticket){
console.log(codeResponse)
res.send(codeResponse)
return
}
console.log("ticket: ",ticket)
const tokenRequest = { "ticket": ticket, "subject": "testuser01" }
const requestCodeRequsetOption = Object.assign({}, option)
requestCodeRequsetOption.url = baseUri + 'authorization/issue/'
requestCodeRequsetOption.body = JSON.stringify(tokenRequest);
console.log('code request:', JSON.stringify(tokenRequest));
request(requestCodeRequsetOption, (err, response, body) => {
if(err){
console.log(err)
res.send(body)
}
const codeResponse = JSON.parse(body)
console.log("codeRresponse: ", codeResponse)
res.redirect(codeResponse.responseContent)
})
})
})
//rp end point
app.get('/cb', (req,res) => {
console.log(req.query)
console.log(typeof req.query)
const requestTokenOprion = Object.assign({}, option)
requestTokenOprion.url = baseUri + "token"
//client sent code verifier
const code_verifier = "dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk"
const sha256 = crypto.createHash('sha256')
sha256.update(code_verifier)
//url encode?
console.log(sha256.digest('base64'))
const params = [
"grant_type=authorization_code",
"code=" + req.query.code,
"redirect_uri=" + redirect_uri,
"code_verifier=" + code_verifier
].join('&')
requestTokenOprion.body = JSON.stringify(
{ "clientId": clientId,
"clientSecret": clientSecret,
"parameters": params }
)
request(requestTokenOprion, (err,response,body) => {
if(err){
console.log(err)
res.send(body)
}
//return token to client
res.send(body)
})
})
app.listen(port, () => console.log(`Example app listening on port ${port}!`));
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment