zapthedingbat · April 4, 2023 13:00
diff --git a/oneid.ts b/oneid.ts
 export async function getAuthorizeUrl({redirectUri}:GetAuthorizeUrlOptions){
  const authorizeUrl = new URL("https://controller.sandbox.myoneid.co.uk/v2/authorize");
  authorizeUrl.searchParams.set("client_id", process.env.ONEID_CLIENT_ID);
  authorizeUrl.searchParams.set("redirect_uri", redirectUri!);
  authorizeUrl.searchParams.set("response_type", "code");
  authorizeUrl.searchParams.set("scope", "product:identity_proof");
  //TODO: Store state in client storage
  authorizeUrl.searchParams.set("state", "state");
  return authorizeUrl.toString();
 }

 export async function callback(req:Request){
  //TODO: validate state parameter against client storage
  const code = req.query.code as string;
  const accessToken = await tokenExchange(code);
  const userInfo = await getUserInfo(accessToken);
  return userInfo;
 }

 async function tokenExchange(code:string){
  const formData = new URLSearchParams();
  formData.append('grant_type', "authorization_code");
  formData.append('code', code);

  const basicAuthStr = `${process.env.ONEID_CLIENT_ID}:${process.env.ONEID_CLIENT_SECRET}`;
  const basicAuth = Buffer.from(basicAuthStr).toString("base64");

  const response = await fetch("https://controller.sandbox.myoneid.co.uk/token", {
    method: "POST",
    headers: {
      "accept": "application/json",
      Authorization: `Basic ${basicAuth}`
    },
    body: formData
  });
  
  const result = await response.json();
  console.log("/token", result);
  return result.access_token;
 }

 async function getUserInfo(accessToken:string){
  const response = await fetch("https://controller.sandbox.myoneid.co.uk/userinfo", {
    headers: {
      "accept": "application/json",
      Authorization: `Bearer  ${accessToken}`
    }
  });
  const result = await response.json();
  console.log("/userinfo", {accessToken, result});
  return result;
 }
	export async function getAuthorizeUrl({redirectUri}:GetAuthorizeUrlOptions){
	const authorizeUrl = new URL("https://controller.sandbox.myoneid.co.uk/v2/authorize");
	authorizeUrl.searchParams.set("client_id", process.env.ONEID_CLIENT_ID);
	authorizeUrl.searchParams.set("redirect_uri", redirectUri!);
	authorizeUrl.searchParams.set("response_type", "code");
	authorizeUrl.searchParams.set("scope", "product:identity_proof");
	//TODO: Store state in client storage
	authorizeUrl.searchParams.set("state", "state");
	return authorizeUrl.toString();
	}

	export async function callback(req:Request){
	//TODO: validate state parameter against client storage
	const code = req.query.code as string;
	const accessToken = await tokenExchange(code);
	const userInfo = await getUserInfo(accessToken);
	return userInfo;
	}

	async function tokenExchange(code:string){
	const formData = new URLSearchParams();
	formData.append('grant_type', "authorization_code");
	formData.append('code', code);

	const basicAuthStr = `${process.env.ONEID_CLIENT_ID}:${process.env.ONEID_CLIENT_SECRET}`;
	const basicAuth = Buffer.from(basicAuthStr).toString("base64");

	const response = await fetch("https://controller.sandbox.myoneid.co.uk/token", {
	method: "POST",
	headers: {
	"accept": "application/json",
	Authorization: `Basic ${basicAuth}`
	},
	body: formData
	});

	const result = await response.json();
	console.log("/token", result);
	return result.access_token;
	}

	async function getUserInfo(accessToken:string){
	const response = await fetch("https://controller.sandbox.myoneid.co.uk/userinfo", {
	headers: {
	"accept": "application/json",
	Authorization: `Bearer ${accessToken}`
	}
	});
	const result = await response.json();
	console.log("/userinfo", {accessToken, result});
	return result;
	}