oidc-test-client/app.js

import express from 'express'
import {Issuer, generators} from 'openid-client'
import bodyParser from 'body-parser'

async function run() {
    const app = express();
    app.use(bodyParser.urlencoded());
    app.use(bodyParser.json())

    const issuer = await Issuer.discover(process.env.OIDC_GATEWAY_URI);
    console.log('Discovered issuer %s %O', issuer.issuer, issuer.metadata);
    const client = new issuer.Client({
        client_id: process.env.OIDC_CLIENT_ID,
        client_secret: process.env.OIDC_CLIENT_SECRET,
        redirect_uris: [process.env.OIDC_REDIRECT_URIS],
        response_types: ['code'],
        // id_token_signed_response_alg (default "RS256")
    })
    const code_verifier = generators.codeVerifier();
    const code_challenge = generators.codeChallenge(code_verifier);


    app.get('/', async function (req, res) {
        let url = client.authorizationUrl({
            redirect_uri: process.env.CLIENT_URL + '/cb',
            scope: 'openid profile offline_access',
            response_type: 'code',
            code_challenge,
            code_challenge_method: 'S256',
        });

        res.redirect(url);
    });

    app.get('/cb', async function (req, res) {
         const params = client.callbackParams(req);
        const tokenSet = await client.callback(process.env.CLIENT_URL + '/cb', params,{ code_verifier });
        const userinfo = await client.userinfo(tokenSet.access_token);
        res.send(
            `
                <code>${JSON.stringify(userinfo)}</code>
                <code>${JSON.stringify(tokenSet)}</code>
                <a href="/refresh/${tokenSet.refresh_token}">refresh</a>
                <a href="/access/${tokenSet.access_token}">access</a>
                 `
        )
    });

    app.get('/access/:token', async function (req, res) {
        const access = await client.userinfo(req.params.token)
        res.send(
            `
                <code>${JSON.stringify(access)}</code>
                <a href="/access/${req.params.token}">access</a>
                 `
        )
    });

    app.get('/refresh/:token', async function (req, res) {
        const refresh = await client.refresh(req.params.token)
        res.send(
            `
                <code>${JSON.stringify(refresh)}</code>
                <a href="/refresh/${refresh.refresh_token}">refresh</a>
                 `
        )
    });

    app.listen(3000);
}

run().catch(console.dir);
Initial commit 2023-03-20 19:28:14 +00:00			`import express from 'express'`
			`import {Issuer, generators} from 'openid-client'`
			`import bodyParser from 'body-parser'`

			`async function run() {`
			`const app = express();`
			`app.use(bodyParser.urlencoded());`
			`app.use(bodyParser.json())`

Fix using gateway uri 2023-07-27 18:31:33 +00:00			`const issuer = await Issuer.discover(process.env.OIDC_GATEWAY_URI);`
Initial commit 2023-03-20 19:28:14 +00:00			`console.log('Discovered issuer %s %O', issuer.issuer, issuer.metadata);`
			`const client = new issuer.Client({`
Authorization flow example 2023-04-13 19:31:48 +00:00			`client_id: process.env.OIDC_CLIENT_ID,`
			`client_secret: process.env.OIDC_CLIENT_SECRET,`
Fix using gateway uri 2023-07-27 18:31:33 +00:00			`redirect_uris: [process.env.OIDC_REDIRECT_URIS],`
Authorization flow example 2023-04-13 19:31:48 +00:00			`response_types: ['code'],`
Initial commit 2023-03-20 19:28:14 +00:00			`// id_token_signed_response_alg (default "RS256")`
			`})`
Authorization flow example 2023-04-13 19:31:48 +00:00			`const code_verifier = generators.codeVerifier();`
			`const code_challenge = generators.codeChallenge(code_verifier);`

Initial commit 2023-03-20 19:28:14 +00:00
			`app.get('/', async function (req, res) {`
			`let url = client.authorizationUrl({`
Authorization flow example 2023-04-13 19:31:48 +00:00			`redirect_uri: process.env.CLIENT_URL + '/cb',`
Fix using gateway uri 2023-07-27 18:31:33 +00:00			`scope: 'openid profile offline_access',`
Authorization flow example 2023-04-13 19:31:48 +00:00			`response_type: 'code',`
			`code_challenge,`
			`code_challenge_method: 'S256',`
Initial commit 2023-03-20 19:28:14 +00:00			`});`
Fix using gateway uri 2023-07-27 18:31:33 +00:00
Initial commit 2023-03-20 19:28:14 +00:00			`res.redirect(url);`
			`});`
Fix using gateway uri 2023-07-27 18:31:33 +00:00
Authorization flow example 2023-04-13 19:31:48 +00:00			`app.get('/cb', async function (req, res) {`
			`const params = client.callbackParams(req);`
			`const tokenSet = await client.callback(process.env.CLIENT_URL + '/cb', params,{ code_verifier });`
			`const userinfo = await client.userinfo(tokenSet.access_token);`
Fix using gateway uri 2023-07-27 18:31:33 +00:00			`res.send(`
			`
			`<code>${JSON.stringify(userinfo)}</code>`
			`<code>${JSON.stringify(tokenSet)}</code>`
			`<a href="/refresh/${tokenSet.refresh_token}">refresh</a>`
			`<a href="/access/${tokenSet.access_token}">access</a>`
			`
			`)`
Initial commit 2023-03-20 19:28:14 +00:00			`});`

Fix using gateway uri 2023-07-27 18:31:33 +00:00			`app.get('/access/:token', async function (req, res) {`
			`const access = await client.userinfo(req.params.token)`
			`res.send(`
			`
			`<code>${JSON.stringify(access)}</code>`
			`<a href="/access/${req.params.token}">access</a>`
			`
			`)`
			`});`

			`app.get('/refresh/:token', async function (req, res) {`
			`const refresh = await client.refresh(req.params.token)`
			`res.send(`
			`
			`<code>${JSON.stringify(refresh)}</code>`
			`<a href="/refresh/${refresh.refresh_token}">refresh</a>`
			`
			`)`
			`});`
Authorization flow example 2023-04-13 19:31:48 +00:00
Initial commit 2023-03-20 19:28:14 +00:00			`app.listen(3000);`
			`}`

			`run().catch(console.dir);`