46 lines
1.5 KiB
JavaScript
46 lines
1.5 KiB
JavaScript
import express from 'express'
|
|
import {Issuer, generators} from 'openid-client'
|
|
import bodyParser from 'body-parser'
|
|
|
|
async function run() {
|
|
const app = express();
|
|
app.use(bodyParser.urlencoded());
|
|
app.use(bodyParser.json())
|
|
|
|
const issuer = await Issuer.discover(process.env.OIDC_GATEWAY_URL);
|
|
console.log('Discovered issuer %s %O', issuer.issuer, issuer.metadata);
|
|
const client = new issuer.Client({
|
|
client_id: process.env.OIDC_CLIENT_ID,
|
|
client_secret: process.env.OIDC_CLIENT_SECRET,
|
|
redirect_uris: JSON.parse(process.env.OIDC_REDIRECT_URIS),
|
|
response_types: ['code'],
|
|
// id_token_signed_response_alg (default "RS256")
|
|
})
|
|
const code_verifier = generators.codeVerifier();
|
|
const code_challenge = generators.codeChallenge(code_verifier);
|
|
|
|
|
|
app.get('/', async function (req, res) {
|
|
let url = client.authorizationUrl({
|
|
redirect_uri: process.env.CLIENT_URL + '/cb',
|
|
scope: 'openid profile',
|
|
response_type: 'code',
|
|
code_challenge,
|
|
code_challenge_method: 'S256',
|
|
});
|
|
res.redirect(url);
|
|
});
|
|
app.get('/cb', async function (req, res) {
|
|
const params = client.callbackParams(req);
|
|
const tokenSet = await client.callback(process.env.CLIENT_URL + '/cb', params,{ code_verifier });
|
|
const userinfo = await client.userinfo(tokenSet.access_token);
|
|
console.log('userinfo %j', userinfo);
|
|
res.send(userinfo)
|
|
});
|
|
|
|
|
|
app.listen(3000);
|
|
}
|
|
|
|
run().catch(console.dir);
|