-
Notifications
You must be signed in to change notification settings - Fork 24
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Showing
12 changed files
with
74 additions
and
11 deletions.
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,10 @@ | ||
| { | ||
| "folders": [ | ||
| { | ||
| "path": "." | ||
| }, | ||
| { | ||
| "path": "../nextjs-test-app" | ||
| } | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,10 +1,6 @@ | ||
| import { setupChallenge } from "../utils/setupChallenge"; | ||
|
|
||
| export const login = (req, res) => { | ||
| // setupChallenge(); | ||
| console.log("log in"); | ||
| console.log("req", req); | ||
| console.log("res", res); | ||
|
|
||
| res.status(200).json({ name: "John Doe" }); | ||
| setupChallenge(); | ||
| res.status(200).json({ function: "Login" }); | ||
| }; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,6 @@ | ||
| import { setupChallenge } from "../utils/setupChallenge"; | ||
|
|
||
| export const logout = (req, res) => { | ||
| setupChallenge(); | ||
| res.status(200).json({ function: "logout" }); | ||
| }; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,6 @@ | ||
| import { setupChallenge } from "../utils/setupChallenge"; | ||
|
|
||
| export const me = (req, res) => { | ||
| setupChallenge(); | ||
| res.status(200).json({ function: "me" }); | ||
| }; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,6 @@ | ||
| import { setupChallenge } from "../utils/setupChallenge"; | ||
|
|
||
| export const register = (req, res) => { | ||
| setupChallenge(); | ||
| res.status(200).json({ function: "Register" }); | ||
| }; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,11 @@ | ||
| // Base64-urlencodes the input string | ||
| export function base64UrlEncode(str) { | ||
| // Convert the ArrayBuffer to string using Uint8 array to conver to what btoa accepts. | ||
| // btoa accepts chars only within ascii 0-255 and base64 encodes them. | ||
| // Then convert the base64 encoded to base64url encoded | ||
| // (replace + with -, replace / with _, trim trailing =) | ||
| return btoa(String.fromCharCode.apply(null, new Uint8Array(str))) | ||
| .replace(/\+/g, "-") | ||
| .replace(/\//g, "_") | ||
| .replace(/=+$/, ""); | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,8 @@ | ||
| import { base64UrlEncode } from "./base64Encode"; | ||
| import { sha256 } from "./sha256"; | ||
|
|
||
| // Return the base64-urlencoded sha256 hash for the PKCE challenge | ||
| export async function pkceChallengeFromVerifier(v) { | ||
| const hashed = await sha256(v); | ||
| return base64UrlEncode(hashed); | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,16 +1,19 @@ | ||
| import { randomString } from "./randomString"; | ||
| import { SESSION_PREFIX } from "../config/sessionPrefix"; | ||
| import { pkceChallengeFromVerifier } from "./pkceChallengeFromVerifier"; | ||
|
|
||
| var cookie = require("cookie"); | ||
|
|
||
| export const setupChallenge = () => { | ||
| export const setupChallenge = async () => { | ||
| const state = randomString(); | ||
| const code_verifier = randomString(); // the secret | ||
| // Hash and base64-urlencode the secret to use as the challenge | ||
| const code_challenge = "await pkceChallengeFromVerifier(code_verifier)"; | ||
| const code_challenge = await pkceChallengeFromVerifier(code_verifier); | ||
|
|
||
| cookie.parse(`${SESSION_PREFIX}-${state}`, code_verifier); | ||
|
|
||
| // Build and encode the authorisation request url | ||
| const url = new URL(config.authorization_endpoint); | ||
| const url = new URL("https://developer.mozilla.org/oauth2/auth"); | ||
| console.log(url); | ||
| return { state, code_challenge, url }; | ||
| }; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,8 @@ | ||
| const { subtle } = require("crypto"); | ||
| // Calculate the SHA256 hash of the input text. | ||
| // Returns a promise that resolves to an ArrayBuffer | ||
| export function sha256(plain) { | ||
| const encoder = new TextEncoder(); | ||
| const data = encoder.encode(plain); | ||
| return subtle.digest("SHA-256", data); | ||
| } |