dima
/
jce-keycloak
6
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 1 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
7 Commits
2 Branches
296 KiB
Tree: c6d427f716
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'c6d427f716'
${ noResults }
jce-keycloak/test/url.test.js

110 lines
2.7 KiB
Raw Normal View History

initial implementation
3 years ago
 
  1. // installable packages

  2. const base64url = require("base64url");
  3. const { v4: uuidv4 } = require("uuid");
  4. const fetch = require("node-fetch").default;
  5. 

  6. // native packages

  7. const crypto = require("crypto");
  8. const { URL, URLSearchParams } = require("url");
  9. 

  10. // config

  11. const BASE_URL = "http://localhost:8080";
  12. const REALM = "demorealm";
  13. const REDIRECT_URI = "com.juice.booster3://auth";
  14. const CLIENT_ID = "native-webview";
  15. 

  16. const sha256encrypt = (code) => {
  17.   const base64Digest = crypto
  18.     .createHash("sha256")
  19.     .update(code)
  20.     .digest("base64");
  21. 

  22.   return base64url.fromBase64(base64Digest);
  23. };
  24. 

  25. const nonceFactory = () => {
  26.   const timestamp = Date.now();
  27.   return sha256encrypt(timestamp.toString());
  28. };
  29. 

  30. function generateAuthUrl() {
  31.   const nonce = uuidv4();
  32.   const state = uuidv4();
  33. 

  34.   const url = new URL(
  35.     `${BASE_URL}/auth/realms/${REALM}/protocol/openid-connect/auth`,
  36.   );
  37.   url.searchParams.append("client_id", CLIENT_ID);
  38.   url.searchParams.append("redirect_uri", REDIRECT_URI);
  39.   url.searchParams.append("state", state);
  40.   url.searchParams.append("response_mode", "fragment");
  41.   url.searchParams.append("response_type", "code");
  42.   url.searchParams.append("scope", "openid");
  43.   url.searchParams.append("nonce", nonce);
  44. 

  45.   console.log(url.href);
  46. }
  47. 

  48. async function getTokenByUrl(urlString) {
  49.   let url = new URL(urlString);
  50. 

  51.   let code = new URLSearchParams(url.hash).get("code");
  52.   console.log(`Auth with code is: ${code}`);
  53. 

  54.   url = new URL(
  55.     `${BASE_URL}/auth/realms/${REALM}/protocol/openid-connect/token`,
  56.   );
  57.   const payload = {
  58.     client_id: CLIENT_ID,
  59.     code,
  60.     grant_type: "authorization_code",
  61.     redirect_uri: REDIRECT_URI,
  62.   };
  63. 

  64.   let response = await fetch(url, {
  65.     method: "POST",
  66.     headers: {
  67.       "Content-Type": "application/x-www-form-urlencoded",
  68.       Accept: "*/*",
  69.     },
  70.     redirect: "manual",
  71.     body: new URLSearchParams(payload).toString(),
  72.   });
  73. 

  74.   const token = await response.json();
  75.   console.log(token);
  76. }
  77. 

  78. async function refresh(refresh_token) {
  79.   const url = new URL(
  80.     `${BASE_URL}/auth/realms/${REALM}/protocol/openid-connect/token`,
  81.   );
  82.   const payload = {
  83.     client_id: CLIENT_ID,
  84.     refresh_token,
  85.     grant_type: "refresh_token",
  86.     redirect_uri: REDIRECT_URI,
  87.   };
  88. 

  89.   let response = await fetch(url, {
  90.     method: "POST",
  91.     headers: {
  92.       "Content-Type": "application/x-www-form-urlencoded",
  93.       Accept: "*/*",
  94.     },
  95.     redirect: "manual",
  96.     body: new URLSearchParams(payload).toString(),
  97.   });
  98. 

  99.   const token = await response.json();
  100.   console.log(token);
  101. }
  102. 

  103. if (require.main === module) {
  104.   const redirectUri = process.argv[2];
  105.   if (redirectUri == null) {
  106.     generateAuthUrl();
  107.   } else {
  108.     getTokenByUrl(redirectUri);
  109.   }
  110. }