Compare commits
2 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 argoyle
|
a9ea2dace4 | ||
|
argoyle
|
aad18ad000 |
@@ -15,6 +15,7 @@ let issuer = process.env.ISSUER || 'localhost:3333'
|
|||||||
let jwksOrigin = `https://${issuer}/`
|
let jwksOrigin = `https://${issuer}/`
|
||||||
const audience = process.env.AUDIENCE || 'https://generic-audience'
|
const audience = process.env.AUDIENCE || 'https://generic-audience'
|
||||||
const adminCustomClaim = process.env.ADMIN_CUSTOM_CLAIM || 'https://unbound.se/admin'
|
const adminCustomClaim = process.env.ADMIN_CUSTOM_CLAIM || 'https://unbound.se/admin'
|
||||||
|
const emailCustomClaim = process.env.EMAIL_CUSTOM_CLAIM || 'https://unbound.se/email'
|
||||||
|
|
||||||
const debug = Debug('app')
|
const debug = Debug('app')
|
||||||
|
|
||||||
@@ -27,6 +28,18 @@ const corsOpts = (req, cb) => {
|
|||||||
cb(null, { origin: req.headers.origin })
|
cb(null, { origin: req.headers.origin })
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const addCustomClaims = (email, customClaims, token) => {
|
||||||
|
const emailClaim = {}
|
||||||
|
emailClaim[emailCustomClaim] = email
|
||||||
|
return [...customClaims, emailClaim].reduce((acc, claim) => {
|
||||||
|
return {
|
||||||
|
...acc,
|
||||||
|
...claim
|
||||||
|
}
|
||||||
|
}, token)
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
// Configure our small auth0-mock-server
|
// Configure our small auth0-mock-server
|
||||||
app.options('*', cors(corsOpts))
|
app.options('*', cors(corsOpts))
|
||||||
.use(cors())
|
.use(cors())
|
||||||
@@ -42,24 +55,19 @@ app.post('/oauth/token', (req, res) => {
|
|||||||
const session = sessions[code]
|
const session = sessions[code]
|
||||||
|
|
||||||
let date = Math.floor(Date.now() / 1000)
|
let date = Math.floor(Date.now() / 1000)
|
||||||
let accessToken = jwt.sign(Buffer.from(JSON.stringify({
|
let accessToken = jwt.sign(Buffer.from(JSON.stringify(addCustomClaims(session.email, session.customClaims, {
|
||||||
iss: jwksOrigin,
|
iss: jwksOrigin,
|
||||||
aud: [audience],
|
aud: [audience],
|
||||||
sub: 'auth0|' + session.email,
|
sub: 'auth0|' + session.email,
|
||||||
iat: date,
|
iat: date,
|
||||||
exp: date + 7200,
|
exp: date + 7200,
|
||||||
azp: session.clientId
|
azp: session.clientId
|
||||||
})), privateKey, {
|
}))), privateKey, {
|
||||||
algorithm: 'RS256',
|
algorithm: 'RS256',
|
||||||
keyid: thumbprint
|
keyid: thumbprint
|
||||||
})
|
})
|
||||||
|
|
||||||
const token = session.customClaims.reduce((acc, claim) => {
|
let idToken = jwt.sign(Buffer.from(JSON.stringify(addCustomClaims(session.email, session.customClaims, {
|
||||||
return {
|
|
||||||
...acc,
|
|
||||||
...claim
|
|
||||||
}
|
|
||||||
}, {
|
|
||||||
iss: jwksOrigin,
|
iss: jwksOrigin,
|
||||||
aud: session.clientId,
|
aud: session.clientId,
|
||||||
nonce: session.nonce,
|
nonce: session.nonce,
|
||||||
@@ -69,8 +77,7 @@ app.post('/oauth/token', (req, res) => {
|
|||||||
azp: session.clientId,
|
azp: session.clientId,
|
||||||
name: 'Example Person',
|
name: 'Example Person',
|
||||||
picture: 'https://cdn.playbuzz.com/cdn/5458360f-32ea-460e-a707-1a2d26760558/70bda687-cb84-4756-8a44-8cf735ed87b3.jpg'
|
picture: 'https://cdn.playbuzz.com/cdn/5458360f-32ea-460e-a707-1a2d26760558/70bda687-cb84-4756-8a44-8cf735ed87b3.jpg'
|
||||||
})
|
}))), privateKey, {
|
||||||
let idToken = jwt.sign(Buffer.from(JSON.stringify(token)), privateKey, {
|
|
||||||
algorithm: 'RS256',
|
algorithm: 'RS256',
|
||||||
keyid: thumbprint
|
keyid: thumbprint
|
||||||
})
|
})
|
||||||
|
|||||||
Reference in New Issue
Block a user