Compare commits
26 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 argoyle
|
6dda660e78 | ||
|
argoyle
|
534772b315 | ||
|
argoyle
|
3bdfe7bf0e | ||
|
argoyle
|
edba76d0ab | ||
|
argoyle
|
5289b4fa23 | ||
|
argoyle
|
eef7168f37 | ||
|
argoyle
|
596967ff72 | ||
|
argoyle
|
5f2385a92f | ||
|
argoyle
|
a5653c8ea6 | ||
|
argoyle
|
75ec899c99 | ||
|
argoyle
|
cb31381be2 | ||
|
argoyle
|
9ee344311a | ||
|
argoyle
|
d7e3b10e80 | ||
|
argoyle
|
7b306dd500 | ||
|
argoyle
|
22d096a2be | ||
|
argoyle
|
858cb96e10 | ||
|
argoyle
|
e8dd55208c | ||
|
argoyle
|
dbf5206c1b | ||
|
argoyle
|
4229508bba | ||
|
argoyle
|
b4d5dbe9e3 | ||
|
argoyle
|
b476cf0e36 | ||
|
argoyle
|
37ac46759d | ||
|
argoyle
|
424e500d6b | ||
|
argoyle
|
9539d9b38d | ||
|
argoyle
|
a9ea2dace4 | ||
|
argoyle
|
68d3f0df82 |
@@ -28,10 +28,29 @@ const corsOpts = (req, cb) => {
|
||||
cb(null, { origin: req.headers.origin })
|
||||
}
|
||||
|
||||
const addCustomClaims = (email, customClaims, token) => {
|
||||
const emailClaim = {}
|
||||
emailClaim[emailCustomClaim] = email
|
||||
return [...customClaims, emailClaim].reduce((acc, claim) => {
|
||||
return {
|
||||
...acc,
|
||||
...claim
|
||||
}
|
||||
}, token)
|
||||
|
||||
}
|
||||
|
||||
const signToken = (token) => {
|
||||
return jwt.sign(Buffer.from(JSON.stringify(token)), privateKey, {
|
||||
algorithm: 'RS256',
|
||||
keyid: thumbprint
|
||||
})
|
||||
}
|
||||
|
||||
// Configure our small auth0-mock-server
|
||||
app.options('*', cors(corsOpts))
|
||||
.use(cors())
|
||||
.use(bodyParser.json())
|
||||
.use(bodyParser.json({ strict: false }))
|
||||
.use(bodyParser.urlencoded({ extended: true }))
|
||||
.use(cookieParser())
|
||||
.use(express.static(`${__dirname}/public`))
|
||||
@@ -39,55 +58,73 @@ app.options('*', cors(corsOpts))
|
||||
|
||||
// This route can be used to generate a valid jwt-token.
|
||||
app.post('/oauth/token', (req, res) => {
|
||||
const code = req.body.code
|
||||
const session = sessions[code]
|
||||
|
||||
let date = Math.floor(Date.now() / 1000)
|
||||
let accessToken = jwt.sign(Buffer.from(JSON.stringify({
|
||||
iss: jwksOrigin,
|
||||
aud: [audience],
|
||||
sub: 'auth0|' + session.email,
|
||||
iat: date,
|
||||
exp: date + 7200,
|
||||
azp: session.clientId
|
||||
})), privateKey, {
|
||||
algorithm: 'RS256',
|
||||
keyid: thumbprint
|
||||
})
|
||||
if (req.body.grant_type === 'client_credentials' && req.body.client_id) {
|
||||
let accessToken = signToken({
|
||||
iss: jwksOrigin,
|
||||
aud: [audience],
|
||||
sub: 'auth0|management',
|
||||
iat: date,
|
||||
exp: date + 7200,
|
||||
azp: req.body.client_id
|
||||
})
|
||||
|
||||
const emailClaim = {}
|
||||
emailClaim[emailCustomClaim] = session.email
|
||||
const token = [...session.customClaims, emailClaim].reduce((acc, claim) => {
|
||||
return {
|
||||
...acc,
|
||||
...claim
|
||||
}
|
||||
}, {
|
||||
iss: jwksOrigin,
|
||||
aud: session.clientId,
|
||||
nonce: session.nonce,
|
||||
sub: 'auth0|' + session.email,
|
||||
iat: date,
|
||||
exp: date + 7200,
|
||||
azp: session.clientId,
|
||||
name: 'Example Person',
|
||||
picture: 'https://cdn.playbuzz.com/cdn/5458360f-32ea-460e-a707-1a2d26760558/70bda687-cb84-4756-8a44-8cf735ed87b3.jpg'
|
||||
})
|
||||
let idToken = jwt.sign(Buffer.from(JSON.stringify(token)), privateKey, {
|
||||
algorithm: 'RS256',
|
||||
keyid: thumbprint
|
||||
})
|
||||
let idToken = signToken({
|
||||
iss: jwksOrigin,
|
||||
aud: req.body.client_id,
|
||||
sub: 'auth0|management',
|
||||
iat: date,
|
||||
exp: date + 7200,
|
||||
azp: req.body.client_id,
|
||||
name: 'Management API'
|
||||
})
|
||||
|
||||
debug('Signed token for ' + session.email)
|
||||
// res.json({ token });
|
||||
debug('Signed token for management API')
|
||||
|
||||
res.json({
|
||||
access_token: accessToken,
|
||||
id_token: idToken,
|
||||
scope: 'openid%20profile%20email',
|
||||
expires_in: 7200,
|
||||
token_type: 'Bearer'
|
||||
})
|
||||
res.json({
|
||||
access_token: accessToken,
|
||||
id_token: idToken,
|
||||
scope: 'openid%20profile%20email',
|
||||
expires_in: 7200,
|
||||
token_type: 'Bearer'
|
||||
})
|
||||
} else if (req.body.code) {
|
||||
const code = req.body.code
|
||||
const session = sessions[code]
|
||||
let accessToken = signToken(addCustomClaims(session.email, session.customClaims, {
|
||||
iss: jwksOrigin,
|
||||
aud: [audience],
|
||||
sub: 'auth0|' + session.email,
|
||||
iat: date,
|
||||
exp: date + 7200,
|
||||
azp: session.clientId
|
||||
}))
|
||||
|
||||
let idToken = signToken(addCustomClaims(session.email, session.customClaims, {
|
||||
iss: jwksOrigin,
|
||||
aud: session.clientId,
|
||||
nonce: session.nonce,
|
||||
sub: 'auth0|' + session.email,
|
||||
iat: date,
|
||||
exp: date + 7200,
|
||||
azp: session.clientId,
|
||||
name: 'Example Person',
|
||||
picture: 'https://cdn.playbuzz.com/cdn/5458360f-32ea-460e-a707-1a2d26760558/70bda687-cb84-4756-8a44-8cf735ed87b3.jpg'
|
||||
}))
|
||||
|
||||
debug('Signed token for ' + session.email)
|
||||
|
||||
res.json({
|
||||
access_token: accessToken,
|
||||
id_token: idToken,
|
||||
scope: 'openid%20profile%20email',
|
||||
expires_in: 7200,
|
||||
token_type: 'Bearer'
|
||||
})
|
||||
} else {
|
||||
res.status(401)
|
||||
res.send('Missing client_id or client_secret')
|
||||
}
|
||||
})
|
||||
|
||||
// This route can be used to generate a valid jwt-token.
|
||||
@@ -260,7 +297,7 @@ app.post('/issuer', (req, res) => {
|
||||
}
|
||||
issuer = req.body.issuer
|
||||
jwksOrigin = `https://${issuer}/`
|
||||
const { privateKey: key, certDer: der, thumbPrint: thumb, exponent: exp, modulus: mod } = cert(jwksOrigin)
|
||||
const { privateKey: key, certDer: der, thumbprint: thumb, exponent: exp, modulus: mod } = cert(jwksOrigin)
|
||||
privateKey = key
|
||||
certDer = der
|
||||
thumbprint = thumb
|
||||
@@ -270,6 +307,28 @@ app.post('/issuer', (req, res) => {
|
||||
res.send('ok')
|
||||
})
|
||||
|
||||
app.get('/api/v2/users-by-email', (req, res) => {
|
||||
res.json([])
|
||||
})
|
||||
|
||||
app.post('/api/v2/users', (req, res) => {
|
||||
const email = req.body.email
|
||||
res.json({
|
||||
user_id: `auth0|${email}`
|
||||
})
|
||||
})
|
||||
|
||||
app.post('/api/v2/tickets/password-change', (req, res) => {
|
||||
res.json({
|
||||
ticket: `https://some-url`
|
||||
})
|
||||
})
|
||||
|
||||
app.use(function(req, res, next) {
|
||||
console.log('404', req.path)
|
||||
res.status(404).send('error: 404 Not Found ' + req.path)
|
||||
})
|
||||
|
||||
app.listen(3333, () => {
|
||||
debug('Auth0-Mock-Server listening on port 3333!')
|
||||
})
|
||||
|
||||
@@ -1,132 +1,132 @@
|
||||
const base64url = require('base64-url');
|
||||
const createHash = require('crypto').createHash;
|
||||
const forge = require('node-forge');
|
||||
const NodeRSA = require('node-rsa');
|
||||
const base64url = require('base64-url')
|
||||
const createHash = require('crypto').createHash
|
||||
const forge = require('node-forge')
|
||||
const NodeRSA = require('node-rsa')
|
||||
|
||||
const PRIVATE_KEY_PEM =
|
||||
'-----BEGIN RSA PRIVATE KEY-----\n' +
|
||||
'MIIEpAIBAAKCAQEApoocpO3bbUF6o8eyJlQCfwLahEsunWdVF++yOEyKu4Lp1j0m\n' +
|
||||
'2j/P7iHOtxBAkjdM2X2oW3qO1mR0sIFefqnm93g0q2nRuYEoS+W3o6X50wjOVm8f\n' +
|
||||
'r/tLqELzy5BoET0AQl7Axp1DNsb0HNOBcoIBt+xVY4I+k6uXJJJMzbgvahAgSLZ9\n' +
|
||||
'RW0Z0WT+dCHZpZUj0nLxNXIPdci65Bw6IognqXHP6AwKZXpT6jCzjzq9uyHxVcud\n' +
|
||||
'qw6j0kQw48/A5A6AN5fIVy1cKnd0sKdqRX1NUqVoiOrO4jaDB1IdLD+YmRE/JjOH\n' +
|
||||
'sWIMElYCPxKqnsNo6VCslGX/ziinArHhqRBrHwIDAQABAoIBAHAdmpsN5iLvafjI\n' +
|
||||
'f45+EBAhg6p8Uq102zx6CakNHniN8Y5hLL7RJtJRwDBNqKrGv93LUoQDRhXfGw+Y\n' +
|
||||
'iF0NVIhVTF/5pU8VPGOcCr0JB96ilwZpWRPIQW7NZAMu/GBeiMYls/IB/TXrSnv9\n' +
|
||||
'h6/nBfEkEXgkPqx7YA0m0L3NuV3U1lCY/LhBJY4Xvi0uRdqu3tTHXftehuPwC4UB\n' +
|
||||
'42eJTWv/qLeOlkCdUUV4f7+dNaES88Vdhj6lu/BusnNhvnwHQik4dNwzPCGeP8NV\n' +
|
||||
'5gaesWiNWFZuTURGKk1B65p5LzNPjsVT50RDuW8FnSZwIvNcohrX9ILPsmg/t0Kr\n' +
|
||||
'ozcOksECgYEA4XWOK4twx5RG162zveRHqU7H9RBWSz7/PzM9Eob9vx/tC/b1YqBR\n' +
|
||||
'VShk23vje19eNiYWAkxcpobIP4ek/0ZT8nHkJg8wl+J/hnXADcvwv2dKnoFnm5pn\n' +
|
||||
'rTBUKc8R3wrSlAV8XQAtdnxsfFa5AOQJ6WFVI9AdfH3Iw8XZk4gIIPMCgYEAvRlY\n' +
|
||||
'y80HnR3kwMOqY488V1qk41dmfNqa+YDL+zkPF1HhHI9VnK5BQuI7lyKJl984KwHu\n' +
|
||||
'0gbwx3Wp4XkD5JUboEpl5LnaLsjEWemjTaQWdvJHPd5wkJ0m/jRQ2YeT4g2gFu4y\n' +
|
||||
'Pi/pWkrzhnzQQVAmOdAm5Kj27LtDzp0lspw3uCUCgYEAw2YdvFGSgfZZW4147QeO\n' +
|
||||
'sAbON+9bysUjdMPUl10VR/LEgA0d6MdnFfX3S13Y7tDdlvJ1OrKxzcWcgaru7ism\n' +
|
||||
'kEXy5KVfiRNNUNx2gb6RvWEpA6zFfc9ZMXlkSAPlyjfX/1+tw/Bmdn0pjK2gk0wP\n' +
|
||||
'5wtrPameFInzWPD9O+a2nM8CgYBZ6UhgNs+M9B7FTQOiLQPa4R2PfwobCXIwef4D\n' +
|
||||
'KIE1bFgl1T02r2AWZi1BUkmr7ZXuVQ/xyx0HKbopm/mu4PruvxEtrPTB0/IQcleU\n' +
|
||||
'XhXUXqRjFXXePOrCaaubkqxNCn95B67aBLvmk8awxn3a4DocuQ0VIgWuT+gQwIWh\n' +
|
||||
'JEgWBQKBgQDKD+2Yh1/rUzu15lbPH0JSpozUinuFjePieR/4n+5CtEUxWJ2f0WeK\n' +
|
||||
's4XWWf2qgUccjpiGju2UR840mgWROoZ8BfSTd5tg1F7bo0HMgu2hu0RIRpZcRhsA\n' +
|
||||
'Cd0GrJvf1t0QIdDCXAy+RpgU1SLSq4Q6Lomc0WA5C5nBw9RKEUOV9A==\n' +
|
||||
'-----END RSA PRIVATE KEY-----\n';
|
||||
'-----BEGIN RSA PRIVATE KEY-----\n' +
|
||||
'MIIEpAIBAAKCAQEApoocpO3bbUF6o8eyJlQCfwLahEsunWdVF++yOEyKu4Lp1j0m\n' +
|
||||
'2j/P7iHOtxBAkjdM2X2oW3qO1mR0sIFefqnm93g0q2nRuYEoS+W3o6X50wjOVm8f\n' +
|
||||
'r/tLqELzy5BoET0AQl7Axp1DNsb0HNOBcoIBt+xVY4I+k6uXJJJMzbgvahAgSLZ9\n' +
|
||||
'RW0Z0WT+dCHZpZUj0nLxNXIPdci65Bw6IognqXHP6AwKZXpT6jCzjzq9uyHxVcud\n' +
|
||||
'qw6j0kQw48/A5A6AN5fIVy1cKnd0sKdqRX1NUqVoiOrO4jaDB1IdLD+YmRE/JjOH\n' +
|
||||
'sWIMElYCPxKqnsNo6VCslGX/ziinArHhqRBrHwIDAQABAoIBAHAdmpsN5iLvafjI\n' +
|
||||
'f45+EBAhg6p8Uq102zx6CakNHniN8Y5hLL7RJtJRwDBNqKrGv93LUoQDRhXfGw+Y\n' +
|
||||
'iF0NVIhVTF/5pU8VPGOcCr0JB96ilwZpWRPIQW7NZAMu/GBeiMYls/IB/TXrSnv9\n' +
|
||||
'h6/nBfEkEXgkPqx7YA0m0L3NuV3U1lCY/LhBJY4Xvi0uRdqu3tTHXftehuPwC4UB\n' +
|
||||
'42eJTWv/qLeOlkCdUUV4f7+dNaES88Vdhj6lu/BusnNhvnwHQik4dNwzPCGeP8NV\n' +
|
||||
'5gaesWiNWFZuTURGKk1B65p5LzNPjsVT50RDuW8FnSZwIvNcohrX9ILPsmg/t0Kr\n' +
|
||||
'ozcOksECgYEA4XWOK4twx5RG162zveRHqU7H9RBWSz7/PzM9Eob9vx/tC/b1YqBR\n' +
|
||||
'VShk23vje19eNiYWAkxcpobIP4ek/0ZT8nHkJg8wl+J/hnXADcvwv2dKnoFnm5pn\n' +
|
||||
'rTBUKc8R3wrSlAV8XQAtdnxsfFa5AOQJ6WFVI9AdfH3Iw8XZk4gIIPMCgYEAvRlY\n' +
|
||||
'y80HnR3kwMOqY488V1qk41dmfNqa+YDL+zkPF1HhHI9VnK5BQuI7lyKJl984KwHu\n' +
|
||||
'0gbwx3Wp4XkD5JUboEpl5LnaLsjEWemjTaQWdvJHPd5wkJ0m/jRQ2YeT4g2gFu4y\n' +
|
||||
'Pi/pWkrzhnzQQVAmOdAm5Kj27LtDzp0lspw3uCUCgYEAw2YdvFGSgfZZW4147QeO\n' +
|
||||
'sAbON+9bysUjdMPUl10VR/LEgA0d6MdnFfX3S13Y7tDdlvJ1OrKxzcWcgaru7ism\n' +
|
||||
'kEXy5KVfiRNNUNx2gb6RvWEpA6zFfc9ZMXlkSAPlyjfX/1+tw/Bmdn0pjK2gk0wP\n' +
|
||||
'5wtrPameFInzWPD9O+a2nM8CgYBZ6UhgNs+M9B7FTQOiLQPa4R2PfwobCXIwef4D\n' +
|
||||
'KIE1bFgl1T02r2AWZi1BUkmr7ZXuVQ/xyx0HKbopm/mu4PruvxEtrPTB0/IQcleU\n' +
|
||||
'XhXUXqRjFXXePOrCaaubkqxNCn95B67aBLvmk8awxn3a4DocuQ0VIgWuT+gQwIWh\n' +
|
||||
'JEgWBQKBgQDKD+2Yh1/rUzu15lbPH0JSpozUinuFjePieR/4n+5CtEUxWJ2f0WeK\n' +
|
||||
's4XWWf2qgUccjpiGju2UR840mgWROoZ8BfSTd5tg1F7bo0HMgu2hu0RIRpZcRhsA\n' +
|
||||
'Cd0GrJvf1t0QIdDCXAy+RpgU1SLSq4Q6Lomc0WA5C5nBw9RKEUOV9A==\n' +
|
||||
'-----END RSA PRIVATE KEY-----\n'
|
||||
|
||||
const PUBLIC_KEY_PEM =
|
||||
'-----BEGIN PUBLIC KEY-----\n' +
|
||||
'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoocpO3bbUF6o8eyJlQC\n' +
|
||||
'fwLahEsunWdVF++yOEyKu4Lp1j0m2j/P7iHOtxBAkjdM2X2oW3qO1mR0sIFefqnm\n' +
|
||||
'93g0q2nRuYEoS+W3o6X50wjOVm8fr/tLqELzy5BoET0AQl7Axp1DNsb0HNOBcoIB\n' +
|
||||
't+xVY4I+k6uXJJJMzbgvahAgSLZ9RW0Z0WT+dCHZpZUj0nLxNXIPdci65Bw6Iogn\n' +
|
||||
'qXHP6AwKZXpT6jCzjzq9uyHxVcudqw6j0kQw48/A5A6AN5fIVy1cKnd0sKdqRX1N\n' +
|
||||
'UqVoiOrO4jaDB1IdLD+YmRE/JjOHsWIMElYCPxKqnsNo6VCslGX/ziinArHhqRBr\n' +
|
||||
'HwIDAQAB\n' +
|
||||
'-----END PUBLIC KEY-----\n';
|
||||
'-----BEGIN PUBLIC KEY-----\n' +
|
||||
'MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApoocpO3bbUF6o8eyJlQC\n' +
|
||||
'fwLahEsunWdVF++yOEyKu4Lp1j0m2j/P7iHOtxBAkjdM2X2oW3qO1mR0sIFefqnm\n' +
|
||||
'93g0q2nRuYEoS+W3o6X50wjOVm8fr/tLqELzy5BoET0AQl7Axp1DNsb0HNOBcoIB\n' +
|
||||
't+xVY4I+k6uXJJJMzbgvahAgSLZ9RW0Z0WT+dCHZpZUj0nLxNXIPdci65Bw6Iogn\n' +
|
||||
'qXHP6AwKZXpT6jCzjzq9uyHxVcudqw6j0kQw48/A5A6AN5fIVy1cKnd0sKdqRX1N\n' +
|
||||
'UqVoiOrO4jaDB1IdLD+YmRE/JjOHsWIMElYCPxKqnsNo6VCslGX/ziinArHhqRBr\n' +
|
||||
'HwIDAQAB\n' +
|
||||
'-----END PUBLIC KEY-----\n'
|
||||
|
||||
const createCertificate = ({
|
||||
publicKey,
|
||||
privateKey,
|
||||
jwksOrigin,
|
||||
publicKey,
|
||||
privateKey,
|
||||
jwksOrigin
|
||||
}) => {
|
||||
const cert = forge.pki.createCertificate();
|
||||
cert.publicKey = publicKey;
|
||||
cert.serialNumber = '123';
|
||||
const attrs = [
|
||||
{
|
||||
name: 'commonName',
|
||||
value: `${jwksOrigin}`,
|
||||
},
|
||||
];
|
||||
cert.validity.notBefore = new Date();
|
||||
cert.validity.notAfter = new Date();
|
||||
cert.validity.notAfter.setFullYear(cert.validity.notBefore.getFullYear() + 1);
|
||||
cert.setSubject(attrs);
|
||||
cert.setIssuer(attrs);
|
||||
cert.sign(privateKey);
|
||||
return forge.pki.certificateToPem(cert)
|
||||
};
|
||||
const cert = forge.pki.createCertificate()
|
||||
cert.publicKey = publicKey
|
||||
cert.serialNumber = '123'
|
||||
const attrs = [
|
||||
{
|
||||
name: 'commonName',
|
||||
value: `${jwksOrigin}`
|
||||
}
|
||||
]
|
||||
cert.validity.notBefore = new Date()
|
||||
cert.validity.notAfter = new Date()
|
||||
cert.validity.notAfter.setFullYear(cert.validity.notBefore.getFullYear() + 1)
|
||||
cert.setSubject(attrs)
|
||||
cert.setIssuer(attrs)
|
||||
cert.sign(privateKey)
|
||||
return forge.pki.certificateToPem(cert)
|
||||
}
|
||||
|
||||
const getCertThumbprint = (certificate) => {
|
||||
const shasum = createHash('sha1');
|
||||
const der = Buffer.from(certificate).toString('binary');
|
||||
shasum.update(der);
|
||||
return shasum.digest('base64')
|
||||
};
|
||||
const shasum = createHash('sha1')
|
||||
const der = Buffer.from(certificate).toString('binary')
|
||||
shasum.update(der)
|
||||
return shasum.digest('base64')
|
||||
}
|
||||
|
||||
const createKeyPair = () => {
|
||||
const privateKey = forge.pki.privateKeyFromPem(PRIVATE_KEY_PEM);
|
||||
const publicKey = forge.pki.publicKeyFromPem(PUBLIC_KEY_PEM);
|
||||
return {
|
||||
privateKey,
|
||||
publicKey,
|
||||
}
|
||||
};
|
||||
const privateKey = forge.pki.privateKeyFromPem(PRIVATE_KEY_PEM)
|
||||
const publicKey = forge.pki.publicKeyFromPem(PUBLIC_KEY_PEM)
|
||||
return {
|
||||
privateKey,
|
||||
publicKey
|
||||
}
|
||||
}
|
||||
|
||||
const bnToB64 = (bn) => {
|
||||
let hex = BigInt(bn).toString(16);
|
||||
if (hex.length % 2) {
|
||||
hex = '0' + hex;
|
||||
}
|
||||
let hex = BigInt(bn).toString(16)
|
||||
if (hex.length % 2) {
|
||||
hex = '0' + hex
|
||||
}
|
||||
|
||||
const bin = [];
|
||||
let i = 0;
|
||||
let d;
|
||||
let b;
|
||||
while (i < hex.length) {
|
||||
d = parseInt(hex.slice(i, i + 2), 16);
|
||||
b = String.fromCharCode(d);
|
||||
bin.push(b);
|
||||
i += 2;
|
||||
}
|
||||
const bin = []
|
||||
let i = 0
|
||||
let d
|
||||
let b
|
||||
while (i < hex.length) {
|
||||
d = parseInt(hex.slice(i, i + 2), 16)
|
||||
b = String.fromCharCode(d)
|
||||
bin.push(b)
|
||||
i += 2
|
||||
}
|
||||
|
||||
return Buffer.from(bin.join(''), 'binary').toString('base64');
|
||||
};
|
||||
return Buffer.from(bin.join(''), 'binary').toString('base64')
|
||||
}
|
||||
|
||||
const setup = (jwksOrigin) => {
|
||||
const {privateKey, publicKey} = createKeyPair();
|
||||
const certPem = createCertificate({
|
||||
jwksOrigin,
|
||||
privateKey,
|
||||
publicKey,
|
||||
});
|
||||
const certDer = forge.util.encode64(
|
||||
forge.asn1
|
||||
.toDer(forge.pki.certificateToAsn1(forge.pki.certificateFromPem(certPem)))
|
||||
.getBytes()
|
||||
);
|
||||
const thumbprint = base64url.encode(getCertThumbprint(certDer));
|
||||
const { privateKey, publicKey } = createKeyPair()
|
||||
const certPem = createCertificate({
|
||||
jwksOrigin,
|
||||
privateKey,
|
||||
publicKey
|
||||
})
|
||||
const certDer = forge.util.encode64(
|
||||
forge.asn1
|
||||
.toDer(forge.pki.certificateToAsn1(forge.pki.certificateFromPem(certPem)))
|
||||
.getBytes()
|
||||
)
|
||||
const thumbprint = base64url.encode(getCertThumbprint(certDer))
|
||||
|
||||
const helperKey = new NodeRSA();
|
||||
helperKey.importKey(forge.pki.privateKeyToPem(privateKey));
|
||||
const {n: modulus, e: exponent} = helperKey.exportKey('components');
|
||||
const helperKey = new NodeRSA()
|
||||
helperKey.importKey(forge.pki.privateKeyToPem(privateKey))
|
||||
const { n: modulus, e: exponent } = helperKey.exportKey('components')
|
||||
|
||||
return {
|
||||
privateKey: forge.pki.privateKeyToPem(privateKey),
|
||||
certDer: certDer,
|
||||
thumbPrint: thumbprint,
|
||||
exponent: bnToB64(exponent),
|
||||
modulus: modulus.toString('base64')
|
||||
}
|
||||
};
|
||||
return {
|
||||
privateKey: forge.pki.privateKeyToPem(privateKey),
|
||||
certDer,
|
||||
thumbprint: thumbprint.toString(),
|
||||
exponent: bnToB64(exponent),
|
||||
modulus: modulus.toString('base64')
|
||||
}
|
||||
}
|
||||
|
||||
module.exports = setup;
|
||||
module.exports = setup
|
||||
|
||||
+4
-4
@@ -12,17 +12,17 @@
|
||||
"license": "MIT",
|
||||
"dependencies": {
|
||||
"base64-url": "^2.3.3",
|
||||
"body-parser": "^1.20.0",
|
||||
"body-parser": "^1.20.1",
|
||||
"buffer": "^6.0.3",
|
||||
"cookie-parser": "^1.4.6",
|
||||
"cors": "^2.8.3",
|
||||
"debug": "^4.3.4",
|
||||
"express": "^4.17.3",
|
||||
"express": "^4.18.2",
|
||||
"https-localhost": "^4.7.1",
|
||||
"jsonwebtoken": "^8.5.1",
|
||||
"jsonwebtoken": "^9.0.0",
|
||||
"node-forge": "^1.3.1",
|
||||
"node-rsa": "^1.1.1",
|
||||
"nodemon": "^2.0.15",
|
||||
"nodemon": "^2.0.20",
|
||||
"serve-favicon": "^2.4.2"
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user