unboundsoftware/auth0mock
6
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases 14 Activity

Compare commits

base: unboundsoftware:0.0.8
Branches Tags
unboundsoftware:main unboundsoftware:next-release
unboundsoftware:0.7.2 unboundsoftware:0.7.1 unboundsoftware:0.7.0 unboundsoftware:0.6.0 unboundsoftware:0.5.1 unboundsoftware:0.5.0 unboundsoftware:0.4.0 unboundsoftware:0.3.0 unboundsoftware:0.2.0 unboundsoftware:0.1.5 unboundsoftware:0.1.4 unboundsoftware:0.1.3 unboundsoftware:0.1.2 unboundsoftware:0.1.1 unboundsoftware:0.1.0 unboundsoftware:0.0.17 unboundsoftware:0.0.16 unboundsoftware:0.0.15 unboundsoftware:0.0.14 unboundsoftware:0.0.13 unboundsoftware:0.0.12 unboundsoftware:0.0.11 unboundsoftware:0.0.10 unboundsoftware:0.0.9 unboundsoftware:0.0.8 unboundsoftware:0.0.7 unboundsoftware:0.0.6 unboundsoftware:0.0.5 unboundsoftware:0.0.4 unboundsoftware:0.0.3 unboundsoftware:0.0.2 unboundsoftware:0.0.1
..
compare: unboundsoftware:0.0.9
Branches Tags
unboundsoftware:next-release unboundsoftware:main
unboundsoftware:0.7.2 unboundsoftware:0.7.1 unboundsoftware:0.7.0 unboundsoftware:0.6.0 unboundsoftware:0.5.1 unboundsoftware:0.5.0 unboundsoftware:0.4.0 unboundsoftware:0.3.0 unboundsoftware:0.2.0 unboundsoftware:0.1.5 unboundsoftware:0.1.4 unboundsoftware:0.1.3 unboundsoftware:0.1.2 unboundsoftware:0.1.1 unboundsoftware:0.1.0 unboundsoftware:0.0.17 unboundsoftware:0.0.16 unboundsoftware:0.0.15 unboundsoftware:0.0.14 unboundsoftware:0.0.13 unboundsoftware:0.0.12 unboundsoftware:0.0.11 unboundsoftware:0.0.10 unboundsoftware:0.0.9 unboundsoftware:0.0.8 unboundsoftware:0.0.7 unboundsoftware:0.0.6 unboundsoftware:0.0.5 unboundsoftware:0.0.4 unboundsoftware:0.0.3 unboundsoftware:0.0.2 unboundsoftware:0.0.1

1 Commits
0.0.8 .. 0.0.9

Author SHA1 Message Date
argoyle 4229508bba feat: add support for client id and secret tokens 2022-04-28 09:38:05 +02:00
1 changed files with 70 additions and 37 deletions
Expand all files Collapse all files
app.js
+46 -13
View File
@@ -40,6 +40,13 @@ const addCustomClaims = (email, customClaims, token) => {
} }
const signToken = (token) => {
return jwt.sign(Buffer.from(JSON.stringify(token)), privateKey, {
algorithm: 'RS256',
keyid: thumbprint
})
}
// Configure our small auth0-mock-server // Configure our small auth0-mock-server
app.options('*', cors(corsOpts)) app.options('*', cors(corsOpts))
.use(cors()) .use(cors())
@@ -51,23 +58,49 @@ app.options('*', cors(corsOpts))
// This route can be used to generate a valid jwt-token. // This route can be used to generate a valid jwt-token.
app.post('/oauth/token', (req, res) => { app.post('/oauth/token', (req, res) => {
let date = Math.floor(Date.now() / 1000)
if (req.body.grant_type === 'client_credentials' && req.body.client_id) {
let accessToken = signToken({
iss: jwksOrigin,
aud: [audience],
sub: 'auth0|management',
iat: date,
exp: date + 7200,
azp: req.body.client_id
})
let idToken = signToken({
iss: jwksOrigin,
aud: req.body.client_id,
sub: 'auth0|management',
iat: date,
exp: date + 7200,
azp: req.body.client_id,
name: 'Management API'
})
debug('Signed token for management API')
res.json({
access_token: accessToken,
id_token: idToken,
scope: 'openid%20profile%20email',
expires_in: 7200,
token_type: 'Bearer'
})
} else if (req.body.code) {
const code = req.body.code const code = req.body.code
const session = sessions[code] const session = sessions[code]
let accessToken = signToken(addCustomClaims(session.email, session.customClaims, {
let date = Math.floor(Date.now() / 1000)
let accessToken = jwt.sign(Buffer.from(JSON.stringify(addCustomClaims(session.email, session.customClaims, {
iss: jwksOrigin, iss: jwksOrigin,
aud: [audience], aud: [audience],
sub: 'auth0|' + session.email, sub: 'auth0|' + session.email,
iat: date, iat: date,
exp: date + 7200, exp: date + 7200,
azp: session.clientId azp: session.clientId
}))), privateKey, { }))
algorithm: 'RS256',
keyid: thumbprint
})
let idToken = jwt.sign(Buffer.from(JSON.stringify(addCustomClaims(session.email, session.customClaims, { let idToken = signToken(addCustomClaims(session.email, session.customClaims, {
iss: jwksOrigin, iss: jwksOrigin,
aud: session.clientId, aud: session.clientId,
nonce: session.nonce, nonce: session.nonce,
@@ -77,13 +110,9 @@ app.post('/oauth/token', (req, res) => {
azp: session.clientId, azp: session.clientId,
name: 'Example Person', name: 'Example Person',
picture: 'https://cdn.playbuzz.com/cdn/5458360f-32ea-460e-a707-1a2d26760558/70bda687-cb84-4756-8a44-8cf735ed87b3.jpg' picture: 'https://cdn.playbuzz.com/cdn/5458360f-32ea-460e-a707-1a2d26760558/70bda687-cb84-4756-8a44-8cf735ed87b3.jpg'
}))), privateKey, { }))
algorithm: 'RS256',
keyid: thumbprint
})
debug('Signed token for ' + session.email) debug('Signed token for ' + session.email)
// res.json({ token });
res.json({ res.json({
access_token: accessToken, access_token: accessToken,
@@ -92,6 +121,10 @@ app.post('/oauth/token', (req, res) => {
expires_in: 7200, expires_in: 7200,
token_type: 'Bearer' token_type: 'Bearer'
}) })
} else {
res.status(401)
res.send('Missing client_id or client_secret')
}
}) })
// This route can be used to generate a valid jwt-token. // This route can be used to generate a valid jwt-token.