-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathlogin.js
38 lines (31 loc) · 1.23 KB
/
login.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
const express = require('express');
const config = require('../config.js');
const cookie = require('../cookie.js');
const pkce = require('../pkce.js');
const redirectState = require('../redirectState.js');
const router = express.Router();
router.get('/', async (req, res) => {
console.log("accepting request for login");
console.log(`client_id is ${req.query.client_id}`);
const newState = redirectState.pushRedirectUrlToState(req.query.redirect_uri, req.query.state);
console.log(`newState is ${newState}`);
const code = await pkce.generatePKCE();
cookie.setSecure(res, 'codeVerifier', code.code_verifier);
const token_exchange_uri = `${req.protocol}://${req.get('host')}/app/callback`;
const queryParams = {
client_id: req.query.client_id,
scope: req.query.scope ?? 'openid offline_access',
response_type: 'code',
redirect_uri: token_exchange_uri,
code_challenge: code.code_challenge,
code_challenge_method: 'S256',
state: newState,
};
const fullUrl = generateUrl(queryParams);
res.redirect(fullUrl);
});
function generateUrl(queryParams) {
const query = new URLSearchParams(queryParams);
return `${config.fusionAuthBaseUrl}/oauth2/authorize?${query}`;
}
module.exports = router;