many changes

2024-01-11 18:33:56 +01:00
parent d62fc5d668
commit 12323382a5
17 changed files with 941 additions and 537 deletions
--- a/test/oauth/test.mjs
+++ b/test/oauth/test.mjs
@@ -0,0 +1,97 @@
+import express from "express"
+
+let app = express()
+
+import  pkceChallenge from 'pkce-challenge'
+import  querystring from 'querystring'
+import axios from "axios";
+
+
+
+
+import {v4 as uuidv4} from 'uuid'
+
+/*let ClientOAuth2 = require('client-oauth2')
+
+let datevAuth = new ClientOAuth2({
+    clientId: '890ea22ce51666232e55c8ac3d73f51a',
+    clientSecret: 'eaef5362ce153551ef0f3d5e061ab7da',
+    accessTokenUri: 'https://sandbox-api.datev.de/token',
+    authorizationUri: 'https://login.datev.de/openidsandbox/authorize',
+    redirectUri: 'http://localhost:3001/auth/datev/callback',
+    scopes: ['accounting:clients:read', 'accounting:documents ', 'openid'],
+    state:"0123456789012345678901234567890123456789"
+})*/
+
+const auth_token_endpoint = "https://login.datev.de/openidsandbox/authorize"
+const query_params = {
+    client_id: "890ea22ce51666232e55c8ac3d73f51a",
+    redirect_uri: "http://localhost/"
+}
+const scopes = ["openid", "profile", "email"]
+
+const requests = []
+
+
+
+app.get('/auth/datev', async function (req, res) {
+    //var uri = datevAuth.code.getUri()
+    let challengePKCE = await pkceChallenge()
+
+    let request = {
+        state: uuidv4(),
+        code_challenge: challengePKCE.code_challenge,
+        code_verifier: challengePKCE.code_verifier
+    }
+
+    requests.push(request)
+
+
+    const auth_token_params = {
+        ...query_params,
+        response_type: "code id_token",
+        state: request.state,
+        nonce: "0123456789012345678901234567890123456789",
+        response_mode: "query",
+        code_challenge: request.code_challenge,
+        code_challenge_method: "S256"
+    }
+
+    const getAuthTokenUrl =  `${auth_token_endpoint}?${querystring.stringify(auth_token_params)}&scope=${scopes.join(' ')}`
+
+    res.redirect(getAuthTokenUrl)
+})
+
+app.get('/', async function (req, res) {
+
+    let request = requests.find(r => r.state === req.query.state)
+
+    console.log(req.query)
+    console.log(request)
+    const accessTokenEndpoint = "https://sandbox-api.datev.de/token"
+
+    const access_token_params = {
+        ...query_params,
+        client_secret: "eaef5362ce153551ef0f3d5e061ab7da",
+        code: req.query.code,
+        grant_type: "authorization_code",
+        code_verifier: request.code_verifier
+    }
+
+
+    axios({
+        method: "post",
+        url: `${accessTokenEndpoint}?${querystring.stringify(access_token_params)}`,
+        headers: {
+            "Authorization": `Basic ${btoa(access_token_params.client_id + ":" + access_token_params.client_secret)}`
+        }
+    })
+
+    console.log(error)
+    console.log(data)
+
+
+    res.send("ok")
+})
+
+app.listen(80)