CODEWITHSUNDEEP
node.jsoauth-2.0openid
Some Guy Trying To Do Math
Some Guy Trying To Do Math

Reputation: 516

Decoding a Openid token with the openid-client library

I'm working with openid-client library, and I got the entire login process working (Yay Me).

And then when it callbacks to the sever and I don't know what to do with what came back. I assume I can decode the code, but not sure how.

const { Issuer, generators } = require('openid-client');
var idIssuer;
var client;

const login = async (req, res)=> {


    if (!idIssuer){
        idIssuer = await Issuer.discover(process.env.LOGIN_URI);
    }

    if (!client){

    client = new idIssuer.Client({
        client_id: process.env.LOGIN_APPID,
        client_secret: process.env.LOGIN_APPSECRET,
        redirect_uris: [process.env.LOGIN_REDIRECT_URI],
        response_types: ['code'],

      });
    }


    let url = client.authorizationUrl({
        scope:process.env.LOGIN_SCOPES,
        state:  base64url(JSON.stringify({ state: process.env.LOGIN_APPID })),
      });

      res.redirect(url);

}

const callBack = async  (req, res)=>{
    if (!idIssuer){
        idIssuer = await Issuer.discover(process.env.LOGIN_URI);
    }

    if (!client){

    client = new idIssuer.Client({
        client_id: process.env.LOGIN_APPID,
        client_secret: process.env.LOGIN_APPSECRET,
        redirect_uris: [process.env.LOGIN_REDIRECT_URI],
        //response_types: ['code'],

      });
    }

    console.log(req.query);
    /*
    {
        code: 's5LI-16HvCSnmi94Q74UEGmlNtE6utmGY7YaOV72s_k.C6Vt2v8uL4loPeq3YGA8bRyR8dVpU1wAEgHyLZadMhQ',
        scope: 'openid',
        state: 'eyJzdGF0ZSI6IlZwWkVIZVhYNnczbDh0R3JBZHFFdVZBdnlKV2NlenZVRE9FRzVDS1BRcnpZQjhkVWs4MHNHMmVoOUFMMHp0R2NRTWdMNVJtQV9MOEhpZjEzcEZTLXFBPT0ifQ'
      }
      */
}

Upvotes: 0

Views: 1414

Answers (2)

user9775882
user9775882

Reputation:

You can easily follow the quick-start. What you do next is take the callback parameters and use client.callback() to get the ID Token, Access Token, and optionally a Refresh Token.

Upvotes: 1

Tore Nestenius
Tore Nestenius

Reputation: 19921

Using the code you got back, you should use it to call the OAuth server again and exchange it for the real access and IDtoken.

For example

POST /connect/token CONTENT-TYPE application/x-www-form-urlencoded

client_id=client1&
client_secret=secret&
grant_type=authorization_code&
code=hdh922&
redirect_uri=https://myapp.com/callback

Upvotes: 1

Related Questions