-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathvalidateUser.js
More file actions
50 lines (45 loc) · 2.47 KB
/
validateUser.js
File metadata and controls
50 lines (45 loc) · 2.47 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
const generateDpopKeyPair = require('@inrupt/solid-client-authn-core').generateDpopKeyPair
const createDpopHeader = require('@inrupt/solid-client-authn-core').createDpopHeader
const buildAuthenticatedFetch = require('@inrupt/solid-client-authn-core').buildAuthenticatedFetch
const fetch = require('node-fetch')
async function getAuth(id, secret, issuer, resource) {
let final_response = { error: '' }
// A key pair is needed for encryption.
// This function from `solid-client-authn` generates such a pair for you.
const dpopKey = await generateDpopKeyPair()
// These are the ID and secret generated in the previous step.
// Both the ID and the secret need to be form-encoded.
const authString = `${encodeURIComponent(id)}:${encodeURIComponent(secret)}`
// This URL can be found by looking at the 'token_endpoint' field at
// http://localhost:3000/.well-known/openid-configuration
// if your server is hosted at http://localhost:3000/.
//const tokenUrl = 'http://localhost:3000/.oidc/token'
const tokenUrl = issuer + '.oidc/token'
try {
const first_response = await fetch(tokenUrl, {
method: 'POST',
headers: {
// The header needs to be in base64 encoding.
authorization: `Basic ${Buffer.from(authString).toString('base64')}`,
'content-type': 'application/x-www-form-urlencoded',
dpop: await createDpopHeader(tokenUrl, 'POST', dpopKey),
},
body: 'grant_type=client_credentials&scope=webid',
})
// This is the Access token that will be used to do an authenticated request to the server.
// The JSON also contains an 'expires_in' field in seconds,
// which you can use to know when you need request a new Access token.
const { access_token: accessToken } = await first_response.json()
// The DPoP key needs to be the same key as the one used in the previous step.
// The Access token is the one generated in the previous step.
const authFetch = await buildAuthenticatedFetch(fetch, accessToken, { dpopKey })
// authFetch can now be used as a standard fetch function that will authenticate as your WebID.
// This request will do a simple GET for example.
final_response = await authFetch(resource)
} catch (error) {
console.log(error)
final_response.error = error
}
return final_response
}
exports.getAuth = getAuth