-
Notifications
You must be signed in to change notification settings - Fork 0
/
index.js
96 lines (84 loc) · 2.57 KB
/
index.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
require('dotenv').config();
const express = require('express');
const app = express();
const port = 3000;
const jwt = require('express-jwt');
const jwksRsa = require('jwks-rsa');
const cors = require('cors');
const axios = require('axios');
// Create middleware for checking the JWT
const checkJwt = jwt({
// Dynamically provide a signing key based on the kid in the header and the singing keys provided by the JWKS endpoint.
secret: jwksRsa.expressJwtSecret({
cache: true,
rateLimit: true,
jwksRequestsPerMinute: 5,
jwksUri: `https://${process.env.DOMAIN}/.well-known/jwks.json`
}),
// Validate the audience and the issuer.
audience: `https://${process.env.DOMAIN}/api/v2/`,
issuer: `https://${process.env.DOMAIN}/`,
algorithms: ['RS256']
});
app.use(cors());
app.use(require('body-parser').json());
app.post('/refresh', async (req, res) => {
const {refreshToken} = req.body;
if (!refreshToken) {
return res.status(400).send();
}
try {
const result = await getFromRefreshToken(refreshToken);
return res.json(result);
} catch (e) {
return res.status(403).send({message: e.message});
}
});
app.get('/', (req, res) => res.send('Hello'));
app.post('/', checkJwt, async (req, res) => {
if (!req.user.sub) {
return res.status(400).send();
}
try {
const profile = await getProfile(req.user.sub);
return res.json(profile);
} catch (e) {
console.log(e.message);
return res.status(403).send({message: e.message});
}
});
app.listen(port, () => console.log(`Listening on port ${port}!`));
async function getProfile(userId) {
const {data} = await axios({
method: 'post',
url: `https://${process.env.DOMAIN}/oauth/token`,
headers: {'content-type': 'application/json'},
data: {
"client_id": process.env.CLIENT_ID,
"client_secret": process.env.CLIENT_SECRET,
"audience": `https://${process.env.DOMAIN}/api/v2/`,
"grant_type": "client_credentials"
}
});
const {access_token} = data;
const {data: profile} = await axios({
method: 'get',
url: `https://${process.env.DOMAIN}/api/v2/users/${userId}`,
headers: {authorization: `Bearer ${access_token}`}
});
return profile;
}
async function getFromRefreshToken(refreshToken) {
const {data} = await axios({
method: 'post',
url: `https://www.googleapis.com/oauth2/v4/token`,
headers: {'content-type': 'application/json'},
data: {
"client_id": process.env.G_ID,
"client_secret": process.env.G_SECRET,
"refresh_token": `${refreshToken}`,
"grant_type": "refresh_token"
}
});
return data;
}