app.get("/callback", function(req, res){ if (req.query.error) { // it's an error response, act accordingly res.render('error', {error: req.query.error}); return; } var resState = req.query.state; if (resState == state) { console.log('State value matches: expected %s got %s', state, resState); } else { console.log('State DOES NOT MATCH: expected %s got %s', state, resState); res.render('error', {error: 'State value did not match'}); return; } var code = req.query.code; var form_data = qs.stringify({ grant_type: 'authorization_code', code: code, redirect_uri: client.redirect_uris[0] }); var headers = { 'Content-Type': 'application/x-www-form-urlencoded', 'Authorization': 'Basic ' + new Buffer(querystring.escape(client.client_id) + ':' + querystring.escape(client.client_secret)).toString('base64') }; var tokRes = request('POST', authServer.tokenEndpoint, { body: form_data, headers: headers } ); console.log('Requesting access token for code %s',code); if (tokRes.statusCode >= 200 && tokRes.statusCode < 300) { var body = JSON.parse(tokRes.getBody()); access_token = body.access_token; console.log('Got access token: %s', access_token); if (body.refresh_token) { refresh_token = body.refresh_token; console.log('Got refresh token: %s', refresh_token); } scope = body.scope; console.log('Got scope: %s', scope); if (body.id_token) { console.log('Got ID token: %s', body.id_token); // check the id token var pubKey = jose.KEYUTIL.getKey(rsaKey); var signatureValid = jose.jws.JWS.verify(body.id_token, pubKey, [rsaKey.alg]); if (signatureValid) { console.log('Signature validated.'); var tokenParts = body.id_token.split('.'); var payload = JSON.parse(base64url.decode(tokenParts[1])); console.log('Payload', payload); if (payload.iss == 'http://localhost:9001/') { console.log('issuer OK'); if ((Array.isArray(payload.aud) && _.contains(payload.aud, client.client_id)) || payload.aud == client.client_id) { console.log('Audience OK'); var now = Math.floor(Date.now() / 1000); if (payload.iat <= now) { console.log('issued-at OK'); if (payload.exp >= now) { console.log('expiration OK'); console.log('Token valid!'); // save just the payload, not the container (which has been validated) id_token = payload; } } } } } res.render('userinfo', {userInfo: userInfo, id_token: id_token}); } else { res.render('index', {access_token: access_token, refresh_token: refresh_token, scope: scope}); } } else { res.render('error', {error: 'Unable to fetch access token, server response: ' + tokRes.statusCode}) } });
before(() => { const response = Request('GET', process.env.CSS); cssString = response.getBody('utf8'); });
function getLimitsFor(limitParams, url) { var res = requestSync('GET', url + ghHttp.secrets, { 'headers': headers }); ghHttp.updateLimits(res, limitParams); };