'use strict';
import Secure from './secured.js';
// import * as jose from 'jose'; // per la gestione del token
// const axios = require("axios").default;
const mySecure = new Secure();
const uri = window.location.toString();
if(!uri.includes('#')) {
const a = document.getElementById("my-link");
a.href = a.href.replace("$MY_CODE_CHALLENGE", mySecure.codeChallenge).replace("$MY_STATE", mySecure.state);
sessionStorage.setItem("stateSent", mySecure.state); // state inviato durante la richiesta dell'authcode
sessionStorage.setItem("codeVerifier", mySecure.codeVerifier);
}
else {
// l'uri e' del tipo localhost:3000/secured# seguito da parametri
const uriSplit = uri.split('#');
const params = uriSplit[1].split('&');
const uriState = queryStringGetValue(params[0]);
const uriAuthCode = queryStringGetValue(params[2]);
const body = document.getElementById('body-id');
body.innerHTML = "";
if(!sessionStorage.stateSent || sessionStorage.stateSent !== uriState) {
body.innerHTML = `Errors in the request!`;
}
else {
// post per la richiesta del token
// const options = {
// method: 'POST',
// url: 'http://localhost:8080/realms/$REALM/protocol/openid-connect/token',
// headers: {'content-type': 'application/x-www-form-urlencoded'},
// data: new URLSearchParams({
// grant_type: 'authorization_code',
// client_id: 'myclient',
// code_verifier: sessionStorage.getItem("codeVerifier"),
// code: uriAuthCode,
// redirect_uri: 'https://localhost:3000/secured'
// })
// };
// axios.request(options).then(function (response) {
// console.log(response.data);
// }).catch(function (error) {
// console.error(error);
// });
const url = 'http://localhost:8080/realms/test00/protocol/openid-connect/token';
// const xhr = new XMLHttpRequest();
// xhr.responseType = 'json';
// xhr.open("POST", url, true);
// xhr.setRequestHeader('Content-type', 'application/x-www-form-urlencoded');
// xhr.send(new URLSearchParams({
// grant_type: 'authorization_code',
// client_id: 'myclient',
// code_verifier: sessionStorage.getItem("codeVerifier"),
// code: uriAuthCode,
// redirect_uri: 'http://localhost:3000/secured'
// }));
// console.log(xhr.response);
// fetch(url, {
// method: 'POST',
// headers: {
// 'Content-type':'application/x-www-form-urlencoded'
// },
// body: new URLSearchParams({
// grant_type: 'authorization_code',
// client_id: 'myclient',
// code_verifier: sessionStorage.getItem("codeVerifier"),
// code: uriAuthCode,
// redirect_uri: 'http://localhost:3000/secured'
// })
// }).then((response)=> {
// response.json().then((ris) => console.log(ris))
// });
const response = await fetch(url, {
method: 'POST',
headers: {
'Content-type':'application/x-www-form-urlencoded'
},
body: new URLSearchParams({
grant_type: 'authorization_code',
client_id: 'myclient',
code_verifier: sessionStorage.getItem("codeVerifier"),
code: uriAuthCode,
redirect_uri: 'http://localhost:3000/secured'
})
});
const token = await response.json();
console.log(token);
// DA FARE: capire come richiedere il refresh token
// fare una get /secured/domains per ottenere tutte le informazioni dal domain manager sui miei domini
}
}
/**
* Ottengo il valore associato al parametro.
* @param {*} queryString query string del tipo parametro=valore.
* @returns il valore associato al parametro.
*/
function queryStringGetValue(queryString) {
const arr = queryString.split('=');
return arr[1];
}