EExcel 丞燕快速查詢2

EExcel 丞燕快速查詢2
EExcel 丞燕快速查詢2 https://sandk.ffbizs.com/

Ory Hydra Authorization Code Exchange => access token Use openid-client

https://github.com/panva/node-openid-client/tree/v2.x

Important! WARNING: Node.js 12 or higher is required for openid-client@3 and above. For older Node.js versions use openid-client@2.


So watch https://github.com/panva/node-openid-client/tree/v2.x

node.js package use "openid-client": "2.5.0",

client.authorizationCallback have bug, nonce mismatch always have this error even see https://github.com/panva/node-openid-client/issues/150


Correct way


https://github.com/panva/node-openid-client/blob/f1b4282ac50f7e15fc195f66bf76409af4ec4b6b/lib/client.js

see if (params.code) { Can know use grant

https://github.com/panva/node-openid-client/tree/v2.x#custom-token-endpoint-grants



      const hydraconfig= {
        "oidurl": "https://openid.hydra:9001",
        "redirectUri": "https://t.tt:9010/callback",
        "clientid": "auth-code-client",
        "clientsecretid": "secret"
      }

      //openid-client================
      const { Issuer } = require('openid-client')
      
      const hydraIssuer = await Issuer.discover(hydraconfig.oidurl) // => Promise
      .then(function (hydradiscoverIssuer) {
        console.log('Discovered issuer %s %O', hydradiscoverIssuer.issuer, hydradiscoverIssuer.metadata);
        return hydradiscoverIssuer
      });

      const client = new hydraIssuer.Client({
        client_id: hydraconfig.clientid,
        client_secret: hydraconfig.clientsecretid
      });
      
      var tokenset = await client.grant({
        grant_type: 'authorization_code',
        code: code,
        redirect_uri: hydraconfig.redirectUri,
        code_verifier: '', //No value, because real use in Hydra login-consent. Not use client.authorizationUrl or client.authorizationPost
      });
      console.log(tokenset)