EExcel 丞燕快速查詢2

EExcel 丞燕快速查詢2
EExcel 丞燕快速查詢2 https://sandk.ffbizs.com/

node 8 nodejs ssl handshake error 




const https = require('https');

export async function GetUserinfo(Token) {
    console.log(process.env["NODE_TLS_REJECT_UNAUTHORIZED"])
    process.env["NODE_TLS_REJECT_UNAUTHORIZED"] = 0;
    console.log(process.env["NODE_TLS_REJECT_UNAUTHORIZED"])  

    const baseURL = 'https://openid.hydra:9001';
    const userinfoURL = '/userinfo';

    axios({
        method: 'get',
        headers: {
          'Authorization': 'Bearer ' + Token,
          'accept': 'application/json'
        },
        httpsAgent: new https.Agent({
            rejectUnauthorized: false,
            ecdhCurve: 'auto'
        }),
        url: userinfoURL,
        baseURL: baseURL,
        responseType: 'json'
    }).then(function (response) {

process.env["NODE_TLS_REJECT_UNAUTHORIZED"] = 0;

No Need, No mean

Error: self signed certificate



Answer: rejectUnauthorized: false,

HTTPs requests to API fail: 'sslv3 alert handshake failure



Answer: ecdhCurve: 'auto'
標籤 ,

Ory Hydra Authorization Code Exchange => access token Use openid-client

https://github.com/panva/node-openid-client/tree/v2.x

Important! WARNING: Node.js 12 or higher is required for openid-client@3 and above. For older Node.js versions use openid-client@2.


So watch https://github.com/panva/node-openid-client/tree/v2.x

node.js package use "openid-client": "2.5.0",

client.authorizationCallback have bug, nonce mismatch always have this error even see https://github.com/panva/node-openid-client/issues/150


Correct way


https://github.com/panva/node-openid-client/blob/f1b4282ac50f7e15fc195f66bf76409af4ec4b6b/lib/client.js

see if (params.code) { Can know use grant

https://github.com/panva/node-openid-client/tree/v2.x#custom-token-endpoint-grants



      const hydraconfig= {
        "oidurl": "https://openid.hydra:9001",
        "redirectUri": "https://t.tt:9010/callback",
        "clientid": "auth-code-client",
        "clientsecretid": "secret"
      }

      //openid-client================
      const { Issuer } = require('openid-client')
      
      const hydraIssuer = await Issuer.discover(hydraconfig.oidurl) // => Promise
      .then(function (hydradiscoverIssuer) {
        console.log('Discovered issuer %s %O', hydradiscoverIssuer.issuer, hydradiscoverIssuer.metadata);
        return hydradiscoverIssuer
      });

      const client = new hydraIssuer.Client({
        client_id: hydraconfig.clientid,
        client_secret: hydraconfig.clientsecretid
      });
      
      var tokenset = await client.grant({
        grant_type: 'authorization_code',
        code: code,
        redirect_uri: hydraconfig.redirectUri,
        code_verifier: '', //No value, because real use in Hydra login-consent. Not use client.authorizationUrl or client.authorizationPost
      });
      console.log(tokenset)
標籤 ,

javascript console.log object

console.log('show value string, object %s %O', var.string, var.object);
標籤 ,

Ory Hydra Authorization Code Exchange => access token

Before posts about Hydra get access token is use golang HydraOauthConfig.Exchange(ctx, code). This is easy way. But on front website like vue or other framework how to get access token.

Use REST Client to test



POST https://openid.hydra:9001/oauth2/token
Authorization: Basic YXV0aC1jb2RlLWNsaWVudDpzZWNyZXQ=
Content-Type: application/x-www-form-urlencoded

grant_type=authorization_code
&code=cuNw76aEuckIJJyVssk2LJvqdLXffT-8Kx1s0tYFt6Y.v0Dxc2_yT9ga8c2moKx0fDbwRFVgwryAt5BJM7lOJlM
#&redirect_uri=https://certfront/oid/test/callback
#&scope=openid,offline
#&client_id=auth-code-client
#&code_verifier=
#&state=gczxkznmjkrksgytsemvwgkf

Import is: Authorization: Basic


https://github.com/ory/hydra/issues/631

Not Authorization: Bearer


base64(urlencode(client_id):urlencode(client_secret))


YXV0aC1jb2RlLWNsaWVudDpzZWNyZXQ= => auth-code-client:secret


code is callback code. When you login-consent finish step then callback to your set callback URL. Watch URL inside have code=


example: https://t.tt:9010/callback?code=cuNw76aEuckIJJyVssk2LJvqdLXffT-8Kx1s0tYFt6Y.v0Dxc2_yT9ga8c2moKx0fDbwRFVgwryAt5BJM7lOJlM&scope=openid%20offline&state=gczxkznmjkrksgytsemvwgkf

If code have error message, you need check before any step have incorrect.


In Ory Hydra get access token is not like sdk document


https://www.ory.sh/docs/hydra/sdk/api#the-oauth-20-token-endpoint

You need to sure grant_type=authorization_code Not other options.

But SDK Document No any options example. Only suggestion you use lib. So you need to try many.

like follow
https://www.oauth.com/oauth2-servers/pkce/authorization-code-exchange/
https://community.ory.sh/t/how-configure-grant-implicit-flow/411/14
https://auth0.com/docs/api-auth/tutorials/authorization-code-grant-pkce
https://github.com/oauthjs/express-oauth-server/issues/55
https://www.jianshu.com/p/5cf2b7a45b75
http://www.passportjs.org/docs/oauth/

Then try out a ways.

OK. Mark is not important Required. 


#&redirect_uri=https://certfront/oid/test/callback
#&scope=openid,offline
#&client_id=auth-code-client
#&code_verifier=
#&state=gczxkznmjkrksgytsemvwgkf
標籤 ,

oauth2 nodejs

https://peach.ebu.io/technical/tutorials/tuto-oauth2-client/

https://www.pveller.com/oauth2-with-passport-10-steps-recipe/

http://www.hitotec.com/authentification-oauth-avec-passportjs-pour-une-api-rest/


https://www.shangyang.me/2018/03/11/javascript-nodejs-passport-04-deepinto-oauth2-authenticate-process/

https://blog.yorkxin.org/2013/09/30/oauth2-4-1-auth-code-grant-flow.html
標籤 ,

[轉]如何使用 OpenSSL 建立開發測試用途的自簽憑證 (Self-Signed Certificate)

https://blog.miniasp.com/post/2019/02/25/Creating-Self-signed-Certificate-using-OpenSSL



目前這個方式比較靠普


建立 ssl.conf 設定檔


[req]
prompt = no
default_md = sha256
default_bits = 2048
distinguished_name = dn
x509_extensions = v3_req

[dn]
C = TW
ST = Taiwan
L = Taipei
O = Duotify Inc.
OU = IT Department
emailAddress = admin@example.com
CN = localhost

[v3_req]
subjectAltName = @alt_names

[alt_names]
DNS.1 = *.localhost
DNS.2 = localhost
DNS.3 = 192.168.2.100



openssl req -x509 -new -nodes -sha256 -utf8 -days 3650 -newkey rsa:2048 -keyout server.key -out server.crt -config ssl.conf
標籤 , , , ,

oauth2 nodejs vue

https://www.ory.sh/docs/hydra/integration#interacting-with-oauth-20

https://github.com/lelylan/simple-oauth2

https://www.jianshu.com/p/5cf2b7a45b75
標籤
訂閱: 文章 (Atom)