WE GOT TOKENS BABY!
This commit is contained in:
parent
7262b2ec32
commit
f95acf0deb
2 changed files with 26 additions and 25 deletions
|
|
@ -40,7 +40,8 @@ export async function PARrequest(PAREndpoint, State, ChallengeCode) {
|
||||||
}
|
}
|
||||||
|
|
||||||
export async function AuthRequest(TokenEndpoint, ChallengeVerifier, code, DPoP) {
|
export async function AuthRequest(TokenEndpoint, ChallengeVerifier, code, DPoP) {
|
||||||
return fetch(TokenEndpoint, {method: "POST", body: new URLSearchParams({ grant_type: "authorization_code", code: code, client_id: "https://fedi.crowdedgames.group/oauth/client-metadata.json", redirect_uri: "https://fedi.crowdedgames.group/HTML/setting.html", code_verifier: ChallengeVerifier}), headers: { "DPoP": DPoP, "Content-Type": "application/x-www-form-urlencoded"}});
|
return fetch(TokenEndpoint, {method: "POST", body: new URLSearchParams({ grant_type: "authorization_code", code: code, client_id: "https://fedi.crowdedgames.group/oauth/client-metadata.json", redirect_uri: "https://fedi.crowdedgames.group/HTML/setting.html", code_verifier: ChallengeVerifier}), headers: { "DPoP": DPoP, "Content-Type": "application/x-www-form-urlencoded"}})
|
||||||
|
.then((response) => response.json());
|
||||||
}
|
}
|
||||||
|
|
||||||
// Component 4/4
|
// Component 4/4
|
||||||
|
|
@ -48,20 +49,33 @@ export async function ClientDPoP(POSTorGET, RequestURL, DPoPNonce) {
|
||||||
let KeyPair = await crypto.subtle.generateKey({name: "ECDSA", namedCurve: "P-256"}, true, ["sign", "verify"]);
|
let KeyPair = await crypto.subtle.generateKey({name: "ECDSA", namedCurve: "P-256"}, true, ["sign", "verify"]);
|
||||||
|
|
||||||
// Header
|
// Header
|
||||||
var Header = {alg: "ES256", typ: "dpop+jwt", jwk: await crypto.subtle.exportKey("jwk", KeyPair.publicKey).then(function(response) {return response})};
|
var Header = {typ: "dpop+jwt", alg: "ES256", jwk:
|
||||||
|
await crypto.subtle.exportKey("jwk", KeyPair.publicKey)
|
||||||
|
.then(function(response) {
|
||||||
|
delete response["key_ops"];
|
||||||
|
delete response["ext"];
|
||||||
|
delete response["alg"];
|
||||||
|
return response})
|
||||||
|
};
|
||||||
// Payload
|
// Payload
|
||||||
var Payload = {};
|
var Payload = {};
|
||||||
Payload.jti = GenerateToken(64);
|
Payload.iss = "https://fedi.crowdedgames.group/oauth/client-metadata.json";
|
||||||
|
Payload.jti = crypto.randomUUID();
|
||||||
Payload.htm = POSTorGET;
|
Payload.htm = POSTorGET;
|
||||||
Payload.htu = RequestURL;
|
Payload.htu = RequestURL;
|
||||||
Payload.iat = Math.floor(new Date(Date.now()).getTime() / 1000);
|
Payload.iat = Math.floor(new Date(Date.now()).getTime() / 1000);
|
||||||
Payload.iss = "https://fedi.crowdedgames.group/oauth/client-metadata.json";
|
|
||||||
Payload.nonce = DPoPNonce;
|
Payload.nonce = DPoPNonce;
|
||||||
|
|
||||||
var sHeader = JSON.stringify(Header);
|
var sHeader = JSON.stringify(Header);
|
||||||
var sPayload = JSON.stringify(Payload);
|
var sPayload = JSON.stringify(Payload);
|
||||||
var JWT = KJUR.jws.JWS.sign("ES256", sHeader, sPayload, await crypto.subtle.exportKey("jwk", KeyPair.privateKey).then(function(response) {return response}));
|
var JWT = KJUR.jws.JWS.sign("ES256", sHeader, sPayload,
|
||||||
console.log(JWT);
|
await crypto.subtle.exportKey("jwk", KeyPair.privateKey)
|
||||||
|
.then(function(response) {
|
||||||
|
delete response["key_ops"];
|
||||||
|
delete response["ext"];
|
||||||
|
delete response["alg"];
|
||||||
|
return response})
|
||||||
|
);
|
||||||
return JWT;
|
return JWT;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -77,7 +91,7 @@ export async function AssertionJWT() {
|
||||||
Payload.iss = "https://fedi.crowdedgames.group/oauth/client-metadata.json";
|
Payload.iss = "https://fedi.crowdedgames.group/oauth/client-metadata.json";
|
||||||
Payload.sub = "https://fedi.crowdedgames.group/oauth/client-metadata.json";
|
Payload.sub = "https://fedi.crowdedgames.group/oauth/client-metadata.json";
|
||||||
// Payload.aud
|
// Payload.aud
|
||||||
Payload.jti = GenerateToken(64);
|
Payload.jti = crypto.randomUUID();
|
||||||
Payload.iat = Math.floor(new Date(Date.now()).getTime() / 1000);
|
Payload.iat = Math.floor(new Date(Date.now()).getTime() / 1000);
|
||||||
|
|
||||||
var sHeader = JSON.stringify(Header);
|
var sHeader = JSON.stringify(Header);
|
||||||
|
|
@ -92,7 +106,7 @@ export async function HandleAuthorization(BlueskyPKCEverifer, BlueskyPKCEchallen
|
||||||
let WellKnown = await GetPDSWellKnown();
|
let WellKnown = await GetPDSWellKnown();
|
||||||
let PAREndpoint = WellKnown.pushed_authorization_request_endpoint;
|
let PAREndpoint = WellKnown.pushed_authorization_request_endpoint;
|
||||||
|
|
||||||
let State = GenerateToken(64);
|
let State = crypto.randomUUID();
|
||||||
|
|
||||||
let PKCEverifier = await CreatePKCECodeVerifier();
|
let PKCEverifier = await CreatePKCECodeVerifier();
|
||||||
let PKCEchallenge = await CreatePKCECodeChallenge(PKCEverifier);
|
let PKCEchallenge = await CreatePKCECodeChallenge(PKCEverifier);
|
||||||
|
|
@ -116,12 +130,11 @@ export async function HandleAuthorization(BlueskyPKCEverifer, BlueskyPKCEchallen
|
||||||
|
|
||||||
export async function GainTokens(PKCEcodeName, NonceName) {
|
export async function GainTokens(PKCEcodeName, NonceName) {
|
||||||
if ((document.location.href.split("state=").length > 1 && document.location.href.split("iss=").length > 1 && document.location.href.split("code=").length > 1) && document.cookie.split("; ").find((row) => row.startsWith(PKCEcodeName + "="))?.split("=").length > 1) {
|
if ((document.location.href.split("state=").length > 1 && document.location.href.split("iss=").length > 1 && document.location.href.split("code=").length > 1) && document.cookie.split("; ").find((row) => row.startsWith(PKCEcodeName + "="))?.split("=").length > 1) {
|
||||||
let DPoP = ClientDPoP("POST", "https://bsky.social/oauth/token", document.cookie.split("; ").find((row) => row.startsWith(NonceName + "="))?.split("=")[1]);
|
let DPoP = await ClientDPoP("POST", "https://bsky.social/oauth/token", document.cookie.split("; ").find((row) => row.startsWith(NonceName + "="))?.split("=")[1]);
|
||||||
let PKCE = document.cookie.split("; ").find((row) => row.startsWith(PKCEcodeName + "="))?.split("=")[1];
|
let PKCE = document.cookie.split("; ").find((row) => row.startsWith(PKCEcodeName + "="))?.split("=")[1];
|
||||||
let code = document.location.href.split("code=")[1];
|
let code = document.location.href.split("code=")[1];
|
||||||
console.log(code);
|
let Auth = await AuthRequest("https://bsky.social/oauth/token", PKCE, code, DPoP);
|
||||||
let Auth = AuthRequest("https://bsky.social/oauth/token", PKCE, code, DPoP);
|
console.log(Auth);
|
||||||
console.log(AuthRequest);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -145,15 +158,3 @@ async function sha256(message) {
|
||||||
|
|
||||||
return string;
|
return string;
|
||||||
}
|
}
|
||||||
|
|
||||||
// Stolen from Search
|
|
||||||
// TODO: implement my own function.
|
|
||||||
export function GenerateToken(length) {
|
|
||||||
var chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
|
|
||||||
var token = '';
|
|
||||||
for(var i = 0; i < length; i++) {
|
|
||||||
token += chars[Math.floor(Math.random() * chars.length)];
|
|
||||||
}
|
|
||||||
return token;
|
|
||||||
}
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -101,7 +101,7 @@ function CheckLogin() {
|
||||||
BlueskyLogoutButton.setAttribute("style", "");
|
BlueskyLogoutButton.setAttribute("style", "");
|
||||||
} else {
|
} else {
|
||||||
// Auto log in
|
// Auto log in
|
||||||
BlueskyAPI.GainTokens(BlueskyPKCEchallenge, BlueskyNonce);
|
BlueskyAPI.GainTokens(BlueskyPKCEverifer, BlueskyNonce);
|
||||||
}
|
}
|
||||||
// Check for a bluesky token.
|
// Check for a bluesky token.
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue