node 8 nodejs ssl handshake error

const https = require('https'); export async function GetUserinfo(Token) { console.log(process.env["NODE_TLS_REJECT_UNAUTHORIZED"]) process.env["NODE_TLS_REJECT_UNAUTHORIZED"] = 0; console.log(process.env["NODE_TLS_REJECT_UNAUTHORIZED"]) const baseURL = 'https://openid.hydra:9001'; const userinfoURL = '/userinfo'; axios({ method: 'get', headers: { 'Authorization': 'Bearer ' + Token, 'accept': 'application/json' }, httpsAgent: new https.Agent({ rejectUnauthorized: false, ecdhCurve: 'auto' }), url: userinfoURL, baseURL: baseURL, responseType: 'json' }).then(function (response) { process.env[“NODE_TLS_REJECT_UNAUTHORIZED”] = 0; No Need, No mean Error: self signed certificate Answer: rejectUnauthorized: false, HTTPs requests to API fail: ‘sslv3 alert handshake failure Answer: ecdhCurve: ‘auto’ ...

2019-08-09 · 1 min · 78 words · Me

Ory Hydra Authorization Code Exchange => access token Use openid-client

https://github.com/panva/node-openid-client/tree/v2.x Important! WARNING: Node.js 12 or higher is required for openid-client@3 and above. For older Node.js versions use openid-client@2. So watch https://github.com/panva/node-openid-client/tree/v2.x node.js package use “openid-client”: “2.5.0”, client.authorizationCallback have bug, nonce mismatch always have this error even see https://github.com/panva/node-openid-client/issues/150 Correct way https://github.com/panva/node-openid-client/blob/f1b4282ac50f7e15fc195f66bf76409af4ec4b6b/lib/client.js see if (params.code) { Can know use grant https://github.com/panva/node-openid-client/tree/v2.x#custom-token-endpoint-grants const hydraconfig= { "oidurl": "https://openid.hydra:9001", "redirectUri": "https://t.tt:9010/callback", "clientid": "auth-code-client", "clientsecretid": "secret" } //openid-client================ const { Issuer } = require('openid-client') const hydraIssuer = await Issuer.discover(hydraconfig.oidurl) // => Promise .then(function (hydradiscoverIssuer) { console.log('Discovered issuer %s %O', hydradiscoverIssuer.issuer, hydradiscoverIssuer.metadata); return hydradiscoverIssuer }); const client = new hydraIssuer.Client({ client_id: hydraconfig.clientid, client_secret: hydraconfig.clientsecretid }); var tokenset = await client.grant({ grant_type: 'authorization_code', code: code, redirect_uri: hydraconfig.redirectUri, code_verifier: '', //No value, because real use in Hydra login-consent. Not use client.authorizationUrl or client.authorizationPost }); console.log(tokenset)

2019-08-07 · 1 min · 128 words · Me

javascript console.log object

console.log(‘show value string, object %s %O’, var.string, var.object);

2019-08-07 · 1 min · 8 words · Me

Ory Hydra Authorization Code Exchange => access token

Before posts about Hydra get access token is use golang HydraOauthConfig.Exchange(ctx, code). This is easy way. But on front website like vue or other framework how to get access token. Use REST Client to test POST https://openid.hydra:9001/oauth2/token Authorization: Basic YXV0aC1jb2RlLWNsaWVudDpzZWNyZXQ= Content-Type: application/x-www-form-urlencoded grant_type=authorization_code &code=cuNw76aEuckIJJyVssk2LJvqdLXffT-8Kx1s0tYFt6Y.v0Dxc2_yT9ga8c2moKx0fDbwRFVgwryAt5BJM7lOJlM #&redirect_uri=https://certfront/oid/test/callback #&scope=openid,offline #&client_id=auth-code-client #&code_verifier= #&state=gczxkznmjkrksgytsemvwgkf Import is: Authorization: Basic https://github.com/ory/hydra/issues/631 Not Authorization: Bearer base64(urlencode(client_id):urlencode(client_secret)) YXV0aC1jb2RlLWNsaWVudDpzZWNyZXQ= => auth-code-client:secret code is callback code. When you login-consent finish step then callback to your set callback URL. Watch URL inside have code= example: https://t.tt:9010/callback?code=cuNw76aEuckIJJyVssk2LJvqdLXffT-8Kx1s0tYFt6Y.v0Dxc2_yT9ga8c2moKx0fDbwRFVgwryAt5BJM7lOJlM&scope=openid%20offline&state=gczxkznmjkrksgytsemvwgkf ...

2019-08-07 · 1 min · 159 words · Me

oauth2 nodejs

https://peach.ebu.io/technical/tutorials/tuto-oauth2-client/ https://www.pveller.com/oauth2-with-passport-10-steps-recipe/ http://www.hitotec.com/authentification-oauth-avec-passportjs-pour-une-api-rest/ https://www.shangyang.me/2018/03/11/javascript-nodejs-passport-04-deepinto-oauth2-authenticate-process/ https://blog.yorkxin.org/2013/09/30/oauth2-4-1-auth-code-grant-flow.html

2019-08-06 · 1 min · 5 words · Me