Created
October 19, 2023 18:07
-
-
Save sedkis/0b4ff33d7986ba53c98d5660abe38f18 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var auth0OAuthClientCredMiddleware = new TykJS.TykMiddleware.NewMiddleware({}); | |
// "Cache" | |
zendeskAccessToken = { | |
token: "", | |
expiry: 0, | |
} | |
salesforceAccessToken = { | |
token: "", | |
expiry: 0, | |
} | |
auth0OAuthClientCredMiddleware.NewProcessRequest(function(request, session, spec) { | |
log("OAuth2 Access Token Flow Init") | |
// There is a separate access token for EACH API (zendesk, salesforce, etc) | |
// This plugin gets called by each API | |
// Pulls access token from cache | |
accessToken = null | |
switch (spec.config_data.upstream_client) { | |
case "zendesk": | |
accessToken = zendeskAccessToken | |
log("Using zendesk token!") | |
break; | |
case "salesforce": | |
accessToken = salesforceAccessToken | |
log("Using salesforce token!") | |
break; | |
} | |
// If no access token, should return early with error | |
// Means we haven't set up an API correctly | |
if (!accessToken) { | |
log("NO upstream vendor found") | |
return auth0OAuthClientCredMiddleware.ReturnData(request, {}); | |
} | |
// Need to refresh the upstream token.. | |
log(accessToken.token) | |
log(accessToken.expiry) | |
if (accessToken.expiry < new Date().getTime()) { | |
log("EXPIRED token.. fetching new one!") | |
//Make api call to IDP | |
oauthClientRequest = JSON.stringify({ | |
"Method": "POST", | |
"Body": "{\"client_id\":\"{PASTE-YOUR-OWN-CLIEND-ID}\",\"client_secret\":\"{PASTE-YOUR-OWN-CLIEND-SECRET}\",\"audience\":\"auth0-id\",\"grant_type\":\"client_credentials\"}", | |
"Headers": {"content-type":"application/json"}, | |
"Domain": "https://webhook.site", | |
"Resource": "/8b0f6813-4b91-4345-b8fb-975dae93e161" | |
}); | |
rawResponse = TykMakeHttpRequest(oauthClientRequest); | |
usableResponse = JSON.parse(rawResponse); | |
log("IDP Response Code: " + usableResponse.Code); | |
log("IDP Response Body: " + usableResponse.Body); | |
// Save to "cache" | |
newToken = "FAKETOKEN" | |
newExpiry = Date.now() + 10000; // 10 seconds | |
// Should be a separate function, but laziness | |
switch (spec.config_data.upstream_client) { | |
case "zendesk": | |
zendeskAccessToken.token = newToken | |
zendeskAccessToken.expiry = newExpiry | |
log("Using zendesk token!") | |
break; | |
case "salesforce": | |
salesforceAccessToken.token = newToken | |
salesforceAccessToken.expiry = newExpiry | |
log("Using salesforce token!") | |
break; | |
} | |
} | |
request.SetHeaders["Authorization"] = "Bearer " + newToken; | |
log("Virtual endpoint about to end") | |
log ('----') | |
return auth0OAuthClientCredMiddleware.ReturnData(request, {}); | |
}); | |
// Log that middleware is initialised | |
log("JavaScript middleware is initialised"); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment