SaveFamily/sf-sim
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 9 Wiki Activity

Solicitud de tokens correcta

Browse Source
This commit is contained in:
Alvar San Martin
2026-01-27 12:31:37 +01:00
parent e8c278aa41
commit 6de5e67bbb
3 changed files with 41 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
packages/shared/domain/JWT.ts
View File

@@ -80,24 +80,24 @@ export class JWTToken<T> {
}) { }) {
const strHeader = JSON.stringify(args.header) const strHeader = JSON.stringify(args.header)
const base64Header = Buffer.from(strHeader).toString("base64url") const base64Header = Buffer.from(strHeader).toString("base64url")
let msg = base64Header let token = base64Header
if (args.payload != undefined) { if (args.payload != undefined) {
const strPayload = JSON.stringify(args.payload) const strPayload = JSON.stringify(args.payload)
const base64payload = Buffer.from(strPayload).toString("base64url") const base64payload = Buffer.from(strPayload).toString("base64url")
msg += ("." + base64payload) token += ("." + base64payload)
} }
if (args.sigantureData != undefined) { if (args.sigantureData != undefined) {
const base64signature = signJWT({ const base64signature = signJWT({
algorythm: args.sigantureData.algorythm, algorythm: args.sigantureData.algorythm,
privateKey: args.sigantureData.privateKey, privateKey: args.sigantureData.privateKey,
data: msg data: token
}).toString("base64url") }).toString("base64url")
msg += ("." + base64signature) token += ("." + base64signature)
} }
console.log("JWT", msg)
return token
} }

7
packages/sim-consumidor-activaciones/aplication/JWT.service.test.ts
View File

@@ -10,5 +10,10 @@ describe("Tokens Objenious", () => {
test("Solicicitud normal de auth", async () => { test("Solicicitud normal de auth", async () => {
const token = await jwtService.getAccessToken() const token = await jwtService.getAccessToken()
console.log("acceso objenious", token) console.log("acceso objenious", token)
}) }),
test("Solicicitud de refresh de auth", async () => {
const token = await jwtService.tryRefreshToken()
console.log("acceso refresh objenious", token)
})
}) })

59
packages/sim-consumidor-activaciones/aplication/JWT.service.ts
View File

@@ -7,7 +7,7 @@ import {
JWTToken JWTToken
} from "#shared/domain/JWT" } from "#shared/domain/JWT"
import axios, { AxiosError } from "axios"; import axios, { AxiosError } from "axios";
import { sign } from "node:crypto"
type GrantAccessRequestBody = { type GrantAccessRequestBody = {
grant_type: string, grant_type: string,
@@ -37,6 +37,7 @@ type AuthHeaders = {
exp: number, exp: number,
} }
const PRIVATE_KEY_PATH = __dirname + "/../obj.pem"
const GET_TOKEN_URL = "https://idp.docapost.io/auth/realms/GETWAY/protocol/openid-connect/token" const GET_TOKEN_URL = "https://idp.docapost.io/auth/realms/GETWAY/protocol/openid-connect/token"
const REFRESH_TOKEN_URL = GET_TOKEN_URL const REFRESH_TOKEN_URL = GET_TOKEN_URL
@@ -77,7 +78,6 @@ function addIATHeaders(authHeaders: Object) {
* Se puede partir de tokens existentes. * Se puede partir de tokens existentes.
*/ */
export class JWTService { export class JWTService {
// Igual no deberia mantener estado // Igual no deberia mantener estado
private authToken?: JWTToken<{}> private authToken?: JWTToken<{}>
private refreshToken?: JWTToken<{}> private refreshToken?: JWTToken<{}>
@@ -90,47 +90,48 @@ export class JWTService {
if (args?.refreshToken != undefined) this.refreshToken = new JWTToken(args.refreshToken) if (args?.refreshToken != undefined) this.refreshToken = new JWTToken(args.refreshToken)
} }
public async getAccessToken() { private buildJwtBody() {
if (this.authToken != undefined && !this.authToken.isExpired()) { const jwtHeaders = {
console.warn("Se está intentado conseguir un token sin expirar el anterior") alg: "RS256",
typ: "JWT",
kid: env.OBJ_KID
} }
const jwtData = addIATHeaders({
console.log("headers", addIATHeaders(DEFAULT_HEADERS)) sub: env.OBJ_CLIENT_ID,
console.log("body", DEFAULT_BODY) iss: env.OBJ_CLIENT_ID,
console.log("keypath", __dirname + "/../obj.pem") aud: "https://idp.docapost.io/auth/realms/GETWAY",
const key = fs.readFileSync(__dirname + "/../obj.pem", "utf8") jti: Date.now().toString(),
const msg = Buffer.from("test") })
const signature = sign( const key = fs.readFileSync(PRIVATE_KEY_PATH, "utf8")
"sha256", const token = JWTToken.fromParts({
Buffer.from(msg), header: jwtHeaders,
key payload: jwtData,
)
JWTToken.fromParts({
header: { alg: "RS256", typ: "JWT", kid: "1234" },
payload: {
"iss": "savefamily_rest_ws",
"aud": "https://idp.docapost.io/auth/realms/GETWAY",
},
sigantureData: { sigantureData: {
algorythm: "sha256", algorythm: "sha256",
privateKey: key privateKey: key
} }
}) })
console.log("signature", signature.toString("base64url")) return token
}
return; public async getAccessToken() {
if (this.authToken != undefined && !this.authToken.isExpired()) {
console.warn("Se está intentado conseguir un token sin expirar el anterior")
}
const bodyWithtoken = {
...DEFAULT_BODY,
client_assertion: this.buildJwtBody()
}
const req = axios.post(GET_TOKEN_URL, const req = axios.post(GET_TOKEN_URL,
DEFAULT_BODY, bodyWithtoken,
{ {
headers: addIATHeaders(DEFAULT_HEADERS) headers: addIATHeaders(DEFAULT_HEADERS)
} }
) )
let res; let res;
try { try {
res = (await req).data as TokensRequestResponse; res = (await req).data as TokensRequestResponse;
this.authToken = new JWTToken(res.access_token) this.authToken = new JWTToken(res.access_token)
@@ -141,7 +142,6 @@ export class JWTService {
console.error(errorString, (e as AxiosError).response?.data) console.error(errorString, (e as AxiosError).response?.data)
throw new Error(errorString) throw new Error(errorString)
} }
} }
public async tryRefreshToken() { public async tryRefreshToken() {
@@ -150,6 +150,7 @@ export class JWTService {
const body = { const body = {
...REFRESH_BODY, ...REFRESH_BODY,
client_assertion: this.buildJwtBody(),
refresh_token: this.refreshToken.rawToken refresh_token: this.refreshToken.rawToken
} }