Documentation
Node.js
Minimal http server demonstrating authorize + callback.
server.ts
import http from "node:http";
import { createPkcePair } from "./pkce.js";
const ISSUER = process.env.AUTH_ISSUER;
const pending = new Map(); // demo only — use a real session store
http.createServer(async (req, res) => {
const url = new URL(req.url!, "http://localhost:3000");
if (url.pathname === "/login") {
const { verifier, challenge } = createPkcePair();
const state = crypto.randomUUID();
pending.set(state, verifier);
const authorize = new URL(`${ISSUER}/oauth2/authorize`);
authorize.searchParams.set("response_type", "code");
authorize.searchParams.set("client_id", process.env.AUTH_CLIENT_ID!); // YOUR_CLIENT_ID
authorize.searchParams.set("redirect_uri", process.env.AUTH_REDIRECT_URI!);
authorize.searchParams.set("scope", "openid profile email offline_access");
authorize.searchParams.set("state", state);
authorize.searchParams.set("code_challenge", challenge);
authorize.searchParams.set("code_challenge_method", "S256");
res.writeHead(302, { Location: authorize.toString() });
return res.end();
}
if (url.pathname === "/callback") {
const code = url.searchParams.get("code");
const state = url.searchParams.get("state");
const verifier = pending.get(state);
// exchange code with YOUR_CLIENT_SECRET + verifier
res.end("signed in");
}
}).listen(3000);