liaohui
/
fenghuo
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
fenghuo/packages/oidc-provider/examples/auto-key-generation.ts

89 lines
3.3 KiB
TypeScript
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

import { OIDCProvider } from '../src';
import type { OIDCProviderConfig } from '../src/types';
// 示例使用RS256算法自动生成密钥对
const configWithRS256: OIDCProviderConfig = {
issuer: 'https://your-auth-server.com',
signingKey: 'temporary-key', // 这个字符串会被自动生成的RSA密钥对替代
signingAlgorithm: 'RS256', // 指定使用RSA算法
storage: {} as any, // 这里应该是真实的存储适配器
findUser: async (userId: string) => null,
findClient: async (clientId: string) => null,
authConfig: {
passwordValidator: async (username: string, password: string) => null,
},
};
// 示例使用ES256算法自动生成密钥对
const configWithES256: OIDCProviderConfig = {
issuer: 'https://your-auth-server.com',
signingKey: 'temporary-key', // 这个字符串会被自动生成的ECDSA密钥对替代
signingAlgorithm: 'ES256', // 指定使用ECDSA算法
storage: {} as any,
findUser: async (userId: string) => null,
findClient: async (clientId: string) => null,
authConfig: {
passwordValidator: async (username: string, password: string) => null,
},
};
// 示例使用HS256算法不会自动生成密钥对
const configWithHS256: OIDCProviderConfig = {
issuer: 'https://your-auth-server.com',
signingKey: 'your-secret-key', // 对于HMAC直接使用字符串密钥
signingAlgorithm: 'HS256',
storage: {} as any,
findUser: async (userId: string) => null,
findClient: async (clientId: string) => null,
authConfig: {
passwordValidator: async (username: string, password: string) => null,
},
};
// 使用示例
async function demonstrateAutoKeyGeneration() {
console.log('=== 自动密钥生成示例 ===\n');
// RS256 示例
console.log('1. 创建使用RS256算法的Provider:');
const providerRS256 = new OIDCProvider(configWithRS256);
// 第一次调用会触发RSA密钥对生成
console.log('获取JWKS (会自动生成RSA密钥对):');
const jwksRS256 = await providerRS256.getJWKS();
console.log('RSA JWKS keys数量:', jwksRS256.keys.length);
console.log('RSA 密钥类型:', jwksRS256.keys[0]?.kty);
console.log('RSA 算法:', jwksRS256.keys[0]?.alg);
console.log('');
// ES256 示例
console.log('2. 创建使用ES256算法的Provider:');
const providerES256 = new OIDCProvider(configWithES256);
// 第一次调用会触发ECDSA密钥对生成
console.log('获取JWKS (会自动生成ECDSA密钥对):');
const jwksES256 = await providerES256.getJWKS();
console.log('ECDSA JWKS keys数量:', jwksES256.keys.length);
console.log('ECDSA 密钥类型:', jwksES256.keys[0]?.kty);
console.log('ECDSA 算法:', jwksES256.keys[0]?.alg);
console.log('');
// HS256 示例
console.log('3. 创建使用HS256算法的Provider:');
const providerHS256 = new OIDCProvider(configWithHS256);
// HS256不会生成JWKS
console.log('获取JWKS (HS256不暴露密钥):');
const jwksHS256 = await providerHS256.getJWKS();
console.log('HS256 JWKS keys数量:', jwksHS256.keys.length);
console.log('');
console.log('=== 示例完成 ===');
}
// 如果直接运行此文件
if (require.main === module) {
demonstrateAutoKeyGeneration().catch(console.error);
}
export { demonstrateAutoKeyGeneration };
Reference in New Issue View Git Blame Copy Permalink