Add connectTokenExternal route

incorbador · incorbador · commit 370588067c8c · 2025-05-18T18:13:23.000+02:00
diff --git a/playground/connect-next/app/(api)/connectTokenExternal/route.ts b/playground/connect-next/app/(api)/connectTokenExternal/route.ts
@@ -0,0 +1,25 @@
+import { NextRequest } from 'next/server';
+import { getCorbadoConnectTokenExternal, verifyAmplifyTokenExternal } from '@/lib/utils';
+
+type Payload = {
+  idToken: string;
+  connectTokenType: string;
+};
+
+export async function POST(req: NextRequest) {
+  const body = (await req.json()) as Payload;
+
+  const { idToken, connectTokenType } = body;
+
+  const { displayName, identifier } = await verifyAmplifyTokenExternal(idToken);
+
+  const connectToken = await getCorbadoConnectTokenExternal(connectTokenType, {
+    displayName: displayName,
+    identifier: identifier,
+  });
+
+  return new Response(JSON.stringify({ token: connectToken }), {
+    status: 201,
+    headers: { 'Content-Type': 'application/json' },
+  });
+}
diff --git a/playground/connect-next/lib/utils.ts b/playground/connect-next/lib/utils.ts
@@ -26,6 +26,20 @@ export const verifyAmplifyToken = async (idToken: string): Promise<TokenData> =>
   return { displayName, identifier };
 };
 
+export const verifyAmplifyTokenExternal = async (idToken: string): Promise<TokenData> => {
+  const verifier = CognitoJwtVerifier.create({
+    userPoolId: process.env.AWS_COGNITO_USER_POOL_ID_EXTERNAL!,
+    tokenUse: 'id',
+    clientId: process.env.AWS_COGNITO_CLIENT_ID_EXTERNAL!,
+  });
+
+  const verifiedToken = await verifier.verify(idToken);
+  const displayName: string = verifiedToken.email as string;
+  const identifier = verifiedToken['cognito:username'];
+
+  return { displayName, identifier };
+};
+
 export type CognitoUserInfo = {
   username: string;
   email: string;
@@ -68,3 +82,30 @@ export const getCorbadoConnectToken = async (connectTokenType: string, connectTo
 
   return out.secret;
 };
+
+export const getCorbadoConnectTokenExternal = async (
+  connectTokenType: string,
+  connectTokenData: any,
+): Promise<string> => {
+  const payload = {
+    type: connectTokenType,
+    data: connectTokenData,
+  };
+
+  const body = JSON.stringify(payload);
+
+  const url = `${process.env.CORBADO_BACKEND_API_URL_EXTERNAL}/v2/connectTokens`;
+  const response = await fetch(url, {
+    method: 'POST',
+    headers: {
+      Authorization: `Basic ${process.env.CORBADO_BACKEND_API_BASIC_AUTH_EXTERNAL}`,
+      'Content-Type': 'application/json',
+    },
+    cache: 'no-cache',
+    body: body,
+  });
+
+  const out = await response.json();
+
+  return out.secret;
+};
