Add connectTokenExternal route

Author: incorbador

playground/connect-next/app/(api)/connectTokenExternal/route.ts

@@ -0,0 +1,34 @@
+import { NextRequest } from 'next/server';
+import { getCorbadoConnectTokenExternal, verifyAmplifyTokenExternal } from '@/lib/utils';
+
+type Payload = {
+  idToken: string;
+  connectTokenType: string;
+};
+
+export async function POST(req: NextRequest) {
+  const body = (await req.json()) as Payload;
+
+  const { idToken, connectTokenType } = body;
+
+  try {
+    const { displayName, identifier } = await verifyAmplifyTokenExternal(idToken);
+
+    const connectToken = await getCorbadoConnectTokenExternal(connectTokenType, {
+      displayName: displayName,
+      identifier: identifier,
+    });
+
+    return new Response(JSON.stringify({ token: connectToken }), {
+      status: 201,
+      headers: { 'Content-Type': 'application/json' },
+    });
+  } catch (e) {
+    console.error('Error verifying token or getting connect token', e);
+
+    return new Response(JSON.stringify({ error: 'Failed to verify token or get connect token' }), {
+      status: 500,
+      headers: { 'Content-Type': 'application/json' },
+    });
+  }
+}

playground/connect-next/lib/utils.ts

@@ -26,6 +26,27 @@ export const verifyAmplifyToken = async (idToken: string): Promise<TokenData> =>
   return { displayName, identifier };
 };
 
+export const verifyAmplifyTokenExternal = async (idToken: string): Promise<TokenData> => {
+  const verifier = CognitoJwtVerifier.create({
+    userPoolId: process.env.AWS_COGNITO_USER_POOL_ID_EXTERNAL!,
+    tokenUse: 'id',
+    clientId: process.env.AWS_COGNITO_CLIENT_ID_EXTERNAL!,
+  });
+
+  console.log(
+    'verifying token with external verifier',
+    idToken,
+    process.env.AWS_COGNITO_USER_POOL_ID_EXTERNAL,
+    process.env.AWS_COGNITO_CLIENT_ID_EXTERNAL,
+  );
+
+  const verifiedToken = await verifier.verify(idToken);
+  const displayName: string = verifiedToken.email as string;
+  const identifier = verifiedToken['cognito:username'];
+
+  return { displayName, identifier };
+};
+
 export type CognitoUserInfo = {
   username: string;
   email: string;
@@ -68,3 +89,30 @@ export const getCorbadoConnectToken = async (connectTokenType: string, connectTo
 
   return out.secret;
 };
+
+export const getCorbadoConnectTokenExternal = async (
+  connectTokenType: string,
+  connectTokenData: any,
+): Promise<string> => {
+  const payload = {
+    type: connectTokenType,
+    data: connectTokenData,
+  };
+
+  const body = JSON.stringify(payload);
+
+  const url = `${process.env.CORBADO_BACKEND_API_URL_EXTERNAL}/v2/connectTokens`;
+  const response = await fetch(url, {
+    method: 'POST',
+    headers: {
+      Authorization: `Basic ${process.env.CORBADO_BACKEND_API_BASIC_AUTH_EXTERNAL}`,
+      'Content-Type': 'application/json',
+    },
+    cache: 'no-cache',
+    body: body,
+  });
+
+  const out = await response.json();
+
+  return out.secret;
+};