-
Create a private key
openssl genrsa -out server.key 2048
-
make a new x509 cert good for 10 years for that private key
openssl req -new -x509 -sha256 -key server.key -out server.crt -days 3650
-
Follow the prompts entering CY code, State/Region name, and
localhost
for everything else -
open keychain (
cmd
+space
keychain access.app) -
Drag the .crt file into system certificates
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package main | |
import ( | |
"fmt" | |
"log" | |
"net/http" | |
"os" | |
"github.com/onelogin/onelogin-go-sdk/pkg/client" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package main | |
import ( | |
"log" | |
"os" | |
"github.com/onelogin/onelogin-go-sdk/pkg/client" | |
"github.com/onelogin/onelogin-go-sdk/pkg/models" | |
"github.com/onelogin/onelogin-go-sdk/pkg/oltypes" | |
"layeh.com/radius" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var region = pm.variables.get("region"); | |
var id = pm.variables.get("client_id"); | |
var secret = pm.variables.get("client_secret"); | |
var basicToken = btoa(`${id}:${secret}`); | |
const echoPostRequest = { | |
url: `https://api.${region}.onelogin.com/auth/oauth2/v2/token`, | |
method: 'POST', | |
header: { | |
"Content-Type": "application/json", |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
const PKCEAuthCodeSecondStep = ( code ) => { | |
let oidcURL = `${process.env.OIDC_IDP_URL}/token`; | |
let params = qs.stringify( { | |
grant_type: "authorization_code", | |
redirect_uri: "http://localhost/login_oidc", | |
client_id: process.env.OIDC_CLIENT_ID, | |
code_verifier: localStorage.getItem( 'code_verifier' ), | |
code | |
} ); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
const PKCEAuthCodeFirstStep = () => { | |
let oidcURL = `${process.env.OIDC_IDP_URL}/auth`; | |
let queryParams = [`client_id=${process.env.OIDC_CLIENT_ID}`]; | |
let codeVerifier = createCodeVerifier( 50 ); | |
localStorage.setItem( 'code_verifier', codeVerifier ); | |
return createCodeChallenge( codeVerifier ).then( codeChallenge => { | |
queryParams.push(`code_challenge=${codeChallenge}`); | |
queryParams.push(`redirect_uri=http://localhost/login_oidc`); | |
queryParams.push(`code_challenge_method=S256`); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
const createCodeVerifier = ( size ) => { | |
const charset = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-_.~'; | |
const charsetIndexBuffer = new Uint8Array( size ); | |
for ( let i = 0; i < size; i += 1 ) { | |
charsetIndexBuffer[i] = ( Math.random() * charset.length ) | 0; | |
} | |
let randomChars = []; | |
for ( let i = 0; i < charsetIndexBuffer.byteLength; i += 1 ) { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
const createCodeChallenge = ( codeVerifier ) => { | |
if ( typeof window !== 'undefined' && !!( window.crypto ) && !!( window.crypto.subtle ) ) { | |
return new Promise( ( resolve, reject ) => { | |
let codeVerifierCharCodes = textEncodeLite( codeVerifier ); | |
crypto.subtle | |
.digest( 'SHA-256', codeVerifierCharCodes ) | |
.then( | |
hashedCharCodes => resolve( urlSafe( new Uint8Array(hashedCharCodes) ) ), | |
error => reject( error ) | |
); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
package=$1 | |
if [[ -z "$package" ]]; then | |
echo "usage: $0 <package-name>" | |
exit 1 | |
fi | |
package_split=(${package//\// }) | |
package_name=${package_split[${#package_split[@]}-1]} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
on: | |
push: | |
tags: | |
- '*' | |
name: Release | |
jobs: | |
release: | |
runs-on: ubuntu-latest | |
steps: | |
- name: Checkout |