sedkis/OAuth-Upstream-Call.js

## OAuth-Upstream-Call.js
var auth0OAuthClientCredMiddleware = new TykJS.TykMiddleware.NewMiddleware({});

// "Cache"
zendeskAccessToken = {
  token: "",
  expiry: 0,
}

salesforceAccessToken = {
  token: "",
  expiry: 0,
}

auth0OAuthClientCredMiddleware.NewProcessRequest(function(request, session, spec) {
  log("OAuth2 Access Token Flow Init")

  // There is a separate access token for EACH API (zendesk, salesforce, etc)
  // This plugin gets called by each API
  // Pulls access token from cache
  accessToken = null
  switch (spec.config_data.upstream_client) {
      case "zendesk":
        accessToken = zendeskAccessToken
        log("Using zendesk token!")
        break;
      case "salesforce":
        accessToken = salesforceAccessToken
        log("Using salesforce token!")
        break;
  }

  // If no access token, should return early with error
  // Means we haven't set up an API correctly
  if (!accessToken) {
    log("NO upstream vendor found")
    return auth0OAuthClientCredMiddleware.ReturnData(request, {});
  }

  // Need to refresh the upstream token..
  log(accessToken.token)
  log(accessToken.expiry)
  if (accessToken.expiry < new Date().getTime()) {

    log("EXPIRED token.. fetching new one!")

    //Make api call to IDP
    oauthClientRequest = JSON.stringify({
      "Method": "POST",
      "Body": "{\"client_id\":\"{PASTE-YOUR-OWN-CLIEND-ID}\",\"client_secret\":\"{PASTE-YOUR-OWN-CLIEND-SECRET}\",\"audience\":\"auth0-id\",\"grant_type\":\"client_credentials\"}",
      "Headers": {"content-type":"application/json"},
      "Domain": "https://webhook.site",
      "Resource": "/8b0f6813-4b91-4345-b8fb-975dae93e161"
    });

    rawResponse = TykMakeHttpRequest(oauthClientRequest);
    usableResponse = JSON.parse(rawResponse);

    log("IDP Response Code: " + usableResponse.Code);
    log("IDP Response Body: " + usableResponse.Body);

    // Save to "cache"
    newToken = "FAKETOKEN"
    newExpiry = Date.now() + 10000; // 10 seconds

    // Should be a separate function, but laziness
    switch (spec.config_data.upstream_client) {
      case "zendesk":
        zendeskAccessToken.token = newToken
        zendeskAccessToken.expiry = newExpiry
        log("Using zendesk token!")
        break;
      case "salesforce":
        salesforceAccessToken.token = newToken
        salesforceAccessToken.expiry = newExpiry
        log("Using salesforce token!")
        break;
    }

  }

  request.SetHeaders["Authorization"] = "Bearer " + newToken;


  log("Virtual endpoint about to end")
  log ('----')
  return auth0OAuthClientCredMiddleware.ReturnData(request, {});
});

// Log that middleware is initialised
log("JavaScript middleware is initialised");
	var auth0OAuthClientCredMiddleware = new TykJS.TykMiddleware.NewMiddleware({});

	// "Cache"
	zendeskAccessToken = {
	token: "",
	expiry: 0,
	}

	salesforceAccessToken = {
	token: "",
	expiry: 0,
	}

	auth0OAuthClientCredMiddleware.NewProcessRequest(function(request, session, spec) {
	log("OAuth2 Access Token Flow Init")

	// There is a separate access token for EACH API (zendesk, salesforce, etc)
	// This plugin gets called by each API
	// Pulls access token from cache
	accessToken = null
	switch (spec.config_data.upstream_client) {
	case "zendesk":
	accessToken = zendeskAccessToken
	log("Using zendesk token!")
	break;
	case "salesforce":
	accessToken = salesforceAccessToken
	log("Using salesforce token!")
	break;
	}

	// If no access token, should return early with error
	// Means we haven't set up an API correctly
	if (!accessToken) {
	log("NO upstream vendor found")
	return auth0OAuthClientCredMiddleware.ReturnData(request, {});
	}

	// Need to refresh the upstream token..
	log(accessToken.token)
	log(accessToken.expiry)
	if (accessToken.expiry < new Date().getTime()) {

	log("EXPIRED token.. fetching new one!")

	//Make api call to IDP
	oauthClientRequest = JSON.stringify({
	"Method": "POST",
	"Body": "{\"client_id\":\"{PASTE-YOUR-OWN-CLIEND-ID}\",\"client_secret\":\"{PASTE-YOUR-OWN-CLIEND-SECRET}\",\"audience\":\"auth0-id\",\"grant_type\":\"client_credentials\"}",
	"Headers": {"content-type":"application/json"},
	"Domain": "https://webhook.site",
	"Resource": "/8b0f6813-4b91-4345-b8fb-975dae93e161"
	});

	rawResponse = TykMakeHttpRequest(oauthClientRequest);
	usableResponse = JSON.parse(rawResponse);

	log("IDP Response Code: " + usableResponse.Code);
	log("IDP Response Body: " + usableResponse.Body);

	// Save to "cache"
	newToken = "FAKETOKEN"
	newExpiry = Date.now() + 10000; // 10 seconds

	// Should be a separate function, but laziness
	switch (spec.config_data.upstream_client) {
	case "zendesk":
	zendeskAccessToken.token = newToken
	zendeskAccessToken.expiry = newExpiry
	log("Using zendesk token!")
	break;
	case "salesforce":
	salesforceAccessToken.token = newToken
	salesforceAccessToken.expiry = newExpiry
	log("Using salesforce token!")
	break;
	}

	}

	request.SetHeaders["Authorization"] = "Bearer " + newToken;


	log("Virtual endpoint about to end")
	log ('----')
	return auth0OAuthClientCredMiddleware.ReturnData(request, {});
	});

	// Log that middleware is initialised
	log("JavaScript middleware is initialised");