docusign-discover-workshop-2/src/auth.js at main · docusign/docusign-discover-workshop-2 · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
import 'dotenv/config';
import { AuthUtils, IamClient } from '@docusign/iam-sdk';

const CLIENT_ID = process.env.DS_CLIENT_ID;
const SECRET_KEY = process.env.DS_SECRET_KEY;
const REDIRECT_URI = process.env.DS_REDIRECT_URI;

if (!CLIENT_ID || !SECRET_KEY) {
  console.warn('Missing DS client id / secret. Set DS_CLIENT_ID and DS_SECRET_KEY.');
}

function buildAuthUrl({
  redirectUri = REDIRECT_URI,
  scopes = [
    "adm_store_unified_repo_read",
    "adm_store_unified_repo_write",
    "document_uploader_write",
    "document_uploader_read",
    "aow_manage",
    "signature"
  ],
  state = ''
} = {}) {
  if(process.env.DS_ACCESS_TOKEN) {
    return "/ds/callback";
  }

  if (!CLIENT_ID) throw new Error('CLIENT_ID missing');
  return AuthUtils.createAuthorizationUrl({
    type: 'code',
    clientId: CLIENT_ID,
    redirectUri,
    scopes,
    state,
  });
}

/**
 * Exchange authorization code for tokens using the @docusign/iam-sdk
 * returns { accessToken, refreshToken, expiresIn, raw }
 */
async function exchangeCodeForToken(code, { redirectUri = REDIRECT_URI } = {}) {
  if (!code) throw new Error('authorization code is required');
  if (!CLIENT_ID || !SECRET_KEY) throw new Error('CLIENT_ID or SECRET_KEY missing');

  const iam = new IamClient();
  try {
    // TODO: Implement token exchange via sdk

    return {};
  } catch (err) {
    const msg = err?.errorDescription ?? err?.error_description ?? err?.message ?? String(err);
    const e = new Error(`Token exchange failed: ${msg}`);
    e.cause = err;
    throw e;
  }
}

/**
 * Optional: get userinfo via the IAM client
 */
async function getUserInfo(accessToken) {
  if (!accessToken) throw new Error('accessToken is required');
  const iam = new IamClient();
  try {
    const info = await iam.auth.getUserInfo({ accessToken });
    return info;
  } catch (err) {
    const msg = err?.message ?? String(err);
    const e = new Error(`getUserInfo failed: ${msg}`);
    e.cause = err;
    throw e;
  }
}

export {
  buildAuthUrl,
  exchangeCodeForToken,
  getUserInfo,
};