Merged in feature/curity-social-login (pull request #2963)

feat(SW-3541): Do social login after login to SAS * feat(auth): wip social login via curity * Setup social login auth flow * Merge branch 'master' of bitbucket.org:scandic-swap/web into feature/curity-social-login * Added support for getting scandic tokens and refresh them * feat: Enhance social login and session management with auto-refresh and improved error handling * Merge branch 'master' of bitbucket.org:scandic-swap/web into feature/curity-social-login * wrap layout in suspense * revert app/layout.tsx * fix import * cleanup * merge * merge * dont pass client_secret in the url to curity * add state validation when doing social login through /authorize * remove debug logging Approved-by: Anton Gunnarsson
2025-10-16 12:47:12 +00:00
parent 1850cfd20d
commit 291310e841
24 changed files with 827 additions and 84 deletions
@@ -0,0 +1,38 @@
+import { config } from "./config"
+import { endpoints } from "./endpoints"
+
+export async function getToken({ code }: { code: string }) {
+  const params = new URLSearchParams({
+    grant_type: "authorization_code",
+    code,
+    redirect_uri: config.redirect_uri,
+    client_id: config.client_id,
+    client_secret: config.client_secret,
+  })
+
+  const res = await fetch(endpoints.token_endpoint.toString(), {
+    method: "POST",
+    headers: {
+      "Content-Type": "application/x-www-form-urlencoded",
+      Accept: "application/json",
+    },
+    body: params,
+    signal: AbortSignal.timeout(15_000),
+  })
+
+  if (!res.ok) {
+    const text = await res.text()
+    throw new Error(`Token endpoint returned ${res.status}: ${text}`)
+  }
+
+  const payload = await res.json()
+
+  return payload as {
+    access_token: string
+    token_type?: string
+    expires_in: number
+    refresh_token?: string
+    id_token?: string
+    scope?: string
+  }
+}