icns-frontend/pages/api/twitter-auth-info.ts
2022-12-05 20:01:24 +09:00

68 lines
1.9 KiB
TypeScript

import type { NextApiRequest, NextApiResponse } from "next";
import { withIronSessionApiRoute } from "iron-session/next";
import { request } from "../../utils/url";
import { ironOptions } from "../../iron.config";
import { twitterApiBaseUrl } from "../../constants/twitter";
interface TwitterOAuth2TokenData {
token_type: string;
expires_in: number;
access_token: string;
scope: string;
refresh_token: string;
}
export default withIronSessionApiRoute(async function handler(
req: NextApiRequest,
res: NextApiResponse,
) {
if (
!process.env.TWITTER_CLIENT_ID ||
!process.env.TWITTER_CLIENT_SECRET ||
!process.env.TWITTER_AUTH_CALLBACK_URI
) {
return res
.status(500)
.send(
"Twitter app client id or client secret or callback URI is not set",
);
}
if (!req.session.code_verifier) {
return res.status(401).send("No OAuth2.0 code verifier");
}
try {
const { code, state } = req.query;
if (state !== process.env.TWITTER_AUTH_STATE) {
return res.status(401).send("State isn't matching");
}
const params = new URLSearchParams();
params.append("grant_type", "authorization_code");
params.append("code", code as string);
params.append("redirect_uri", process.env.TWITTER_AUTH_CALLBACK_URI);
params.append("code_verifier", req.session.code_verifier);
const tokenData = await request<TwitterOAuth2TokenData>(
`${twitterApiBaseUrl}/oauth2/token`,
{
method: "post",
headers: {
"Content-Type": "application/x-www-form-urlencoded",
Authorization: `Basic ${Buffer.from(
`${process.env.TWITTER_CLIENT_ID}:${process.env.TWITTER_CLIENT_SECRET}`,
).toString("base64")}`,
},
body: params,
},
);
res.status(200).json({
accessToken: tokenData.access_token,
});
} catch (error) {
console.log(error);
res.status(500).send("Internal server error ");
}
},
ironOptions);