From d76579fcec99d947d6d72698a535c0ba43ecf391 Mon Sep 17 00:00:00 2001
From: Luuc van der Zee <luuc_v_d_zee@hotmail.com>
Date: Wed, 14 Aug 2024 10:27:46 +0100
Subject: [PATCH 1/4] _

---
 utils/profiles.js | 38 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)
 create mode 100644 utils/profiles.js

diff --git a/utils/profiles.js b/utils/profiles.js
new file mode 100644
index 0000000..912130e
--- /dev/null
+++ b/utils/profiles.js
@@ -0,0 +1,38 @@
+const PROFILES = [
+  {
+    profile_name: 'john_doe',
+    profile_description: "John Doe (random email, has name, has custom fields)",
+    first_name: "John",
+    last_name: "Doe",
+    has_email: true,
+    verified_email: true,
+    gender: "male",
+    birthdate: "2000-01-01",
+  },
+  {
+    profile_name: 'jane_doe',
+    profile_description: "Jane Doe (no email, has name, has custom fields)",
+    first_name: "Jane",
+    last_name: "Doe",
+    has_email: false,
+    verified_email: false,
+    gender: "female",
+    birthdate: "2001-02-02",
+  }
+]
+
+const getProfiles = () => PROFILES;
+
+const getProfileByName = (profileName) => {
+  return PROFILES.find(p => p.profile === profileName);
+}
+
+const getProfileByToken = () => {
+  // TODO
+};
+
+module.exports = {
+  getProfiles,
+  getProfileByName,
+  getProfileByToken
+};

From 615034ac78bd2d6d1222e6a693766d7a4cae7234 Mon Sep 17 00:00:00 2001
From: Luuc van der Zee <luuc_v_d_zee@hotmail.com>
Date: Fri, 16 Aug 2024 16:34:21 +0100
Subject: [PATCH 2/4] Add profile select

---
 public/stylesheets/style.css | 11 +++++++++++
 routes/index.js              |  5 +++--
 utils/profiles.js            | 20 +++++++++++---------
 views/index.ejs              | 10 ++++++++++
 4 files changed, 35 insertions(+), 11 deletions(-)

diff --git a/public/stylesheets/style.css b/public/stylesheets/style.css
index 92936b1..d25947e 100644
--- a/public/stylesheets/style.css
+++ b/public/stylesheets/style.css
@@ -24,3 +24,14 @@ button {
   font-size: 16px;
   max-width: 150px;
 }
+
+label#profile-select-label {
+  display: block;
+  margin-bottom: 10px;
+}
+
+select#profile-select {
+  padding: 8px;
+  font-size: 16px;
+  margin-bottom: 30px;
+}
\ No newline at end of file
diff --git a/routes/index.js b/routes/index.js
index 07701bd..be630b1 100644
--- a/routes/index.js
+++ b/routes/index.js
@@ -1,15 +1,16 @@
 const express = require("express");
 const router = express.Router();
 const { createIdToken } = require("../utils/createIdToken");
+const { getProfiles } = require("../utils/profiles");
 
 // GET home page
 router.get("/", (_req, res) => {
-  res.render("index", { title: "Fake SSO" });
+  res.render("index", { title: "Fake SSO", profiles: getProfiles() });
 });
 
 // The authorization endpoint, same as homepage
 router.get("/oauth2/authorize", (_req, res) => {
-  res.render("index", { title: "Fake SSO" });
+  res.render("index", { title: "Fake SSO", profiles: getProfiles() });
 });
 
 // The token endpoint: receives code, returns id token and access token.
diff --git a/utils/profiles.js b/utils/profiles.js
index 912130e..adec11e 100644
--- a/utils/profiles.js
+++ b/utils/profiles.js
@@ -1,7 +1,8 @@
 const PROFILES = [
   {
-    profile_name: 'john_doe',
-    profile_description: "John Doe (random email, has name, has custom fields)",
+    id: 'john_doe',
+    description: "John Doe (random email, has name, has custom fields)",
+    token: 'john_doe_token',
     first_name: "John",
     last_name: "Doe",
     has_email: true,
@@ -10,8 +11,9 @@ const PROFILES = [
     birthdate: "2000-01-01",
   },
   {
-    profile_name: 'jane_doe',
-    profile_description: "Jane Doe (no email, has name, has custom fields)",
+    id: 'jane_doe',
+    description: "Jane Doe (no email, has name, has custom fields)",
+    token: 'jane_doe_token',
     first_name: "Jane",
     last_name: "Doe",
     has_email: false,
@@ -23,16 +25,16 @@ const PROFILES = [
 
 const getProfiles = () => PROFILES;
 
-const getProfileByName = (profileName) => {
-  return PROFILES.find(p => p.profile === profileName);
+const getProfileById = (id) => {
+  return PROFILES.find(p => p.id === id);
 }
 
-const getProfileByToken = () => {
-  // TODO
+const getProfileByToken = (token) => {
+  return PROFILES.find(p => p.token === token);
 };
 
 module.exports = {
   getProfiles,
-  getProfileByName,
+  getProfileById,
   getProfileByToken
 };
diff --git a/views/index.ejs b/views/index.ejs
index d825fef..ce3240b 100644
--- a/views/index.ejs
+++ b/views/index.ejs
@@ -15,6 +15,16 @@
       <%= title %>
     </h1>
     <main>
+      <div>
+        <label for="profile-select" id="profile-select-label">Profile:</label>
+        <select name="profile-select" id="profile-select">
+          <% profiles.forEach(function(profile) { %>
+            <option value="<%= profile.id %>">
+              <%= profile.description %>
+            </option>
+            <% }); %>
+        </select>
+      </div>
       <button id="submit-button">Submit SSO</button>
     </main>
   </div>

From 767dc65ebd8ea847cad75cc81b39338d8d5cccd1 Mon Sep 17 00:00:00 2001
From: Luuc van der Zee <luuc_v_d_zee@hotmail.com>
Date: Fri, 16 Aug 2024 17:03:14 +0100
Subject: [PATCH 3/4] Get profiles working e2e

---
 public/javascripts/index.js |  6 ++++--
 routes/index.js             |  9 +++++++--
 utils/createIdToken.js      | 19 +++++++++++--------
 utils/profiles.js           |  7 -------
 4 files changed, 22 insertions(+), 19 deletions(-)

diff --git a/public/javascripts/index.js b/public/javascripts/index.js
index 2a6528c..cf0f036 100644
--- a/public/javascripts/index.js
+++ b/public/javascripts/index.js
@@ -1,4 +1,3 @@
-const CODE = "code_abc123";
 const SCOPE = "some scope stuff";
 
 function onSubmit() {
@@ -7,9 +6,12 @@ function onSubmit() {
   const redirect_uri = params.get("redirect_uri");
   const state = params.get("state");
 
+  const profileSelect = document.getElementById("profile-select");
+  const profile = profileSelect?.value;
+
   const newParams = new URLSearchParams();
   newParams.append("state", state);
-  newParams.append("code", CODE);
+  newParams.append("code", profile);
   newParams.append("scope", SCOPE);
   newParams.append("authuser", "0");
   newParams.append("prompt", "none");
diff --git a/routes/index.js b/routes/index.js
index be630b1..ae5c70f 100644
--- a/routes/index.js
+++ b/routes/index.js
@@ -17,8 +17,13 @@ router.get("/oauth2/authorize", (_req, res) => {
 // The id token contains all the verified information about the user.
 // The access token can be used to request extra information using
 // the /userinfo endpoint.
-router.post("/oauth2/token", async (_req, res) => {
-  const idToken = await createIdToken();
+router.post("/oauth2/token", async (req, res) => {
+  // This is the code that was passed to the redirect_uri.
+  // See public/javascripts/index.js
+  const profileId = req.body.code;
+
+  // We then use this profile to create an id token.
+  const idToken = await createIdToken(profileId);
 
   res.json({
     token_type: "Bearer",
diff --git a/utils/createIdToken.js b/utils/createIdToken.js
index 6ef0bc3..5232b28 100644
--- a/utils/createIdToken.js
+++ b/utils/createIdToken.js
@@ -1,6 +1,7 @@
 const jose = require("jose");
 const { v4: uuidv4 } = require("uuid");
 const { randomBytes } = require("crypto");
+const { getProfileById } = require("./profiles");
 
 require('dotenv').config({ path: './env_files/back-secret.env' });
 
@@ -9,22 +10,24 @@ const issuer = process.env.FAKE_SSO_ISSUER ?? "http://host.docker.internal";
 
 const alg = "HS256";
 
-const createIdToken = () => {
+const createIdToken = (profileId) => {
   const uid = uuidv4();
   const randomString = randomBytes(6).toString("hex");
 
+  const profile = getProfileById(profileId);
+
   // https://www.iana.org/assignments/jwt/jwt.xhtml
   return new jose.SignJWT({
     uid,
     sub: uid,
     azp: "govocal_client",
-    email: `${randomString}@example.com`,
-    email_verified: true,
-    name: "John Doe",
-    given_name: "John",
-    family_name: "Doe",
-    gender: "male",
-    birthdate: "2000-01-01",
+    email: profile.has_email ? `${randomString}@example.com` : undefined,
+    email_verified: profile.verified_email,
+    name: `${profile.first_name} ${profile.last_name}`,
+    given_name: profile.first_name,
+    family_name: profile.last_name,
+    gender: profile.gender,
+    birthdate: profile.birthdate,
   })
     .setProtectedHeader({ alg })
     .setIssuedAt()
diff --git a/utils/profiles.js b/utils/profiles.js
index adec11e..5a0e005 100644
--- a/utils/profiles.js
+++ b/utils/profiles.js
@@ -2,7 +2,6 @@ const PROFILES = [
   {
     id: 'john_doe',
     description: "John Doe (random email, has name, has custom fields)",
-    token: 'john_doe_token',
     first_name: "John",
     last_name: "Doe",
     has_email: true,
@@ -13,7 +12,6 @@ const PROFILES = [
   {
     id: 'jane_doe',
     description: "Jane Doe (no email, has name, has custom fields)",
-    token: 'jane_doe_token',
     first_name: "Jane",
     last_name: "Doe",
     has_email: false,
@@ -29,12 +27,7 @@ const getProfileById = (id) => {
   return PROFILES.find(p => p.id === id);
 }
 
-const getProfileByToken = (token) => {
-  return PROFILES.find(p => p.token === token);
-};
-
 module.exports = {
   getProfiles,
   getProfileById,
-  getProfileByToken
 };

From 46ac865ce85f74cae35d807e58837a1945851225 Mon Sep 17 00:00:00 2001
From: Luuc van der Zee <luuc_v_d_zee@hotmail.com>
Date: Mon, 19 Aug 2024 19:46:46 +0100
Subject: [PATCH 4/4] Add one more profile

---
 utils/profiles.js | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/utils/profiles.js b/utils/profiles.js
index 5a0e005..06a034a 100644
--- a/utils/profiles.js
+++ b/utils/profiles.js
@@ -18,6 +18,16 @@ const PROFILES = [
     verified_email: false,
     gender: "female",
     birthdate: "2001-02-02",
+  },
+  {
+    id: 'tracy_smith',
+    description: "Tracy Smith (random unverified email, has name, has custom fields)",
+    first_name: "Tracy",
+    last_name: "Smith",
+    has_email: true,
+    verified_email: false,
+    gender: "female",
+    birthdate: "2002-03-03",
   }
 ]