import Cookies from 'cookies'; import { NextApiRequest, NextApiResponse } from 'next'; import { CLIENT_ID, COOKIE_KEYS, OAUTH_URL, REDIRECT_URL, } from '../../lib/constants'; import { encrypt, generateString } from '../../lib/utils/crypto'; const inProd = process.env.NODE_ENV === 'production'; export default function handler(req: NextApiRequest, res: NextApiResponse) { const stateToken = generateString(16); const state = encrypt( JSON.stringify({ redirect_uri: REDIRECT_URL, state: stateToken, }) ); const params = new URLSearchParams({ client_id: CLIENT_ID, response_type: 'code', redirect_uri: REDIRECT_URL, scope: 'management', state, }); const cookies = new Cookies(req, res, { keys: COOKIE_KEYS, secure: inProd }); cookies.set('validation', stateToken, { secure: inProd, signed: true, }); res.redirect(`${OAUTH_URL}/authorize?${params.toString()}`); }