import Cookies from 'cookies'; import { NextApiRequest, NextApiResponse } from 'next'; import { AUTHORIZE_URL, CLIENT_ID, COOKIE_KEYS, REDIRECT_URL, } from '../../lib/constants'; import { encrypt, generateString } from '../../lib/utils/crypto'; const inProd = process.env.NODE_ENV === 'production'; export default function handler(req: NextApiRequest, res: NextApiResponse) { const stateToken = generateString(16); const state = encrypt( JSON.stringify({ redirect_uri: REDIRECT_URL, state: stateToken, }) ); const params = new URLSearchParams({ client_id: CLIENT_ID, response_type: 'code', redirect_uri: REDIRECT_URL, prompt: 'consent', scope: 'management', state, }); const cookies = new Cookies(req, res, { keys: COOKIE_KEYS, secure: inProd }); cookies.set('validation', stateToken, { secure: inProd, signed: true, }); res.redirect(`${AUTHORIZE_URL}?${params.toString()}`); }