chore: general improvements

- Improved environment variables naming
- Added .gitkeep to nextjs-fullstack `certs/` directory
- Fixed function naming in the `LogoutButton` component

example-ciba-flow/aspnet-and-nextjs/backend/app/Services/BisOidcService.cs

@@ -192,8 +192,8 @@ public async Task<JsonWebKeySet> GetJwksAsync()
     public async Task<TokenValidationResult> ValidateIdTokenAsync(string token)
     {
         // The audience claim in the ID token must match the merchant's client id.
-        var clientId = _configuration["CLIENT_ID"]
-                       ?? throw new InvalidOperationException("Missing configuration key CLIENT_ID");
+        var clientId = _configuration["BANKID_CLIENT_ID"]
+                       ?? throw new InvalidOperationException("Missing configuration key BANKID_CLIENT_ID");
 
         var configuration = await GetOidcConfigurationAsync();
         var jwks = await GetJwksAsync();

example-ciba-flow/aspnet-and-nextjs/backend/app/Services/OidcService.cs

@@ -61,8 +61,8 @@ public async Task<string> AcquireTokenAsync()
 
         var configuration = await GetOidcConfigurationAsync();
 
-        var clientId = _configuration["CLIENT_ID"];
-        var clientSecret = _configuration["CLIENT_SEC"];
+        var clientId = _configuration["BANKID_CLIENT_ID"];
+        var clientSecret = _configuration["BANKID_CLIENT_SECRET"];
         var scope = _configuration["BANKID_SCOPE"];
 
         var body = new FormUrlEncodedContent(new[]

example-ciba-flow/aspnet-and-nextjs/backend/app/appsettings.example.json

@@ -6,8 +6,8 @@
     }
   },
   "BANKID_OPENID_CONFIGURATION_URI": "https://auth.current.bankid.no/auth/realms/current/.well-known/openid-configuration",
-  "CLIENT_ID": "string client id",
-  "CLIENT_SEC": "string client",
+  "BANKID_CLIENT_ID": "[replace with the provided client id]",
+  "BANKID_CLIENT_SECRET": "[replace with the provided client secret]",
   "BANKID_BIOMETRICS_OPENID_CONFIGURATION_URI": "https://current.aletheia-test.idtech.no/.well-known/openid-configuration",
   "BANKID_SCOPE": "openid permissions/client permissions/ciba",
   "BANKID_TOKEN_GRANT_TYPE": "urn:openid:params:grant-type:ciba",

example-code-flow/nextjs-fullstack/.env.example

@@ -6,6 +6,6 @@ NEXTAUTH_SECRET="[openssl rand -hex 32]"
 # The OpenID configuration URI of your OIDC provider.
 NEXTAUTH_PROVIDER_CONFIGURATION="https://auth.current.bankid.no/auth/realms/current/.well-known/openid-configuration"
 # Your application's Client ID.
-NEXTAUTH_CLIENT_ID="yourapplication-bankid-current"
+BANKID_CLIENT_ID="yourapplication-bankid-current"
 # Your application's Client Secret.
-NEXTAUTH_CLIENT_SECRET="secret"
+BANKID_CLIENT_SECRET="secret"

example-code-flow/nextjs-fullstack/.gitignore

@@ -38,4 +38,5 @@ next-env.d.ts
 .idea
 *.iml
 
-certs/
+certs/*
+!certs/.gitkeep

example-code-flow/nextjs-fullstack/src/app/api/auth/[...nextauth]/route.ts

@@ -20,8 +20,8 @@ const handler = NextAuth({
           scope: "openid profile nnin_altsub",
         },
       },
-      clientId: process.env.NEXTAUTH_CLIENT_ID,
-      clientSecret: process.env.NEXTAUTH_CLIENT_SECRET,
+      clientId: process.env.BANKID_CLIENT_ID,
+      clientSecret: process.env.BANKID_CLIENT_SECRET,
       idToken: true,
       checks: ["pkce", "state", "nonce"],
       profile(profile) {

example-code-flow/nextjs-fullstack/src/app/components/LogoutButton.tsx

@@ -1,7 +1,7 @@
 import { getCsrfToken } from "next-auth/react";
 
 export default function LogoutButton() {
-  const handleLogin = async () => {
+  const handleLogout = async () => {
     // TODO: handle error?
     const res = await fetch(`/api/auth/signout/bid`, {
       method: "post",
@@ -19,7 +19,7 @@ export default function LogoutButton() {
   };
   return (
     <button
-      onClick={handleLogin}
+      onClick={handleLogout}
       className="bg-background-light hover:bg-background-light-hover text-text-light text-lg font-medium px-6 py-2 rounded-full"
     >
       Log out