chore: fix backend url issue

chore: remove unused public token

chore: fix backend url issue
chore: remove unused public token
45360538 · Xiao Gui · 9033322c · 45360538 · 45360538 · 45360538
Commit 45360538 authored 3 years ago by Xiao Gui
--- a/.openshift/v2/okd_branch_tmpl_v2.yaml
+++ b/.openshift/v2/okd_branch_tmpl_v2.yaml
@@ -28,7 +28,7 @@ objects:
            - name: SESSION_SECRET
              value: ${SESSION_SECRET}
            - name: HOSTNAME
-              value: ${ROUTE_HOST}
+              value: https://${ROUTE_HOST}
            - name: HOST_PATHNAME
              value: ${ROUTE_PATH}
              

--- a/deploy/auth/util.js
+++ b/deploy/auth/util.js
-const { configureAuth, jwtDecode } = require('./oidc')
 const objStoreDb = new Map()

-const HOSTNAME = process.env.HOSTNAME || 'http://localhost:3000'
-const HOST_PATHNAME = process.env.HOST_PATHNAME || ''
-const clientId = process.env.HBP_CLIENTID || 'no hbp id'
-const clientSecret = process.env.HBP_CLIENTSECRET || 'no hbp client secret'
-const discoveryUrl = 'https://services.humanbrainproject.eu/oidc'
-const redirectUri = `${HOSTNAME}${HOST_PATHNAME}/hbp-oidc/cb`
-
-let REFRESH_TOKEN = process.env.REFRESH_TOKEN || null
-const CLIENT_NOT_INIT = `Client is not initialised.`
-const REFRESH_TOKEN_MISSING = `refresh token is missing`
-const REFRESH_ACCESS_TOKEN_MISSING = `access token not defined upon refresh`
-const REFRESH_REFRESH_TOKEN_MISSING = `refresh token not defined upon refresh`
-
-let __client
-let __publicAccessToken
-
-const refreshToken = async () => {
-  if (!__client) throw new Error(CLIENT_NOT_INIT)
-  if (!REFRESH_TOKEN) throw new Error(REFRESH_TOKEN_MISSING)
-  const tokenset = await __client.refresh(REFRESH_TOKEN)
-  const {access_token: accessToken, refresh_token: refreshToken, id_token: idToken} = tokenset
-  if (!accessToken) throw new Error(REFRESH_ACCESS_TOKEN_MISSING)
-  if (!refreshToken) throw new Error(REFRESH_REFRESH_TOKEN_MISSING)
-  if (refreshToken !== REFRESH_TOKEN) {
-    REFRESH_TOKEN = refreshToken
-  }
-  __publicAccessToken = accessToken
-  return true
-}
-
-const getClient = async () => {
-  const { client } = await configureAuth({
-    clientId,
-    clientSecret,
-    discoveryUrl,
-    redirectUri,
-    clientConfig: {
-      redirect_uris: [ redirectUri ],
-      response_types: [ 'code' ]
-    }
-  })
-
-  __client = client
-}
-
-getClient()
-
-const getPublicAccessToken = async () => {
-  if (!__client) {
-    await getClient()
-  }
-  
-  if (!__publicAccessToken) {
-    await refreshToken()
-  }
-
-  const decoded = jwtDecode(__publicAccessToken)
-  const { exp } = decoded
-
-  // refresh token if it is less than 30 minute expiring
-  if (!exp || isNaN(exp) || (exp * 1000 - Date.now() < 1e3 * 60 * 30 )) {
-    await refreshToken()
-  }
-  
-  return __publicAccessToken
-}
-
 const initPassportJs = app => {
  console.log('init passport js')
  const passport = require('passport')
@@ -91,5 +23,4 @@ const initPassportJs = app => {
 module.exports = {
  initPassportJs,
  objStoreDb,
-  getPublicAccessToken: async () => await getPublicAccessToken(),
 }
--- a/deploy/auth/util.spec.js
+++ b/deploy/auth/util.spec.js
@@ -113,43 +113,6 @@ describe('util.js', async () => {
      cleanup()
    })

-    it('> configureAuth and refresh called with correct param', async () => {
-      const { getPublicAccessToken } = require('./util')
-      const token = await getPublicAccessToken()
-
-      const {
-        access_token,
-        refresh_token,
-        id_token,
-        configureAuthStub,
-        refreshSpy,
-        jwtDecodeReturn,
-        jwtDecodeStub
-      } = oidcStub
-      const { HBP_CLIENTID, HBP_CLIENTSECRET, HOSTNAME, HOST_PATHNAME, REFRESH_TOKEN } = env
-      
-      // configuAuthStub
-      assert(
-        configureAuthStub.called,
-        'expect configureAuthStub to have been called once'
-      )
-      const { args } = configureAuthStub.firstCall
-      const arg = args[0]
-      expect(arg).to.include({
-        clientId: HBP_CLIENTID,
-        clientSecret: HBP_CLIENTSECRET,
-        redirectUri: `${HOSTNAME}${HOST_PATHNAME}/hbp-oidc/cb`
-      })
-
-      // refresh spy
-      assert(refreshSpy.calledWith(REFRESH_TOKEN))
-      
-      // jwtStub
-      assert(jwtDecodeStub.calledWith(access_token))
-
-      // return val
-      expect(token).to.be.equal(access_token)
-    })
  })

  describe('> if refresh token is missing', () => {
@@ -184,15 +147,5 @@ describe('util.js', async () => {
      cleanup()
    })

-    it('> refresh getPublicAccessToken will reject', async () => {
-      const { getPublicAccessToken } = require('./util')
-
-      try {
-        await getPublicAccessToken()
-        assert(false, 'get public access token should be rejected')
-      } catch (e) {
-        assert(true)
-      }
-    })
  })
 })
--- a/src/util/constants.ts
+++ b/src/util/constants.ts
@@ -18,7 +18,7 @@ export const KG_TOS_VERSION = '0.3.0'
 export const DS_PREVIEW_URL = environment.DATASET_PREVIEW_URL
 export const BACKENDURL = (() => {
  const { BACKEND_URL } = environment
-  if (!BACKEND_URL) return `http://localhost:3000/`
+  if (!BACKEND_URL) return ``
  if (/^http/.test(BACKEND_URL)) return BACKEND_URL

  const url = new URL(window.location.href)