Merge pull request #378 from HumanBrainProject/bugfix/accessTokenScoping

Bugfix/access token scoping

Merge pull request #378 from HumanBrainProject/bugfix/accessTokenScoping
Bugfix/access token scoping
53088c06 · xgui3783 · GitHub · 17592b34 · 89037b3a · 53088c06
Unverified Commit 53088c06 authored 5 years ago by xgui3783 Committed by GitHub 5 years ago
--- a/deploy/auth/util.js
+++ b/deploy/auth/util.js
@@ -10,17 +10,19 @@ const redirectUri = `${HOSTNAME}/hbp-oidc/cb`
 let REFRESH_TOKEN = process.env.REFRESH_TOKEN || null
 const CLIENT_NOT_INIT = `Client is not initialised.`
 const REFRESH_TOKEN_MISSING = `refresh token is missing`
+const REFRESH_ACCESS_TOKEN_MISSING = `access token not defined upon refresh`
+const REFRESH_REFRESH_TOKEN_MISSING = `refresh token not defined upon refresh`

 let __client
 let __publicAccessToken

 const refreshToken = async () => {
-  if (!__client)
-    throw new Error(CLIENT_NOT_INIT)
-  if (!REFRESH_TOKEN)
-    throw new Error(REFRESH_TOKEN_MISSING)
+  if (!__client) throw new Error(CLIENT_NOT_INIT)
+  if (!REFRESH_TOKEN) throw new Error(REFRESH_TOKEN_MISSING)
  const tokenset = await __client.refresh(REFRESH_TOKEN)
  const {access_token: accessToken, refresh_token: refreshToken, id_token: idToken} = tokenset
+  if (!!accessToken) throw new Error(REFRESH_ACCESS_TOKEN_MISSING)
+  if (!!refreshToken) throw new Error(REFRESH_REFRESH_TOKEN_MISSING)
  if (refreshToken !== REFRESH_TOKEN) {
    REFRESH_TOKEN = refreshToken
  }

--- a/deploy/datasets/util.js
+++ b/deploy/datasets/util.js
 const kgQueryUtil = require('./../auth/util')

-let getPublicAccessToken, publicAccessToken
+let getPublicAccessToken

 const getUserKGRequestParam = async ({ user }) => {
+  let publicAccessToken
  /**
   * n.b. ACCESS_TOKEN env var is usually only set during dev
   */
  const accessToken = (user && user.tokenset && user.tokenset.access_token) || process.env.ACCESS_TOKEN
  const releasedOnly = !accessToken
-  if (!accessToken && !publicAccessToken && getPublicAccessToken) {
+  if (!accessToken && getPublicAccessToken) {
    publicAccessToken = await getPublicAccessToken()
  }
  const option = accessToken || publicAccessToken

--- a/src/atlasViewer/atlasViewer.template.html
+++ b/src/atlasViewer/atlasViewer.template.html
@@ -6,7 +6,7 @@

 <!-- kg tos -->
 <ng-template #kgToS>
-  <h2 mat-dialog-title>Knowldge Graph ToS</h2>
+  <h2 mat-dialog-title>Knowledge Graph ToS</h2>
  <mat-dialog-content class="w-50vw">
    <kgtos-component>
    </kgtos-component>