Merge branch 'develop' of github.com:thecodingmachine/workadventure into improve_logging

2021-11-24 15:36:35 +01:00 · 2021-11-24 15:36:35 +01:00 · a1107bd20e
commit a1107bd20e
parent dd89f12c2e dc58f16418
71 changed files with 10373 additions and 520 deletions
--- a/pusher/src/Services/AdminApi.ts
+++ b/pusher/src/Services/AdminApi.ts
@ -1,4 +1,4 @@
-import { ADMIN_API_TOKEN, ADMIN_API_URL, ADMIN_URL } from "../Enum/EnvironmentVariable";
+import { ADMIN_API_TOKEN, ADMIN_API_URL, ADMIN_URL, OPID_PROFILE_SCREEN_PROVIDER } from "../Enum/EnvironmentVariable";
 import Axios from "axios";
 import { GameRoomPolicyTypes } from "_Model/PusherRoom";
 import { CharacterTexture } from "./AdminApi/CharacterTexture";
@ -22,6 +22,7 @@ export interface AdminBannedData {
 }

 export interface FetchMemberDataByUuidResponse {
+    email: string;
    userUuid: string;
    tags: string[];
    visitCardUrl: string | null;
@ -142,13 +143,19 @@ class AdminApi {
        });
    }

-    /*TODO add constant to use profile companny*/
+    /**
+     *
+     * @param accessToken
+     */
    getProfileUrl(accessToken: string): string {
-        if (!ADMIN_URL) {
+        if (!OPID_PROFILE_SCREEN_PROVIDER) {
            throw new Error("No admin backoffice set!");
        }
+        return `${OPID_PROFILE_SCREEN_PROVIDER}?accessToken=${accessToken}`;
+    }

-        return ADMIN_URL + `/profile?token=${accessToken}`;
+    async logoutOauth(token: string) {
+        await Axios.get(ADMIN_API_URL + `/oauth/logout?token=${token}`);
    }
 }

--- a/pusher/src/Services/AdminApi/MapDetailsData.ts
+++ b/pusher/src/Services/AdminApi/MapDetailsData.ts
@ -16,6 +16,7 @@ export const isMapDetailsData = new tg.IsInterface()
        tags: tg.isArray(tg.isString),
        textures: tg.isArray(isCharacterTexture),
        contactPage: tg.isUnion(tg.isString, tg.isUndefined),
+        authenticationMandatory: tg.isUnion(tg.isBoolean, tg.isUndefined),
    })
    .get();

--- a/pusher/src/Services/JWTTokenManager.ts
+++ b/pusher/src/Services/JWTTokenManager.ts
@ -1,4 +1,4 @@
-import { ADMIN_API_URL, ALLOW_ARTILLERY, SECRET_KEY } from "../Enum/EnvironmentVariable";
+import { ADMIN_API_URL, ADMIN_SOCKETS_TOKEN, ALLOW_ARTILLERY, SECRET_KEY } from "../Enum/EnvironmentVariable";
 import { uuid } from "uuidv4";
 import Jwt, { verify } from "jsonwebtoken";
 import { TokenInterface } from "../Controller/AuthenticateController";
@ -6,13 +6,20 @@ import { adminApi, AdminBannedData } from "../Services/AdminApi";

 export interface AuthTokenData {
    identifier: string; //will be a email if logged in or an uuid if anonymous
-    hydraAccessToken?: string;
+    accessToken?: string;
+}
+export interface AdminSocketTokenData {
+    authorizedRoomIds: string[]; //the list of rooms the client is authorized to read from.
 }
 export const tokenInvalidException = "tokenInvalid";

 class JWTTokenManager {
-    public createAuthToken(identifier: string, hydraAccessToken?: string) {
-        return Jwt.sign({ identifier, hydraAccessToken }, SECRET_KEY, { expiresIn: "30d" });
+    public verifyAdminSocketToken(token: string): AdminSocketTokenData {
+        return Jwt.verify(token, ADMIN_SOCKETS_TOKEN) as AdminSocketTokenData;
+    }
+
+    public createAuthToken(identifier: string, accessToken?: string) {
+        return Jwt.sign({ identifier, accessToken }, SECRET_KEY, { expiresIn: "30d" });
    }

    public verifyJWTToken(token: string, ignoreExpiration: boolean = false): AuthTokenData {
--- a/pusher/src/Services/OpenIDClient.ts
+++ b/pusher/src/Services/OpenIDClient.ts
@ -1,7 +1,10 @@
 import { Issuer, Client, IntrospectionResponse } from "openid-client";
-import { OPID_CLIENT_ID, OPID_CLIENT_SECRET, OPID_CLIENT_ISSUER, FRONT_URL } from "../Enum/EnvironmentVariable";
-
-const opidRedirectUri = FRONT_URL + "/jwt";
+import {
+    OPID_CLIENT_ID,
+    OPID_CLIENT_SECRET,
+    OPID_CLIENT_ISSUER,
+    OPID_CLIENT_REDIRECT_URL,
+} from "../Enum/EnvironmentVariable";

 class OpenIDClient {
    private issuerPromise: Promise<Client> | null = null;
@ -12,7 +15,7 @@ class OpenIDClient {
                return new issuer.Client({
                    client_id: OPID_CLIENT_ID,
                    client_secret: OPID_CLIENT_SECRET,
-                    redirect_uris: [opidRedirectUri],
+                    redirect_uris: [OPID_CLIENT_REDIRECT_URL],
                    response_types: ["code"],
                });
            });
@ -35,7 +38,7 @@ class OpenIDClient {

    public getUserInfo(code: string, nonce: string): Promise<{ email: string; sub: string; access_token: string }> {
        return this.initClient().then((client) => {
-            return client.callback(opidRedirectUri, { code }, { nonce }).then((tokenSet) => {
+            return client.callback(OPID_CLIENT_REDIRECT_URL, { code }, { nonce }).then((tokenSet) => {
                return client.userinfo(tokenSet).then((res) => {
                    return {
                        ...res,