Merge pull request #1836 from thecodingmachine/changeRegisterAccess
Change access token with query privateAccessToken in the url
This commit is contained in:
commit
3f090c61e0
@ -88,8 +88,7 @@ class ConnectionManager {
|
||||
* @return returns a promise to the Room we are going to load OR a pointer to the URL we must redirect to if authentication is needed.
|
||||
*/
|
||||
public async initGameConnexion(): Promise<Room | URL> {
|
||||
const connexionType = urlManager.getGameConnexionType();
|
||||
this.connexionType = connexionType;
|
||||
this.connexionType = urlManager.getGameConnexionType();
|
||||
this._currentRoom = null;
|
||||
|
||||
const urlParams = new URLSearchParams(window.location.search);
|
||||
@ -102,14 +101,15 @@ class ConnectionManager {
|
||||
urlParams.delete("token");
|
||||
}
|
||||
|
||||
if (connexionType === GameConnexionTypes.login) {
|
||||
if (this.connexionType === GameConnexionTypes.login) {
|
||||
this._currentRoom = await Room.createRoom(new URL(localUserStore.getLastRoomUrl()));
|
||||
const redirect = this.loadOpenIDScreen();
|
||||
if (redirect !== null) {
|
||||
return redirect;
|
||||
}
|
||||
urlManager.pushRoomIdToUrl(this._currentRoom);
|
||||
} else if (connexionType === GameConnexionTypes.jwt) {
|
||||
} else if (this.connexionType === GameConnexionTypes.jwt) {
|
||||
/** @deprecated */
|
||||
if (!token) {
|
||||
const code = urlParams.get("code");
|
||||
const state = urlParams.get("state");
|
||||
@ -135,8 +135,9 @@ class ConnectionManager {
|
||||
return redirect;
|
||||
}
|
||||
urlManager.pushRoomIdToUrl(this._currentRoom);
|
||||
} else if (connexionType === GameConnexionTypes.register) {
|
||||
//@deprecated
|
||||
}
|
||||
//@deprecated
|
||||
else if (this.connexionType === GameConnexionTypes.register) {
|
||||
const organizationMemberToken = urlManager.getOrganizationToken();
|
||||
const data = await Axios.post(`${PUSHER_URL}/register`, { organizationMemberToken }).then(
|
||||
(res) => res.data
|
||||
@ -165,11 +166,11 @@ class ConnectionManager {
|
||||
)
|
||||
);
|
||||
urlManager.pushRoomIdToUrl(this._currentRoom);
|
||||
} else if (connexionType === GameConnexionTypes.room || connexionType === GameConnexionTypes.empty) {
|
||||
} else if (this.connexionType === GameConnexionTypes.room || this.connexionType === GameConnexionTypes.empty) {
|
||||
this.authToken = localUserStore.getAuthToken();
|
||||
|
||||
let roomPath: string;
|
||||
if (connexionType === GameConnexionTypes.empty) {
|
||||
if (this.connexionType === GameConnexionTypes.empty) {
|
||||
roomPath = localUserStore.getLastRoomUrl();
|
||||
//get last room path from cache api
|
||||
try {
|
||||
|
@ -3,10 +3,10 @@ import { localUserStore } from "../Connexion/LocalUserStore";
|
||||
|
||||
export enum GameConnexionTypes {
|
||||
room = 1,
|
||||
register,
|
||||
register /*@deprecated*/,
|
||||
empty,
|
||||
unknown,
|
||||
jwt,
|
||||
jwt /*@deprecated*/,
|
||||
login,
|
||||
}
|
||||
|
||||
@ -16,11 +16,15 @@ class UrlManager {
|
||||
const url = window.location.pathname.toString();
|
||||
if (url === "/login") {
|
||||
return GameConnexionTypes.login;
|
||||
} else if (url === "/jwt") {
|
||||
}
|
||||
//@deprecated jwt url will be replace by "?token=<private access token>"
|
||||
else if (url === "/jwt") {
|
||||
return GameConnexionTypes.jwt;
|
||||
} else if (url.includes("_/") || url.includes("*/") || url.includes("@/")) {
|
||||
return GameConnexionTypes.room;
|
||||
} else if (url.includes("register/")) {
|
||||
}
|
||||
//@deprecated register url will be replace by "?token=<private access token>"
|
||||
else if (url.includes("register/")) {
|
||||
return GameConnexionTypes.register;
|
||||
} else if (url === "/") {
|
||||
return GameConnexionTypes.empty;
|
||||
@ -29,6 +33,9 @@ class UrlManager {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @deprecated
|
||||
*/
|
||||
public getOrganizationToken(): string | null {
|
||||
const match = /\/register\/(.+)/.exec(window.location.pathname.toString());
|
||||
return match ? match[1] : null;
|
||||
|
@ -320,10 +320,11 @@ export class AuthenticateController extends BaseHttpController {
|
||||
|
||||
//todo: what to do if the organizationMemberToken is already used?
|
||||
const organizationMemberToken: string | null = param.organizationMemberToken;
|
||||
const playUri: string | null = param.playUri;
|
||||
|
||||
try {
|
||||
if (typeof organizationMemberToken != "string") throw new Error("No organization token");
|
||||
const data = await adminApi.fetchMemberDataByToken(organizationMemberToken);
|
||||
const data = await adminApi.fetchMemberDataByToken(organizationMemberToken, playUri);
|
||||
const userUuid = data.userUuid;
|
||||
const email = data.email;
|
||||
const roomUrl = data.roomUrl;
|
||||
|
@ -13,14 +13,14 @@ export class OpenIdProfileController extends BaseHttpController {
|
||||
}
|
||||
try {
|
||||
const resCheckTokenAuth = await openIDClient.checkTokenAuth(accessToken as string);
|
||||
if (!resCheckTokenAuth.email) {
|
||||
if (!resCheckTokenAuth.sub) {
|
||||
throw new Error("Email was not found");
|
||||
}
|
||||
res.send(
|
||||
this.buildHtml(
|
||||
OPID_CLIENT_ISSUER,
|
||||
resCheckTokenAuth.email as string,
|
||||
resCheckTokenAuth.picture as string | undefined
|
||||
resCheckTokenAuth.sub
|
||||
/*resCheckTokenAuth.picture as string | undefined*/
|
||||
)
|
||||
);
|
||||
return;
|
||||
|
@ -61,7 +61,7 @@ class AdminApi {
|
||||
|
||||
async fetchMemberDataByUuid(
|
||||
userIdentifier: string | null,
|
||||
roomId: string,
|
||||
playUri: string,
|
||||
ipAddress: string,
|
||||
characterLayers: string[]
|
||||
): Promise<FetchMemberDataByUuidResponse> {
|
||||
@ -69,7 +69,12 @@ class AdminApi {
|
||||
return Promise.reject(new Error("No admin backoffice set!"));
|
||||
}
|
||||
const res = await Axios.get<unknown, AxiosResponse<unknown>>(ADMIN_API_URL + "/api/room/access", {
|
||||
params: { userIdentifier, roomId, ipAddress, characterLayers },
|
||||
params: {
|
||||
userIdentifier,
|
||||
playUri,
|
||||
ipAddress,
|
||||
characterLayers,
|
||||
},
|
||||
headers: { Authorization: `${ADMIN_API_TOKEN}` },
|
||||
paramsSerializer: (p) => {
|
||||
return qs.stringify(p, { arrayFormat: "brackets" });
|
||||
@ -84,12 +89,13 @@ class AdminApi {
|
||||
return res.data;
|
||||
}
|
||||
|
||||
async fetchMemberDataByToken(organizationMemberToken: string): Promise<AdminApiData> {
|
||||
async fetchMemberDataByToken(organizationMemberToken: string, playUri: string | null): Promise<AdminApiData> {
|
||||
if (!ADMIN_API_URL) {
|
||||
return Promise.reject(new Error("No admin backoffice set!"));
|
||||
}
|
||||
//todo: this call can fail if the corresponding world is not activated or if the token is invalid. Handle that case.
|
||||
const res = await Axios.get(ADMIN_API_URL + "/api/login-url/" + organizationMemberToken, {
|
||||
params: { playUri },
|
||||
headers: { Authorization: `${ADMIN_API_TOKEN}` },
|
||||
});
|
||||
if (!isAdminApiData(res.data)) {
|
||||
|
Loading…
Reference in New Issue
Block a user