From 876ddc87d22d9f716eefded374e872b8183f265c Mon Sep 17 00:00:00 2001 From: Gregoire Parant Date: Mon, 7 Feb 2022 19:26:34 +0100 Subject: [PATCH 1/8] =?UTF-8?q?Change=20acc=C3=A8s=20token=20with=20query?= =?UTF-8?q?=20privateAccessToken=20in=20the=20url?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Gregoire Parant --- front/src/Connexion/ConnectionManager.ts | 40 ++++++++++++++++++++++-- front/src/Url/UrlManager.ts | 23 ++++++++++++-- 2 files changed, 58 insertions(+), 5 deletions(-) diff --git a/front/src/Connexion/ConnectionManager.ts b/front/src/Connexion/ConnectionManager.ts index 05d0255d..6f1984ae 100644 --- a/front/src/Connexion/ConnectionManager.ts +++ b/front/src/Connexion/ConnectionManager.ts @@ -2,7 +2,7 @@ import Axios from "axios"; import { PUSHER_URL } from "../Enum/EnvironmentVariable"; import { RoomConnection } from "./RoomConnection"; import type { OnConnectInterface, PositionInterface, ViewportInterface } from "./ConnexionModels"; -import { GameConnexionTypes, urlManager } from "../Url/UrlManager"; +import { GameConnexionTypes, queryPrivateAccessToken, urlManager } from "../Url/UrlManager"; import { localUserStore } from "./LocalUserStore"; import { CharacterTexture, LocalUser } from "./LocalUser"; import { Room } from "./Room"; @@ -124,8 +124,42 @@ class ConnectionManager { return Promise.reject(new Error("You will be redirect on login page")); } urlManager.pushRoomIdToUrl(this._currentRoom); - } else if (connexionType === GameConnexionTypes.register) { - //@deprecated + } else if (connexionType === GameConnexionTypes.privateAccessToken) { + const organizationMemberToken = urlManager.getPrivateAccessToken; + + //clear queryPrivateAccessToken query in window location + urlParams.delete(queryPrivateAccessToken); + + const data = await Axios.post(`${PUSHER_URL}/register`, { organizationMemberToken }).then( + (res) => res.data + ); + if (!isRegisterData(data)) { + console.error("Invalid data received from /register route. Data: ", data); + throw new Error("Invalid data received from /register route."); + } + this.localUser = new LocalUser(data.userUuid, data.textures, data.email); + this.authToken = data.authToken; + localUserStore.saveUser(this.localUser); + localUserStore.setAuthToken(this.authToken); + analyticsClient.loggedWithToken(); + + const roomUrl = data.roomUrl; + + const query = urlParams.toString(); + this._currentRoom = await Room.createRoom( + new URL( + window.location.protocol + + "//" + + window.location.host + + roomUrl + + (query ? "?" + query : "") + //use urlParams because the token param must be deleted + window.location.hash + ) + ); + urlManager.pushRoomIdToUrl(this._currentRoom); + } + //@deprecated + else if (connexionType === GameConnexionTypes.register) { const organizationMemberToken = urlManager.getOrganizationToken(); const data = await Axios.post(`${PUSHER_URL}/register`, { organizationMemberToken }).then( (res) => res.data diff --git a/front/src/Url/UrlManager.ts b/front/src/Url/UrlManager.ts index cb0e1ed0..b8a967c6 100644 --- a/front/src/Url/UrlManager.ts +++ b/front/src/Url/UrlManager.ts @@ -3,13 +3,16 @@ import { localUserStore } from "../Connexion/LocalUserStore"; export enum GameConnexionTypes { room = 1, - register, + register /*@deprecated*/, empty, unknown, jwt, login, + privateAccessToken, } +export const queryPrivateAccessToken = "privateAccessToken"; + //this class is responsible with analysing and editing the game's url class UrlManager { public getGameConnexionType(): GameConnexionTypes { @@ -19,8 +22,13 @@ class UrlManager { } else if (url === "/jwt") { return GameConnexionTypes.jwt; } else if (url.includes("_/") || url.includes("*/") || url.includes("@/")) { + if (window.location.search.includes(queryPrivateAccessToken)) { + return GameConnexionTypes.privateAccessToken; + } return GameConnexionTypes.room; - } else if (url.includes("register/")) { + } + //@deprecated register url will be replace by "?privateAccessToken=" + else if (url.includes("register/")) { return GameConnexionTypes.register; } else if (url === "/") { return GameConnexionTypes.empty; @@ -29,6 +37,17 @@ class UrlManager { } } + /** + * @return string + */ + get getPrivateAccessToken(): string | null { + const urlParams = new URLSearchParams(window.location.search.toString()); + return urlParams.get(queryPrivateAccessToken); + } + + /** + * @deprecated + */ public getOrganizationToken(): string | null { const match = /\/register\/(.+)/.exec(window.location.pathname.toString()); return match ? match[1] : null; From 64ba7575a09d874b6d53edc523b1a8c99c6c0c79 Mon Sep 17 00:00:00 2001 From: Gregoire Parant Date: Tue, 8 Feb 2022 18:47:11 +0100 Subject: [PATCH 2/8] Add play uri param Signed-off-by: Gregoire Parant --- front/src/Connexion/ConnectionManager.ts | 9 ++++++--- pusher/src/Controller/AuthenticateController.ts | 3 ++- pusher/src/Services/AdminApi.ts | 12 +++++++++--- 3 files changed, 17 insertions(+), 7 deletions(-) diff --git a/front/src/Connexion/ConnectionManager.ts b/front/src/Connexion/ConnectionManager.ts index 6f1984ae..344f9152 100644 --- a/front/src/Connexion/ConnectionManager.ts +++ b/front/src/Connexion/ConnectionManager.ts @@ -130,9 +130,12 @@ class ConnectionManager { //clear queryPrivateAccessToken query in window location urlParams.delete(queryPrivateAccessToken); - const data = await Axios.post(`${PUSHER_URL}/register`, { organizationMemberToken }).then( - (res) => res.data - ); + //create play uri parameter + const playUri = window.location.protocol + "//" + window.location.host; + const data = await Axios.post(`${PUSHER_URL}/register`, { + organizationMemberToken, + playUri, + }).then((res) => res.data); if (!isRegisterData(data)) { console.error("Invalid data received from /register route. Data: ", data); throw new Error("Invalid data received from /register route."); diff --git a/pusher/src/Controller/AuthenticateController.ts b/pusher/src/Controller/AuthenticateController.ts index fe80eafa..046de8fe 100644 --- a/pusher/src/Controller/AuthenticateController.ts +++ b/pusher/src/Controller/AuthenticateController.ts @@ -170,10 +170,11 @@ export class AuthenticateController extends BaseController { //todo: what to do if the organizationMemberToken is already used? const organizationMemberToken: string | null = param.organizationMemberToken; + const playUri: string | null = param.playUri; try { if (typeof organizationMemberToken != "string") throw new Error("No organization token"); - const data = await adminApi.fetchMemberDataByToken(organizationMemberToken); + const data = await adminApi.fetchMemberDataByToken(organizationMemberToken, playUri); const userUuid = data.userUuid; const email = data.email; const roomUrl = data.roomUrl; diff --git a/pusher/src/Services/AdminApi.ts b/pusher/src/Services/AdminApi.ts index c72a6ba8..6fe1d258 100644 --- a/pusher/src/Services/AdminApi.ts +++ b/pusher/src/Services/AdminApi.ts @@ -47,25 +47,31 @@ class AdminApi { async fetchMemberDataByUuid( userIdentifier: string | null, - roomId: string, + playUri: string, ipAddress: string ): Promise { if (!ADMIN_API_URL) { return Promise.reject(new Error("No admin backoffice set!")); } const res = await Axios.get(ADMIN_API_URL + "/api/room/access", { - params: { userIdentifier, roomId, ipAddress }, + params: { + userIdentifier, + roomId: playUri /* @deprecated */, + playUri, + ipAddress, + }, headers: { Authorization: `${ADMIN_API_TOKEN}` }, }); return res.data; } - async fetchMemberDataByToken(organizationMemberToken: string): Promise { + async fetchMemberDataByToken(organizationMemberToken: string, playUri: string | null): Promise { if (!ADMIN_API_URL) { return Promise.reject(new Error("No admin backoffice set!")); } //todo: this call can fail if the corresponding world is not activated or if the token is invalid. Handle that case. const res = await Axios.get(ADMIN_API_URL + "/api/login-url/" + organizationMemberToken, { + params: { playUri }, headers: { Authorization: `${ADMIN_API_TOKEN}` }, }); if (!isAdminApiData(res.data)) { From cfbf9dca232fe91543a7f1bf307aad1667cfe668 Mon Sep 17 00:00:00 2001 From: Gregoire Parant Date: Tue, 8 Feb 2022 20:31:08 +0100 Subject: [PATCH 3/8] PlayUri parameter Signed-off-by: Gregoire Parant --- front/src/Connexion/ConnectionManager.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/front/src/Connexion/ConnectionManager.ts b/front/src/Connexion/ConnectionManager.ts index 344f9152..b5a25fbb 100644 --- a/front/src/Connexion/ConnectionManager.ts +++ b/front/src/Connexion/ConnectionManager.ts @@ -131,7 +131,7 @@ class ConnectionManager { urlParams.delete(queryPrivateAccessToken); //create play uri parameter - const playUri = window.location.protocol + "//" + window.location.host; + const playUri = window.location.protocol + "//" + window.location.host + window.location.pathname; const data = await Axios.post(`${PUSHER_URL}/register`, { organizationMemberToken, playUri, From 0e7a52aa58d009fd30d455fc0f4ee5e9e9c9269c Mon Sep 17 00:00:00 2001 From: Gregoire Parant Date: Thu, 17 Mar 2022 10:38:52 +0100 Subject: [PATCH 4/8] update with dan suggest Signed-off-by: Gregoire Parant --- front/src/Connexion/ConnectionManager.ts | 2 +- front/src/Url/UrlManager.ts | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/front/src/Connexion/ConnectionManager.ts b/front/src/Connexion/ConnectionManager.ts index 422f6546..c8c67b77 100644 --- a/front/src/Connexion/ConnectionManager.ts +++ b/front/src/Connexion/ConnectionManager.ts @@ -129,7 +129,7 @@ class ConnectionManager { } urlManager.pushRoomIdToUrl(this._currentRoom); } else if (connexionType === GameConnexionTypes.privateAccessToken) { - const organizationMemberToken = urlManager.getPrivateAccessToken; + const organizationMemberToken = urlManager.privateAccessToken; //clear queryPrivateAccessToken query in window location urlParams.delete(queryPrivateAccessToken); diff --git a/front/src/Url/UrlManager.ts b/front/src/Url/UrlManager.ts index f1283f70..5ab6ba21 100644 --- a/front/src/Url/UrlManager.ts +++ b/front/src/Url/UrlManager.ts @@ -40,7 +40,7 @@ class UrlManager { /** * @return string */ - get getPrivateAccessToken(): string | null { + get privateAccessToken(): string | null { const urlParams = new URLSearchParams(window.location.search.toString()); return urlParams.get(queryPrivateAccessToken); } From 56fb73c6822e5c9dd4150e23fd3641a2e39091b3 Mon Sep 17 00:00:00 2001 From: Gregoire Parant Date: Thu, 17 Mar 2022 10:53:56 +0100 Subject: [PATCH 5/8] Change roomId by playUri Signed-off-by: Gregoire Parant --- front/src/Connexion/ConnectionManager.ts | 2 +- pusher/src/Services/AdminApi.ts | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/front/src/Connexion/ConnectionManager.ts b/front/src/Connexion/ConnectionManager.ts index c8c67b77..d2b8275e 100644 --- a/front/src/Connexion/ConnectionManager.ts +++ b/front/src/Connexion/ConnectionManager.ts @@ -144,7 +144,7 @@ class ConnectionManager { console.error("Invalid data received from /register route. Data: ", data); throw new Error("Invalid data received from /register route."); } - this.localUser = new LocalUser(data.userUuid, data.textures, data.email); + this.localUser = new LocalUser(data.userUuid, data.email); this.authToken = data.authToken; localUserStore.saveUser(this.localUser); localUserStore.setAuthToken(this.authToken); diff --git a/pusher/src/Services/AdminApi.ts b/pusher/src/Services/AdminApi.ts index 62d582ff..33c8ad93 100644 --- a/pusher/src/Services/AdminApi.ts +++ b/pusher/src/Services/AdminApi.ts @@ -65,7 +65,7 @@ class AdminApi { const res = await Axios.get>(ADMIN_API_URL + "/api/room/access", { params: { userIdentifier, - roomId: playUri, + playUri, ipAddress, characterLayers, }, From 29a0b9c5ae7d8ca4085bbedcbf14d9ca7e634135 Mon Sep 17 00:00:00 2001 From: Gregoire Parant Date: Sat, 19 Mar 2022 07:11:15 +0100 Subject: [PATCH 6/8] Refactor access by token Signed-off-by: Gregoire Parant --- front/src/Connexion/ConnectionManager.ts | 38 +----------------------- front/src/Url/UrlManager.ts | 22 ++++---------- 2 files changed, 6 insertions(+), 54 deletions(-) diff --git a/front/src/Connexion/ConnectionManager.ts b/front/src/Connexion/ConnectionManager.ts index d2b8275e..643ab57d 100644 --- a/front/src/Connexion/ConnectionManager.ts +++ b/front/src/Connexion/ConnectionManager.ts @@ -2,7 +2,7 @@ import Axios from "axios"; import { PUSHER_URL } from "../Enum/EnvironmentVariable"; import { RoomConnection } from "./RoomConnection"; import type { OnConnectInterface, PositionInterface, ViewportInterface } from "./ConnexionModels"; -import { GameConnexionTypes, queryPrivateAccessToken, urlManager } from "../Url/UrlManager"; +import { GameConnexionTypes, urlManager } from "../Url/UrlManager"; import { localUserStore } from "./LocalUserStore"; import { CharacterTexture, LocalUser } from "./LocalUser"; import { Room } from "./Room"; @@ -128,42 +128,6 @@ class ConnectionManager { return Promise.reject(new Error("You will be redirect on login page")); } urlManager.pushRoomIdToUrl(this._currentRoom); - } else if (connexionType === GameConnexionTypes.privateAccessToken) { - const organizationMemberToken = urlManager.privateAccessToken; - - //clear queryPrivateAccessToken query in window location - urlParams.delete(queryPrivateAccessToken); - - //create play uri parameter - const playUri = window.location.protocol + "//" + window.location.host + window.location.pathname; - const data = await Axios.post(`${PUSHER_URL}/register`, { - organizationMemberToken, - playUri, - }).then((res) => res.data); - if (!isRegisterData(data)) { - console.error("Invalid data received from /register route. Data: ", data); - throw new Error("Invalid data received from /register route."); - } - this.localUser = new LocalUser(data.userUuid, data.email); - this.authToken = data.authToken; - localUserStore.saveUser(this.localUser); - localUserStore.setAuthToken(this.authToken); - analyticsClient.loggedWithToken(); - - const roomUrl = data.roomUrl; - - const query = urlParams.toString(); - this._currentRoom = await Room.createRoom( - new URL( - window.location.protocol + - "//" + - window.location.host + - roomUrl + - (query ? "?" + query : "") + //use urlParams because the token param must be deleted - window.location.hash - ) - ); - urlManager.pushRoomIdToUrl(this._currentRoom); } //@deprecated else if (connexionType === GameConnexionTypes.register) { diff --git a/front/src/Url/UrlManager.ts b/front/src/Url/UrlManager.ts index 5ab6ba21..a7abbadd 100644 --- a/front/src/Url/UrlManager.ts +++ b/front/src/Url/UrlManager.ts @@ -6,28 +6,24 @@ export enum GameConnexionTypes { register /*@deprecated*/, empty, unknown, - jwt, + jwt /*@deprecated*/, login, - privateAccessToken, } -export const queryPrivateAccessToken = "privateAccessToken"; - //this class is responsible with analysing and editing the game's url class UrlManager { public getGameConnexionType(): GameConnexionTypes { const url = window.location.pathname.toString(); if (url === "/login") { return GameConnexionTypes.login; - } else if (url === "/jwt") { + } + //@deprecated jwt url will be replace by "?token=" + else if (url === "/jwt") { return GameConnexionTypes.jwt; } else if (url.includes("_/") || url.includes("*/") || url.includes("@/")) { - if (window.location.search.includes(queryPrivateAccessToken)) { - return GameConnexionTypes.privateAccessToken; - } return GameConnexionTypes.room; } - //@deprecated register url will be replace by "?privateAccessToken=" + //@deprecated register url will be replace by "?token=" else if (url.includes("register/")) { return GameConnexionTypes.register; } else if (url === "/") { @@ -37,14 +33,6 @@ class UrlManager { } } - /** - * @return string - */ - get privateAccessToken(): string | null { - const urlParams = new URLSearchParams(window.location.search.toString()); - return urlParams.get(queryPrivateAccessToken); - } - /** * @deprecated */ From e618dc6c3d99079fb205688f21a026da6a3b733b Mon Sep 17 00:00:00 2001 From: Gregoire Parant Date: Sun, 20 Mar 2022 14:33:25 +0100 Subject: [PATCH 7/8] Refactor connexion manager Signed-off-by: Gregoire Parant --- front/src/Connexion/ConnectionManager.ts | 14 +++++++------- pusher/src/Controller/OpenIdProfileController.ts | 6 +++--- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/front/src/Connexion/ConnectionManager.ts b/front/src/Connexion/ConnectionManager.ts index 643ab57d..38be8737 100644 --- a/front/src/Connexion/ConnectionManager.ts +++ b/front/src/Connexion/ConnectionManager.ts @@ -85,8 +85,7 @@ class ConnectionManager { * Tries to login to the node server and return the starting map url to be loaded */ public async initGameConnexion(): Promise { - const connexionType = urlManager.getGameConnexionType(); - this.connexionType = connexionType; + this.connexionType = urlManager.getGameConnexionType(); this._currentRoom = null; const urlParams = new URLSearchParams(window.location.search); @@ -99,13 +98,14 @@ class ConnectionManager { urlParams.delete("token"); } - if (connexionType === GameConnexionTypes.login) { + if (this.connexionType === GameConnexionTypes.login) { this._currentRoom = await Room.createRoom(new URL(localUserStore.getLastRoomUrl())); if (this.loadOpenIDScreen() !== null) { return Promise.reject(new Error("You will be redirect on login page")); } urlManager.pushRoomIdToUrl(this._currentRoom); - } else if (connexionType === GameConnexionTypes.jwt) { + } else if (this.connexionType === GameConnexionTypes.jwt) { + /** @deprecated */ if (!token) { const code = urlParams.get("code"); const state = urlParams.get("state"); @@ -130,7 +130,7 @@ class ConnectionManager { urlManager.pushRoomIdToUrl(this._currentRoom); } //@deprecated - else if (connexionType === GameConnexionTypes.register) { + else if (this.connexionType === GameConnexionTypes.register) { const organizationMemberToken = urlManager.getOrganizationToken(); const data = await Axios.post(`${PUSHER_URL}/register`, { organizationMemberToken }).then( (res) => res.data @@ -159,11 +159,11 @@ class ConnectionManager { ) ); urlManager.pushRoomIdToUrl(this._currentRoom); - } else if (connexionType === GameConnexionTypes.room || connexionType === GameConnexionTypes.empty) { + } else if (this.connexionType === GameConnexionTypes.room || this.connexionType === GameConnexionTypes.empty) { this.authToken = localUserStore.getAuthToken(); let roomPath: string; - if (connexionType === GameConnexionTypes.empty) { + if (this.connexionType === GameConnexionTypes.empty) { roomPath = localUserStore.getLastRoomUrl(); //get last room path from cache api try { diff --git a/pusher/src/Controller/OpenIdProfileController.ts b/pusher/src/Controller/OpenIdProfileController.ts index 3ff4c948..e0b77268 100644 --- a/pusher/src/Controller/OpenIdProfileController.ts +++ b/pusher/src/Controller/OpenIdProfileController.ts @@ -13,14 +13,14 @@ export class OpenIdProfileController extends BaseHttpController { } try { const resCheckTokenAuth = await openIDClient.checkTokenAuth(accessToken as string); - if (!resCheckTokenAuth.email) { + if (!resCheckTokenAuth.sub) { throw new Error("Email was not found"); } res.send( this.buildHtml( OPID_CLIENT_ISSUER, - resCheckTokenAuth.email as string, - resCheckTokenAuth.picture as string | undefined + resCheckTokenAuth.sub as string + /*resCheckTokenAuth.picture as string | undefined*/ ) ); return; From c1222c1c571d3a10ac62c873002c825c9cf42517 Mon Sep 17 00:00:00 2001 From: Gregoire Parant Date: Tue, 29 Mar 2022 13:45:31 +0200 Subject: [PATCH 8/8] Fix run pretty Signed-off-by: Gregoire Parant --- front/src/Connexion/ConnectionManager.ts | 2 +- pusher/src/Controller/OpenIdProfileController.ts | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/front/src/Connexion/ConnectionManager.ts b/front/src/Connexion/ConnectionManager.ts index c36f6fa8..c0c9597c 100644 --- a/front/src/Connexion/ConnectionManager.ts +++ b/front/src/Connexion/ConnectionManager.ts @@ -109,7 +109,7 @@ class ConnectionManager { } urlManager.pushRoomIdToUrl(this._currentRoom); } else if (this.connexionType === GameConnexionTypes.jwt) { - /** @deprecated */ + /** @deprecated */ if (!token) { const code = urlParams.get("code"); const state = urlParams.get("state"); diff --git a/pusher/src/Controller/OpenIdProfileController.ts b/pusher/src/Controller/OpenIdProfileController.ts index e0b77268..589c9d54 100644 --- a/pusher/src/Controller/OpenIdProfileController.ts +++ b/pusher/src/Controller/OpenIdProfileController.ts @@ -19,7 +19,7 @@ export class OpenIdProfileController extends BaseHttpController { res.send( this.buildHtml( OPID_CLIENT_ISSUER, - resCheckTokenAuth.sub as string + resCheckTokenAuth.sub /*resCheckTokenAuth.picture as string | undefined*/ ) );