_Bastler/partey_workadventure
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #1836 from thecodingmachine/changeRegisterAccess

Browse Source 
Change access token with query privateAccessToken in the url
This commit is contained in:
David Négrier 2022-03-29 14:40:14 +02:00 committed by GitHub
commit 3f090c61e0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 34 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
front/src/Connexion/ConnectionManager.ts
View File

@ -88,8 +88,7 @@ class ConnectionManager {
* @return returns a promise to the Room we are going to load OR a pointer to the URL we must redirect to if authentication is needed. * @return returns a promise to the Room we are going to load OR a pointer to the URL we must redirect to if authentication is needed.
*/ */
public async initGameConnexion(): Promise<Room | URL> { public async initGameConnexion(): Promise<Room | URL> {
const connexionType = urlManager.getGameConnexionType(); this.connexionType = urlManager.getGameConnexionType();
this.connexionType = connexionType;
this._currentRoom = null; this._currentRoom = null;
const urlParams = new URLSearchParams(window.location.search); const urlParams = new URLSearchParams(window.location.search);
@ -102,14 +101,15 @@ class ConnectionManager {
urlParams.delete("token"); urlParams.delete("token");
} }
if (connexionType === GameConnexionTypes.login) { if (this.connexionType === GameConnexionTypes.login) {
this._currentRoom = await Room.createRoom(new URL(localUserStore.getLastRoomUrl())); this._currentRoom = await Room.createRoom(new URL(localUserStore.getLastRoomUrl()));
const redirect = this.loadOpenIDScreen(); const redirect = this.loadOpenIDScreen();
if (redirect !== null) { if (redirect !== null) {
return redirect; return redirect;
} }
urlManager.pushRoomIdToUrl(this._currentRoom); urlManager.pushRoomIdToUrl(this._currentRoom);
} else if (connexionType === GameConnexionTypes.jwt) { } else if (this.connexionType === GameConnexionTypes.jwt) {
/** @deprecated */
if (!token) { if (!token) {
const code = urlParams.get("code"); const code = urlParams.get("code");
const state = urlParams.get("state"); const state = urlParams.get("state");
@ -135,8 +135,9 @@ class ConnectionManager {
return redirect; return redirect;
} }
urlManager.pushRoomIdToUrl(this._currentRoom); urlManager.pushRoomIdToUrl(this._currentRoom);
} else if (connexionType === GameConnexionTypes.register) { }
//@deprecated //@deprecated
else if (this.connexionType === GameConnexionTypes.register) {
const organizationMemberToken = urlManager.getOrganizationToken(); const organizationMemberToken = urlManager.getOrganizationToken();
const data = await Axios.post(`${PUSHER_URL}/register`, { organizationMemberToken }).then( const data = await Axios.post(`${PUSHER_URL}/register`, { organizationMemberToken }).then(
(res) => res.data (res) => res.data
@ -165,11 +166,11 @@ class ConnectionManager {
) )
); );
urlManager.pushRoomIdToUrl(this._currentRoom); urlManager.pushRoomIdToUrl(this._currentRoom);
} else if (connexionType === GameConnexionTypes.room || connexionType === GameConnexionTypes.empty) { } else if (this.connexionType === GameConnexionTypes.room || this.connexionType === GameConnexionTypes.empty) {
this.authToken = localUserStore.getAuthToken(); this.authToken = localUserStore.getAuthToken();
let roomPath: string; let roomPath: string;
if (connexionType === GameConnexionTypes.empty) { if (this.connexionType === GameConnexionTypes.empty) {
roomPath = localUserStore.getLastRoomUrl(); roomPath = localUserStore.getLastRoomUrl();
//get last room path from cache api //get last room path from cache api
try { try {

15
front/src/Url/UrlManager.ts
View File

@ -3,10 +3,10 @@ import { localUserStore } from "../Connexion/LocalUserStore";
export enum GameConnexionTypes { export enum GameConnexionTypes {
room = 1, room = 1,
register, register /*@deprecated*/,
empty, empty,
unknown, unknown,
jwt, jwt /*@deprecated*/,
login, login,
} }
@ -16,11 +16,15 @@ class UrlManager {
const url = window.location.pathname.toString(); const url = window.location.pathname.toString();
if (url === "/login") { if (url === "/login") {
return GameConnexionTypes.login; return GameConnexionTypes.login;
} else if (url === "/jwt") { }
//@deprecated jwt url will be replace by "?token=<private access token>"
else if (url === "/jwt") {
return GameConnexionTypes.jwt; return GameConnexionTypes.jwt;
} else if (url.includes("_/") || url.includes("*/") || url.includes("@/")) { } else if (url.includes("_/") || url.includes("*/") || url.includes("@/")) {
return GameConnexionTypes.room; return GameConnexionTypes.room;
} else if (url.includes("register/")) { }
//@deprecated register url will be replace by "?token=<private access token>"
else if (url.includes("register/")) {
return GameConnexionTypes.register; return GameConnexionTypes.register;
} else if (url === "/") { } else if (url === "/") {
return GameConnexionTypes.empty; return GameConnexionTypes.empty;
@ -29,6 +33,9 @@ class UrlManager {
} }
} }
/**
* @deprecated
*/
public getOrganizationToken(): string | null { public getOrganizationToken(): string | null {
const match = /\/register\/(.+)/.exec(window.location.pathname.toString()); const match = /\/register\/(.+)/.exec(window.location.pathname.toString());
return match ? match[1] : null; return match ? match[1] : null;

3
pusher/src/Controller/AuthenticateController.ts
View File

@ -320,10 +320,11 @@ export class AuthenticateController extends BaseHttpController {
//todo: what to do if the organizationMemberToken is already used? //todo: what to do if the organizationMemberToken is already used?
const organizationMemberToken: string | null = param.organizationMemberToken; const organizationMemberToken: string | null = param.organizationMemberToken;
const playUri: string | null = param.playUri;
try { try {
if (typeof organizationMemberToken != "string") throw new Error("No organization token"); if (typeof organizationMemberToken != "string") throw new Error("No organization token");
const data = await adminApi.fetchMemberDataByToken(organizationMemberToken); const data = await adminApi.fetchMemberDataByToken(organizationMemberToken, playUri);
const userUuid = data.userUuid; const userUuid = data.userUuid;
const email = data.email; const email = data.email;
const roomUrl = data.roomUrl; const roomUrl = data.roomUrl;

6
pusher/src/Controller/OpenIdProfileController.ts
View File

@ -13,14 +13,14 @@ export class OpenIdProfileController extends BaseHttpController {
} }
try { try {
const resCheckTokenAuth = await openIDClient.checkTokenAuth(accessToken as string); const resCheckTokenAuth = await openIDClient.checkTokenAuth(accessToken as string);
if (!resCheckTokenAuth.email) { if (!resCheckTokenAuth.sub) {
throw new Error("Email was not found"); throw new Error("Email was not found");
} }
res.send( res.send(
this.buildHtml( this.buildHtml(
OPID_CLIENT_ISSUER, OPID_CLIENT_ISSUER,
resCheckTokenAuth.email as string, resCheckTokenAuth.sub
resCheckTokenAuth.picture as string | undefined /*resCheckTokenAuth.picture as string | undefined*/
) )
); );
return; return;

12
pusher/src/Services/AdminApi.ts
View File

@ -61,7 +61,7 @@ class AdminApi {
async fetchMemberDataByUuid( async fetchMemberDataByUuid(
userIdentifier: string | null, userIdentifier: string | null,
roomId: string, playUri: string,
ipAddress: string, ipAddress: string,
characterLayers: string[] characterLayers: string[]
): Promise<FetchMemberDataByUuidResponse> { ): Promise<FetchMemberDataByUuidResponse> {
@ -69,7 +69,12 @@ class AdminApi {
return Promise.reject(new Error("No admin backoffice set!")); return Promise.reject(new Error("No admin backoffice set!"));
} }
const res = await Axios.get<unknown, AxiosResponse<unknown>>(ADMIN_API_URL + "/api/room/access", { const res = await Axios.get<unknown, AxiosResponse<unknown>>(ADMIN_API_URL + "/api/room/access", {
params: { userIdentifier, roomId, ipAddress, characterLayers }, params: {
userIdentifier,
playUri,
ipAddress,
characterLayers,
},
headers: { Authorization: `${ADMIN_API_TOKEN}` }, headers: { Authorization: `${ADMIN_API_TOKEN}` },
paramsSerializer: (p) => { paramsSerializer: (p) => {
return qs.stringify(p, { arrayFormat: "brackets" }); return qs.stringify(p, { arrayFormat: "brackets" });
@ -84,12 +89,13 @@ class AdminApi {
return res.data; return res.data;
} }
async fetchMemberDataByToken(organizationMemberToken: string): Promise<AdminApiData> { async fetchMemberDataByToken(organizationMemberToken: string, playUri: string | null): Promise<AdminApiData> {
if (!ADMIN_API_URL) { if (!ADMIN_API_URL) {
return Promise.reject(new Error("No admin backoffice set!")); return Promise.reject(new Error("No admin backoffice set!"));
} }
//todo: this call can fail if the corresponding world is not activated or if the token is invalid. Handle that case. //todo: this call can fail if the corresponding world is not activated or if the token is invalid. Handle that case.
const res = await Axios.get(ADMIN_API_URL + "/api/login-url/" + organizationMemberToken, { const res = await Axios.get(ADMIN_API_URL + "/api/login-url/" + organizationMemberToken, {
params: { playUri },
headers: { Authorization: `${ADMIN_API_TOKEN}` }, headers: { Authorization: `${ADMIN_API_TOKEN}` },
}); });
if (!isAdminApiData(res.data)) { if (!isAdminApiData(res.data)) {