_Bastler/partey_workadventure
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge branch 'localAdmin' into codeAPI

Browse Source
This commit is contained in:
CEC
2022-04-20 15:37:02 +02:00
parent 4076decacc 0ac6b50469
commit 5a416d265e
13 changed files with 324 additions and 126 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pusher/src/Controller/AuthenticateController.ts
+87 -7
View File
@@ -1,6 +1,6 @@
import { v4 } from "uuid";
import { BaseHttpController } from "./BaseHttpController";
import { adminApi } from "../Services/AdminApi";
import { FetchMemberDataByUuidResponse } from "../Services/AdminApi";
import { AuthTokenData, jwtTokenManager } from "../Services/JWTTokenManager";
import { parse } from "query-string";
import { openIDClient } from "../Services/OpenIDClient";
@@ -19,6 +19,7 @@ export class AuthenticateController extends BaseHttpController {
this.register();
this.anonymLogin();
this.profileCallback();
this.me();
}
openIDLogin() {
@@ -180,7 +181,7 @@ export class AuthenticateController extends BaseHttpController {
if (!code && !nonce) {
return res.json({ ...resUserData, authToken: token });
}
console.error("Token cannot to be check on OpenId provider");
console.error("Token cannot be checked on OpenId provider");
res.status(500);
res.send("User cannot to be connected on openid provider");
return;
@@ -255,7 +256,7 @@ export class AuthenticateController extends BaseHttpController {
try {
const authTokenData: AuthTokenData = jwtTokenManager.verifyJWTToken(token as string, false);
if (authTokenData.accessToken == undefined) {
throw Error("Token cannot to be logout on Hydra");
throw Error("Token cannot be logout on Hydra");
}
await openIDClient.logoutUser(authTokenData.accessToken);
} catch (error) {
@@ -320,7 +321,7 @@ export class AuthenticateController extends BaseHttpController {
(async () => {
const param = await req.json();
adminApi.setLocale(req.header("accept-language"));
adminService.locale = req.header("accept-language");
//todo: what to do if the organizationMemberToken is already used?
const organizationMemberToken: string | null = param.organizationMemberToken;
@@ -328,13 +329,15 @@ export class AuthenticateController extends BaseHttpController {
try {
if (typeof organizationMemberToken != "string") throw new Error("No organization token");
const data = await adminApi.fetchMemberDataByToken(organizationMemberToken, playUri);
const data = await adminService.fetchMemberDataByToken(organizationMemberToken, playUri);
const userUuid = data.userUuid;
const email = data.email;
const roomUrl = data.roomUrl;
const mapUrlStart = data.mapUrlStart;
const authToken = jwtTokenManager.createAuthToken(email || userUuid);
console.info(data);
res.json({
authToken,
userUuid,
@@ -414,13 +417,13 @@ export class AuthenticateController extends BaseHttpController {
try {
const authTokenData: AuthTokenData = jwtTokenManager.verifyJWTToken(token as string, false);
if (authTokenData.accessToken == undefined) {
throw Error("Token cannot to be check on Hydra");
throw Error("Token cannot be checked on OpenID connect provider");
}
await openIDClient.checkTokenAuth(authTokenData.accessToken);
//get login profile
res.status(302);
res.setHeader("Location", adminApi.getProfileUrl(authTokenData.accessToken));
res.setHeader("Location", adminService.getProfileUrl(authTokenData.accessToken));
res.send("");
return;
} catch (error) {
@@ -434,4 +437,81 @@ export class AuthenticateController extends BaseHttpController {
}
});
}
/**
* @openapi
* /me:
* get:
* description: ???
* parameters:
* - name: "token"
* in: "query"
* description: "A JWT authentication token ???"
* required: true
* type: "string"
* responses:
* 200:
* description: Data of user connected
*/
me() {
// @ts-ignore
this.app.get("/me", async (req, res): void => {
const { token } = parse(req.path_query);
try {
//verify connected by token
if (token != undefined) {
try {
const authTokenData: AuthTokenData = jwtTokenManager.verifyJWTToken(token as string, false);
if (authTokenData.accessToken == undefined) {
throw Error("Token cannot to be checked on Hydra");
}
const me = await openIDClient.checkTokenAuth(authTokenData.accessToken);
//get login profile
res.status(200);
res.json({ ...me });
return;
} catch (error) {
this.castErrorToResponse(error, res);
return;
}
}
} catch (error) {
console.error("me => ERROR", error);
this.castErrorToResponse(error, res);
return;
}
});
}
/**
*
* @param email
* @param playUri
* @param IPAddress
* @return
|object
* @private
*/
private async getUserByUserIdentifier(
email: string,
playUri: string,
IPAddress: string
): Promise<FetchMemberDataByUuidResponse | object> {
let data: FetchMemberDataByUuidResponse = {
email: email,
userUuid: email,
tags: [],
messages: [],
visitCardUrl: null,
textures: [],
userRoomToken: undefined,
};
try {
data = await adminService.fetchMemberDataByUuid(email, playUri, IPAddress, []);
} catch (err) {
console.error("openIDCallback => fetchMemberDataByUuid", err);
}
return data;
}
}
pusher/src/Controller/IoSocketController.ts
+4 -3
View File
@@ -26,7 +26,7 @@ import {
import { UserMovesMessage } from "../Messages/generated/messages_pb";
import { parse } from "query-string";
import { AdminSocketTokenData, jwtTokenManager, tokenInvalidException } from "../Services/JWTTokenManager";
import { adminApi, FetchMemberDataByUuidResponse } from "../Services/AdminApi";
import { FetchMemberDataByUuidResponse } from "../Services/AdminApi";
import { socketManager } from "../Services/SocketManager";
import { emitInBatch } from "../Services/IoSocketHelpers";
import { ADMIN_API_URL, ADMIN_SOCKETS_TOKEN, DISABLE_ANONYMOUS, SOCKET_IDLE_TIMER } from "../Enum/EnvironmentVariable";
@@ -40,6 +40,7 @@ import { localWokaService } from "../Services/LocalWokaService";
import { WebSocket } from "uWebSockets.js";
import { WokaDetail } from "../Messages/JsonMessages/PlayerTextures";
import { z } from "zod";
import { adminService } from "../Services/AdminService";
import { ErrorApiData, isErrorApiData } from "../Messages/JsonMessages/ErrorApiData";
/**
@@ -245,7 +246,7 @@ export class IoSocketController {
const websocketExtensions = req.getHeader("sec-websocket-extensions");
const IPAddress = req.getHeader("x-forwarded-for");
adminApi.setLocale(req.getHeader("accept-language"));
adminService.locale = req.getHeader("accept-language");
const roomId = query.roomId;
try {
@@ -314,7 +315,7 @@ export class IoSocketController {
if (ADMIN_API_URL) {
try {
try {
userData = await adminApi.fetchMemberDataByUuid(
userData = await adminService.fetchMemberDataByUuid(
userIdentifier,
roomId,
IPAddress,
pusher/src/Controller/MapController.ts
+6 -62
View File
@@ -1,11 +1,8 @@
import { adminApi } from "../Services/AdminApi";
import { ADMIN_API_URL, DISABLE_ANONYMOUS } from "../Enum/EnvironmentVariable";
import { GameRoomPolicyTypes } from "../Model/PusherRoom";
import { isMapDetailsData, MapDetailsData } from "../Messages/JsonMessages/MapDetailsData";
import { AuthTokenData, jwtTokenManager } from "../Services/JWTTokenManager";
import { InvalidTokenError } from "./InvalidTokenError";
import { DISABLE_ANONYMOUS } from "../Enum/EnvironmentVariable";
import { isMapDetailsData } from "../Messages/JsonMessages/MapDetailsData";
import { parse } from "query-string";
import { BaseHttpController } from "./BaseHttpController";
import { adminService } from "../Services/AdminService";
export class MapController extends BaseHttpController {
// Returns a map mapping map name to file name of the map
@@ -107,68 +104,15 @@ export class MapController extends BaseHttpController {
return;
}
adminApi.setLocale(req.header("accept-language"));
// If no admin URL is set, let's react on '/_/[instance]/[map url]' URLs
if (!ADMIN_API_URL) {
const roomUrl = new URL(query.playUri);
const match = /\/_\/[^/]+\/(.+)/.exec(roomUrl.pathname);
if (!match) {
res.status(404);
res.json({});
return;
}
const mapUrl = roomUrl.protocol + "//" + match[1];
res.json({
mapUrl,
policy_type: GameRoomPolicyTypes.ANONYMOUS_POLICY,
roomSlug: null, // Deprecated
group: null,
tags: [],
contactPage: null,
authenticationMandatory: DISABLE_ANONYMOUS,
} as MapDetailsData);
return;
}
adminService.locale = req.header("accept-language");
(async () => {
try {
let userId: string | undefined = undefined;
if (query.authToken != undefined) {
let authTokenData: AuthTokenData;
try {
authTokenData = jwtTokenManager.verifyJWTToken(query.authToken as string);
userId = authTokenData.identifier;
} catch (e) {
try {
// Decode token, in this case we don't need to create new token.
authTokenData = jwtTokenManager.verifyJWTToken(query.authToken as string, true);
userId = authTokenData.identifier;
console.info("JWT expire, but decoded", userId);
} catch (e) {
if (e instanceof InvalidTokenError) {
// The token was not good, redirect user on login page
res.status(401);
res.send("Token decrypted error");
return;
} else {
this.castErrorToResponse(e, res);
return;
}
}
}
}
const mapDetails = isMapDetailsData.parse(
await adminApi.fetchMapDetails(query.playUri as string, userId)
await adminService.fetchMapDetails(query.playUri as string, query.authToken as string)
);
if (DISABLE_ANONYMOUS) {
mapDetails.authenticationMandatory = true;
}
if (DISABLE_ANONYMOUS) mapDetails.authenticationMandatory = true;
res.json(mapDetails);
return;