Merge branch 'develop' of github.com:thecodingmachine/workadventure

pusher/src/Services/AdminApi.ts

@@ -1,4 +1,4 @@
-import { ADMIN_API_TOKEN, ADMIN_API_URL, ADMIN_URL } from "../Enum/EnvironmentVariable";
+import { ADMIN_API_TOKEN, ADMIN_API_URL, ADMIN_URL, OPID_PROFILE_SCREEN_PROVIDER } from "../Enum/EnvironmentVariable";
 import Axios from "axios";
 import { GameRoomPolicyTypes } from "_Model/PusherRoom";
 import { CharacterTexture } from "./AdminApi/CharacterTexture";
@@ -142,13 +142,19 @@ class AdminApi {
         });
     }
 
-    /*TODO add constant to use profile companny*/
+    /**
+     *
+     * @param accessToken
+     */
     getProfileUrl(accessToken: string): string {
-        if (!ADMIN_URL) {
+        if (!OPID_PROFILE_SCREEN_PROVIDER) {
             throw new Error("No admin backoffice set!");
         }
+        return `${OPID_PROFILE_SCREEN_PROVIDER}?accessToken=${accessToken}`;
+    }
 
-        return ADMIN_URL + `/profile?token=${accessToken}`;
+    async logoutOauth(token: string) {
+        await Axios.get(ADMIN_API_URL + `/oauth/logout?token=${token}`);
     }
 }
 

pusher/src/Services/JWTTokenManager.ts

@@ -1,4 +1,4 @@
-import { ADMIN_API_URL, ALLOW_ARTILLERY, SECRET_KEY } from "../Enum/EnvironmentVariable";
+import { ADMIN_API_URL, ADMIN_SOCKETS_TOKEN, ALLOW_ARTILLERY, SECRET_KEY } from "../Enum/EnvironmentVariable";
 import { uuid } from "uuidv4";
 import Jwt, { verify } from "jsonwebtoken";
 import { TokenInterface } from "../Controller/AuthenticateController";
@@ -6,14 +6,21 @@ import { adminApi, AdminBannedData } from "../Services/AdminApi";
 
 export interface AuthTokenData {
     identifier: string; //will be a sub (id) if logged in or an uuid if anonymous
-    hydraAccessToken?: string;
+    accessToken?: string;
     username?: string;
 }
+export interface AdminSocketTokenData {
+    authorizedRoomIds: string[]; //the list of rooms the client is authorized to read from.
+}
 export const tokenInvalidException = "tokenInvalid";
 
 class JWTTokenManager {
-    public createAuthToken(identifier: string, hydraAccessToken?: string, username?: string) {
-        return Jwt.sign({ identifier, hydraAccessToken, username }, SECRET_KEY, { expiresIn: "30d" });
+    public verifyAdminSocketToken(token: string): AdminSocketTokenData {
+        return Jwt.verify(token, ADMIN_SOCKETS_TOKEN) as AdminSocketTokenData;
+    }
+
+    public createAuthToken(identifier: string, accessToken?: string, username?: string) {
+        return Jwt.sign({ identifier, accessToken, username }, SECRET_KEY, { expiresIn: "30d" });
     }
 
     public verifyJWTToken(token: string, ignoreExpiration: boolean = false): AuthTokenData {

pusher/src/Services/OpenIDClient.ts

@@ -1,18 +1,21 @@
 import { Issuer, Client, IntrospectionResponse } from "openid-client";
-import { OIDC_CLIENT_ID, OIDC_CLIENT_SECRET, OIDC_CLIENT_ISSUER, FRONT_URL } from "../Enum/EnvironmentVariable";
-
-const opidRedirectUri = FRONT_URL + "/jwt";
+import {
+    OPID_CLIENT_ID,
+    OPID_CLIENT_SECRET,
+    OPID_CLIENT_ISSUER,
+    OPID_CLIENT_REDIRECT_URL,
+} from "../Enum/EnvironmentVariable";
 
 class OpenIDClient {
     private issuerPromise: Promise<Client> | null = null;
 
     private initClient(): Promise<Client> {
         if (!this.issuerPromise) {
-            this.issuerPromise = Issuer.discover(OIDC_CLIENT_ISSUER).then((issuer) => {
+            this.issuerPromise = Issuer.discover(OPID_CLIENT_ISSUER).then((issuer) => {
                 return new issuer.Client({
-                    client_id: OIDC_CLIENT_ID,
-                    client_secret: OIDC_CLIENT_SECRET,
-                    redirect_uris: [opidRedirectUri],
+                    client_id: OPID_CLIENT_ID,
+                    client_secret: OPID_CLIENT_SECRET,
+                    redirect_uris: [OPID_CLIENT_REDIRECT_URL],
                     response_types: ["code"],
                 });
             });
@@ -35,7 +38,7 @@ class OpenIDClient {
 
     public getUserInfo(code: string, nonce: string): Promise<{ email: string; sub: string; access_token: string; username: string }> {
         return this.initClient().then((client) => {
-            return client.callback(opidRedirectUri, { code }, { nonce }).then((tokenSet) => {
+            return client.callback(OPID_CLIENT_REDIRECT_URL, { code }, { nonce }).then((tokenSet) => {
                 return client.userinfo(tokenSet).then((res) => {
                     return {
                         ...res,

pusher/src/Services/SocketManager.ts

@@ -54,10 +54,10 @@ import { CharacterTexture } from "./AdminApi/CharacterTexture";
 const debug = Debug("socket");
 
 interface AdminSocketRoomsList {
-    [ index: string ]: number;
+    [index: string]: number;
 }
 interface AdminSocketUsersList {
-    [ index: string ]: boolean;
+    [index: string]: boolean;
 }
 
 export interface AdminSocketData {
@@ -635,7 +635,7 @@ export class SocketManager implements ZoneEventListener {
         if (playGlobalMessageEvent.getBroadcasttoworld()) {
             tabUrlRooms = await adminApi.getUrlRoomsFromSameWorld(clientRoomUrl);
         } else {
-            tabUrlRooms = [ clientRoomUrl ];
+            tabUrlRooms = [clientRoomUrl];
         }
 
         const roomMessage = new AdminRoomMessage();