Skip to content

Commit

Permalink
N21-1269 depseudonymization with CTL (#3307)
Browse files Browse the repository at this point in the history
* add v3 call for depseudonymisation behind a feature flag
* N21-1269 changes username logic for v3 call
---------
Co-authored-by: Arne Gnisa <arne.gnisa@capgemini.com>
  • Loading branch information
IgorCapCoder authored Sep 22, 2023
1 parent a232808 commit 763396a
Showing 1 changed file with 63 additions and 32 deletions.
95 changes: 63 additions & 32 deletions controllers/oauth2.js
Original file line number Diff line number Diff line change
Expand Up @@ -18,13 +18,15 @@ const getVersion = () => {
const VERSION = getVersion();

router.get('/login', csrfProtection, (req, res, next) => api(req, { version: VERSION })
.get(`/oauth2/loginRequest/${req.query.login_challenge}`).then((loginRequest) => {
.get(`/oauth2/loginRequest/${req.query.login_challenge}`)
.then((loginRequest) => {
req.session.login_challenge = req.query.login_challenge;
if (loginRequest.skip) {
return res.redirect('/oauth2/login/success');
}
return res.redirect(Configuration.get('NOT_AUTHENTICATED_REDIRECT_URL'));
}).catch(next));
})
.catch(next));

router.get('/login/success', csrfProtection, auth.authChecker, (req, res, next) => {
if (!req.session.login_challenge) res.redirect('/dashboard/');
Expand All @@ -38,23 +40,28 @@ router.get('/login/success', csrfProtection, auth.authChecker, (req, res, next)
.patch(
`/oauth2/loginRequest/${req.session.login_challenge}/?accept=1`,
{ body },
).then((loginRequest) => {
)
.then((loginRequest) => {
delete (req.session.login_challenge);
return res.redirect(loginRequest.redirect_to);
}).catch(next);
})
.catch(next);
});

router.all('/logout', csrfProtection, auth.authChecker, (req) => {
api(req, { version: VERSION }).get('/oauth2/logoutRequest');
api(req, { version: VERSION })
.get('/oauth2/logoutRequest');
});

router.all('/logout/redirect', csrfProtection, auth.authChecker, (req, res, next) => {
const body = {
redirect_to: '',
};

return api(req, { version: VERSION }).patch(`/oauth2/logoutRequest/${req.query.logout_challenge}`, { body })
.then((logoutRequest) => res.redirect(logoutRequest.redirect_to)).catch(next);
return api(req, { version: VERSION })
.patch(`/oauth2/logoutRequest/${req.query.logout_challenge}`, { body })
.then((logoutRequest) => res.redirect(logoutRequest.redirect_to))
.catch(next);
});

const acceptConsent = (r, w, challenge, grantScopes, remember = false) => {
Expand All @@ -64,7 +71,8 @@ const acceptConsent = (r, w, challenge, grantScopes, remember = false) => {
remember_for: 60 * 60 * 24 * 30,
};

return api(r, { version: VERSION }).patch(`/oauth2/consentRequest/${challenge}/?accept=1`, { body })
return api(r, { version: VERSION })
.patch(`/oauth2/consentRequest/${challenge}/?accept=1`, { body })
.then((consentRequest) => w.redirect(consentRequest.redirect_to));
};

Expand All @@ -87,7 +95,8 @@ router.get('/consent', csrfProtection, auth.authChecker, (req, res, next) => {
// An error occurred (at hydra)
return res.send(`${req.query.error}<br />${req.query.error_description}`);
}
return api(req, { version: VERSION }).get(`/oauth2/consentRequest/${req.query.consent_challenge}`)
return api(req, { version: VERSION })
.get(`/oauth2/consentRequest/${req.query.consent_challenge}`)
.then(async (consentRequest) => {
let skipConsent = consentRequest.context?.skipConsent;

Expand All @@ -101,7 +110,8 @@ router.get('/consent', csrfProtection, auth.authChecker, (req, res, next) => {
({ skipConsent } = tools.data[0]);
} else {
throw new Error(
`Unable to find a singular LtiTool with client_id ${consentRequest.client.client_id} for consent request`,
`Unable to find a singular LtiTool with client_id
${consentRequest.client.client_id} for consent request`,
);
}
}
Expand All @@ -124,26 +134,44 @@ router.get('/consent', csrfProtection, auth.authChecker, (req, res, next) => {
value: scope,
})),
});
}).catch(next);
})
.catch(next);
});

router.post('/consent', auth.authChecker, (r, w) => acceptConsent(r, w, r.query.challenge, r.body.grantScopes, true));

router.get('/username/:pseudonym', (req, res, next) => {
router.get('/username/:pseudonym', async (req, res, next) => {
if (req.cookies.jwt) {
return api(req).get('/pseudonym', {
qs: {
pseudonym: req.params.pseudonym,
},
}).then((pseudonym) => {
let shortName;
let completeName;
const anonymousName = '???';
completeName = anonymousName;
shortName = completeName;
if (pseudonym.data.length) {
completeName = `${pseudonym.data[0].user.firstName} ${pseudonym.data[0].user.lastName}`;
shortName = `${pseudonym.data[0].user.firstName} ${pseudonym.data[0].user.lastName.charAt(0)}.`;
try {
let shortName = '???';
let completeName = '???';

if (Configuration.get('FEATURE_CTL_TOOLS_TAB_ENABLED')) {
const pseudonymResponse = await api(req, { version: 'v3' })
.get(`/pseudonyms/${req.params.pseudonym}`);

const userResponse = await api(req)
.get('/users', {
qs: { id: pseudonymResponse.userId },
$limit: 1,
});
if (userResponse.data?.length === 1) {
completeName = `${userResponse.data[0].firstName} ${userResponse.data[0].lastName}`;
shortName = `${userResponse.data[0].firstName} ${userResponse.data[0].lastName.charAt(0)}.`;
}
} else {
const feathersPseudonymResponse = await api(req)
.get('/pseudonym', {
qs: {
pseudonym: req.params.pseudonym,
},
});
if (feathersPseudonymResponse.data.length) {
// eslint-disable-next-line max-len
completeName = `${feathersPseudonymResponse.data[0].user.firstName} ${feathersPseudonymResponse.data[0].user.lastName}`;
// eslint-disable-next-line max-len
shortName = `${feathersPseudonymResponse.data[0].user.firstName} ${feathersPseudonymResponse.data[0].user.lastName.charAt(0)}.`;
}
}
return res.render('oauth2/username', {
depseudonymized: true,
Expand All @@ -153,14 +181,17 @@ router.get('/username/:pseudonym', (req, res, next) => {
shortTitle: res.locals.theme.short_title,
}),
});
}).catch(next);
} catch (error) {
return next(error);
}
} else {
return res.render('oauth2/username', {
depseudonymized: false,
completeName: res.$t('login.oauth2.label.showName'),
shortName: res.$t('login.oauth2.label.showName'),
infoText: '',
});
}
return res.render('oauth2/username', {
depseudonymized: false,
completeName: res.$t('login.oauth2.label.showName'),
shortName: res.$t('login.oauth2.label.showName'),
infoText: '',
});
});

module.exports = router;

0 comments on commit 763396a

Please sign in to comment.