Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

finish up oAuth cleanup #66

Merged
merged 14 commits into from
Aug 30, 2019
Merged

finish up oAuth cleanup #66

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
14 commits
Select commit Hold shift + click to select a range
8e34c88
working on updating cb url
maxgrossman Jul 30, 2019
bc3f437
add verify route and use jwt as httpOnly cookie
maxgrossman Jul 31, 2019
1749f2c
add needed cors headers for cross origin
maxgrossman Jul 31, 2019
b06dc8e
add get user route to handle when session is valid but localstorage l…
maxgrossman Aug 1, 2019
583b6b4
add cors to route
maxgrossman Aug 1, 2019
0a45e41
add more cors configurations, make cookie include access to everythig…
maxgrossman Aug 2, 2019
9f8df9c
update tests so they put jwt in cookie header and respond redirect in…
maxgrossman Aug 2, 2019
cc418e8
reach 95% coverage and unveil good bug to fix (I think)!
maxgrossman Aug 2, 2019
0093ea7
simplify auth test and remove some lines of code to get coverage working
maxgrossman Aug 6, 2019
0b2e692
initial explore route
maxgrossman Aug 6, 2019
57f2447
include preset name.
maxgrossman Aug 13, 2019
d7629e1
lint, update icon lookup test
maxgrossman Aug 30, 2019
08b00c6
remove console log
maxgrossman Aug 30, 2019
5975924
update test after re-building icon map
maxgrossman Aug 30, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .circleci/config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,15 +25,15 @@ jobs:
npm run fixture
environment:
NODE_ENV: testing
YAR: thelongestyarstringofalltimeever
SESSION_KEY: thelongestyarstringofalltimeever
JWT: reveemitllafognirtsraytsegnoleht
- run:
name: test
command: |
npm test
environment:
NODE_ENV: testing
YAR: thelongestyarstringofalltimeever
SESSION_KEY: thelongestyarstringofalltimeever
JWT: reveemitllafognirtsraytsegnoleht
OSM_SITE: http://fake.osm.org
CONSUMER_KEY: keythatconsumes
Expand Down
20 changes: 10 additions & 10 deletions adapters/iDPresets/helpers.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -61,15 +61,15 @@ exports.getiDDefaults = () => JSON.parse(JSON.stringify(ID_DEFAULTS));
* @return {string} make icon type....
*/
exports.getIcon = (primaryTags) => {
const tagsString = primaryTags.sort((a, b) => {
if (a.key < b.key) return -1;
if (a.key > b.key) return 1;
return 0;
}).map(tag => {
return (tag.val && tag.val !== '*')
? `${tag.key}=${tag.val}`
: tag.key;
}).join(':');

const tagsString = primaryTags
.reduce(function(uniqueStrings, tag) {
var tagString = (tag.val && tag.val !== '*') ? `${tag.key}=${tag.val}` : tag.key;
if (uniqueStrings.indexOf(tagString) === -1) {
uniqueStrings.push(tagString);
}
return uniqueStrings;
}, [])
.sort()
.join(':');
return ID_ICONS[tagsString] || 'maki-natural';
};
36 changes: 21 additions & 15 deletions config.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,33 +1,39 @@
const host = process.env.HOST || 'http://localhost';
const port = process.env.PORT || '3001';
const maprules = `${host}:${port}`;

module.exports = {
'development': {
injectDefaults: { simulate: { error: false }},
maprules: maprules,
injectDefaults: { simulate: { error: false } },
consumerKey: process.env.CONSUMER_KEY || '',
consumerSecret: process.env.CONSUMER_SECRET || '',
callbackUrl: `${host}:${port}/auth/callback`,
callbackUrl: `${maprules}/auth/callback`,
osmSite: process.env.OSM_SITE || '',
yar: {
cookieOptions: {
password: process.env.YAR, // password must be greater than 32 characters
isSecure: false // make true when requests are made of HTTPS
}
session: {
isSecure: false, // make true when requests are made of HTTPS
clearInvalid: true,
strictHeader: false
},
jwt: process.env.JWT || ''
jwt: process.env.JWT || '',
sessionKey: process.env.SESSION_KEY || '',
cors: false
},
'testing': {
maprules: maprules,
injectDefaults: { simulate: { error: false }},
consumerKey: process.env.CONSUMER_KEY || '',
consumerSecret: process.env.CONSUMER_SECRET || '',
callbackUrl: `${host}:${port}/auth/callback`,
callbackUrl: `${maprules}/auth/callback`,
osmSite: process.env.OSM_SITE || '',
yar: {
cookieOptions: {
password: process.env.YAR,
isSecure: false
}
session: {
isSecure: false, // make true when requests are made of HTTPS
clearInvalid: true,
strictHeader: true
},
jwt: process.env.JWT || ''
jwt: process.env.JWT || '',
sessionKey: process.env.SESSION_KEY || '',
cors: true
}
};

Expand Down
5 changes: 2 additions & 3 deletions index.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,22 +4,21 @@ const Hapi = require('@hapi/hapi');
const routes = require('./routes');
const config = require('./config')[process.env.NODE_ENV || 'development'];
const inert = require('@hapi/inert');
const yar = { plugin: require('@hapi/yar'), options: config.yar };
const jwtScheme = require('./jwtScheme').scheme;

const server = Hapi.server({
port: process.env.PORT || 3000,
host: process.env.HOST || 'localhost',
routes: { cors: true }
routes: { cors: { origin: ['*'], credentials: true } }
});

server.auth.scheme('jwt', jwtScheme);
server.auth.strategy('default', 'jwt');

// initialize server
const initServer = async() => {
server.state('maprules_session', config.session);
await server.register(inert);
await server.register(yar);

// add endpoints
server.route(routes);
Expand Down
19 changes: 6 additions & 13 deletions jwtScheme.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,23 +70,15 @@ function isAuthorized(token, userAgent) {
}

function jwtAuthentication(request, h) {
return Promise.resolve(request.headers.authorization)
.then(function(authHeader) {
if (!authHeader || !authHeader.length) {
throw new Error('no token provided');
}

if (!authHeader.startsWith('Bearer ')) {
throw new Error('authentication strategy is invalid');
}

if (!authHeader.replace('Bearer ', '').length) {
return Promise.resolve(request.state.maprules_session)
.then(function(cookie) {
if (!cookie || !cookie.length) {
throw new Error('no token provided');
}

let token;
try {
token = jwt.verify(authHeader.replace('Bearer ', ''), config.jwt);
token = jwt.verify(cookie, config.jwt);
} catch (error) {
throw new Error('invalid token provided');
}
Expand Down Expand Up @@ -122,5 +114,6 @@ function authenticate(route) {

module.exports = {
scheme: scheme,
authenticate: authenticate
authenticate: authenticate,
isAuthorized: isAuthorized
};
7 changes: 4 additions & 3 deletions requestPromise.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,11 @@ const request = require('request');
let requestPromise = function(options) {
return new Promise (function(resolve, reject) {
request(options, function(err, rs, body) {
if (err) {
reject(err);
if (err || rs.statusCode !== 200) {
reject(err || { statusCode: rs.statusCode });
} else {
resolve(body);
}
resolve(body);
});
});
};
Expand Down
Loading