Merge branch 'trunk' into feature/stripe-sca

.circleci/config.yml

@@ -31,7 +31,7 @@ jobs:
             - reaction-v3-node-modules-{{ checksum "package.json" }}-{{ checksum "yarn.lock" }}
             - reaction-v3-node-modules-{{ .Branch }}
       - run:
-          name: Install NPM dependencies
+          name: Install yarn dependencies
           command: yarn install --production=false --frozen-lockfile --non-interactive
       - save_cache:
           key: reaction-v3-node-modules-{{ checksum "package.json" }}-{{ checksum "yarn.lock" }}
@@ -77,6 +77,18 @@ jobs:
           name: Run Unit Tests
           command: yarn run test:ci
 
+  release:
+    <<: *defaults
+    steps:
+      - checkout
+      - restore_cache:
+          keys:
+            - reaction-v3-node-modules-{{ checksum "package.json" }}-{{ checksum "yarn.lock" }}
+            - reaction-v3-node-modules-{{ .Branch }}
+      - run:
+          name: Push the latest version to npm
+          command: yarn run semantic-release
+
   docker-build-push:
     <<: *defaults
     steps:
@@ -86,7 +98,11 @@ jobs:
           version: 19.03.13
       - run:
           name: Build and push production Docker image
-          command: ${CI_SCRIPTS} docker-build-tag-push . ${DOCKER_REPOSITORY}
+          command: |
+            VERSION=$(git describe --tags `git rev-list --tags --max-count=1` | cut -c2-100)
+            docker build -t ${DOCKER_REPOSITORY}:${VERSION} .
+            docker login -u ${DOCKER_USER} -p ${DOCKER_PASS}
+            docker push ${DOCKER_REPOSITORY}:${VERSION}
       - webhook/notify:
           endpoint: "${GITOPS_PR_WEBHOOK}"
 
@@ -111,9 +127,17 @@ workflows:
       - test-unit:
           requires:
             - install-dependencies
-      - docker-build-push:
-          context: reaction-publish-docker
+      - release:
+          context: reaction-publish-semantic-release
+          filters:
+            branches:
+              only:
+                - trunk
           requires:
             - dockerfile-lint
             - eslint
             - test-unit
+      - docker-build-push:
+          context: reaction-publish-docker
+          requires:
+            - release

.env.example

@@ -1,10 +1,21 @@
 CANONICAL_URL=http://localhost:4000
+ENABLE_SPA_ROUTING=true
 BUILD_GRAPHQL_URL=http://localhost:3000/graphql
 EXTERNAL_GRAPHQL_URL=http://localhost:3000/graphql
 INTERNAL_GRAPHQL_URL=http://api.reaction.localhost:3000/graphql
+OAUTH2_ADMIN_PORT=4445
+OAUTH2_ADMIN_URL=http://hydra.reaction.localhost:4445
+OAUTH2_AUTH_URL=http://localhost:4444/oauth2/auth
+OAUTH2_CLIENT_ID=example-storefront
+OAUTH2_CLIENT_SECRET=CHANGEME
+OAUTH2_PUBLIC_LOGOUT_URL=http://localhost:4444/oauth2/sessions/logout
+OAUTH2_HOST=hydra.reaction.localhost
+OAUTH2_IDP_PUBLIC_CHANGE_PASSWORD_URL=http://localhost:4100/account/change-password?email=EMAIL&from=FROM
+OAUTH2_IDP_HOST_URL=http://identity.reaction.localhost:4100
+OAUTH2_TOKEN_URL=http://hydra.reaction.localhost:4444/oauth2/token
 PORT=4000
 SEGMENT_ANALYTICS_SKIP_MINIMIZE=true
 SEGMENT_ANALYTICS_WRITE_KEY=ENTER_KEY_HERE
 SESSION_MAX_AGE_MS=2592000000
 SESSION_SECRET=CHANGEME
-STRIPE_PUBLIC_API_KEY=ENTER_STRIPE_PUBLIC_KEY_HERE
+STRIPE_PUBLIC_API_KEY=ENTER_STRIPE_PUBLIC_KEY_HERE

.env.prod

@@ -1,10 +1,21 @@
 CANONICAL_URL=http://localhost:4000
+ENABLE_SPA_ROUTING=true
 BUILD_GRAPHQL_URL=http://localhost:3000/graphql
 EXTERNAL_GRAPHQL_URL=http://localhost:3000/graphql
 INTERNAL_GRAPHQL_URL=http://api.reaction.localhost:3000/graphql
+OAUTH2_ADMIN_PORT=4445
+OAUTH2_ADMIN_URL=http://hydra.reaction.localhost:4445
+OAUTH2_AUTH_URL=http://localhost:4444/oauth2/auth
+OAUTH2_CLIENT_ID=example-storefront
+OAUTH2_CLIENT_SECRET=CHANGEME
+OAUTH2_PUBLIC_LOGOUT_URL=http://localhost:4444/oauth2/sessions/logout
+OAUTH2_HOST=hydra.reaction.localhost
+OAUTH2_IDP_PUBLIC_CHANGE_PASSWORD_URL=http://localhost:4100/account/change-password?email=EMAIL&from=FROM
+OAUTH2_IDP_HOST_URL=http://identity.reaction.localhost:4100
+OAUTH2_TOKEN_URL=http://hydra.reaction.localhost:4444/oauth2/token
 PORT=4000
 SEGMENT_ANALYTICS_SKIP_MINIMIZE=true
 SEGMENT_ANALYTICS_WRITE_KEY=ENTER_KEY_HERE
 SESSION_MAX_AGE_MS=2592000000
 SESSION_SECRET=CHANGEME
-STRIPE_PUBLIC_API_KEY=ENTER_STRIPE_PUBLIC_KEY_HERE
+STRIPE_PUBLIC_API_KEY=ENTER_STRIPE_PUBLIC_KEY_HERE

.github/pull_request_template.md

@@ -3,24 +3,27 @@ Impact: **breaking|critical|major|minor**
 Type: **feature|bugfix|performance|test|style|refactor|docs|chore**
 
 ## Issue
+
 Description of the issue this PR is solving, why it's happening, and how to reproduce it. This may differ from the original ticket as you now have more information at your disposal.
 
 ## Solution
+
 Summarize your solution to the problem. Please include short descriptions of any solutions you tested before arriving at your final solution. This will help reviewers know why you decided to solve this problem in this particular way and will speed up the review process.
 
 If you're solving a UIX related issue, please attach screen-caps or gifs showing how your solution differs from the issue.
 
 ## Breaking changes
+
 If you have a breaking changes, list them here, otherwise list none.
 
 Examples of breaking changes include changing file names, moving files, deleting files, renaming functions or exports, or changes to code which might cause previous versions of Reaction or third-party code not to work as expected.
 
 Note any work that you did to mitigate the effect of any breaking changes such as creating migrations, deprecation warnings, etc.
 
-
 ## Testing
+
 1. List the steps needed for testing your change in this section.
 2. Assume that testers already know how to start the app, and do the basic setup tasks.
 3. Be detailed enough that someone can work through it without being too granular
 
-More detail for what each of these sections should include are available in our [Contributing Docs](https://docs.reactioncommerce.com/reaction-docs/trunk/contributing-to-reaction)
+More detail for what each of these sections should include are available in our [Contributing Docs](https://docs.reactioncommerce.com/reaction-docs/trunk/contributing-to-reaction). This project uses [semantic-release](https://semantic-release.gitbook.io/semantic-release/), please use their [commit message format.](https://semantic-release.gitbook.io/semantic-release/#commit-message-format).

CHANGELOG.md

@@ -1,3 +1,16 @@
+# [4.1.0](https://github.com/reactioncommerce/example-storefront/compare/v4.0.2...v4.1.0) (2021-06-23)
+
+
+### Bug Fixes
+
+* enable semantic releae ([601dd87](https://github.com/reactioncommerce/example-storefront/commit/601dd8708f6b1ba9909332dd0b107795aa8dc103))
+* remove dry from semantic release ([c623a85](https://github.com/reactioncommerce/example-storefront/commit/c623a8541d97ea8355792dc226f2c625e8063b23))
+
+
+### Features
+
+* add typescript support ([bcf17cd](https://github.com/reactioncommerce/example-storefront/commit/bcf17cde13647dce51ca7d4f7f95cc3b69a362e9))
+
 # v4.0.2
 
 example-storefront v4.0.2 adds patch features or bug fixes and contains no breaking changes since v4.0.0.

README.md

@@ -31,6 +31,7 @@ Follow the [Reaction Platform docs](https://docs.reactioncommerce.com/docs/insta
 | [`reaction`](https://github.com/reactioncommerce/reaction): GraphQL Playground developer tool | [localhost:3000/graphql](localhost:3000/graphql) |
 | [`reaction`](https://github.com/reactioncommerce/reaction): Reaction Admin                    | [localhost:4080](localhost:4080)                 |
 | [`reaction`](https://github.com/reactioncommerce/reaction): MongoDB                           | [localhost:27017](localhost:27017)               |
+| [`reaction-hydra`](https://github.com/reactioncommerce/reaction-hydra): Authentication        | [localhost:4444](localhost:4444)                 |
 | [`example-storefront`](https://github.com/reactioncommerce/example-storefront): Storefront    | [localhost:4000](localhost:4000)                 |
 
 **Note**: The storefront has redirects so that if you open [http://localhost:4000/graphql](http://localhost:4000/graphql), you'll be redirected to the GraphQL Playground.
@@ -224,7 +225,7 @@ docker stop reaction-storefront
 
 ## Contribute
 
-Find a bug, a typo, or something that’s not documented well? We’d love for you to [open an issue](https://github.com/reactioncommerce/example-storefront/issues) telling us what we can improve!
+Find a bug, a typo, or something that’s not documented well? We’d love for you to [open an issue](https://github.com/reactioncommerce/example-storefront/issues) telling us what we can improve! This project uses [semantic-release](https://semantic-release.gitbook.io/semantic-release/), please use their [commit message format.](https://semantic-release.gitbook.io/semantic-release/#commit-message-format).
 
 Want to request a feature? Use our [Reaction Feature Requests repository](https://github.com/reactioncommerce/reaction-feature-requests) to file a request.
 

apiUtils/localeMiddleware.js

@@ -3,7 +3,8 @@ import redirect from "./redirect";
 
 export default (req, res) => {
   const {
-    query: { slug, ...rest }
+    query: { slug },
+    _parsedUrl
   } = req;
 
   const fallback = "de";
@@ -40,7 +41,7 @@ export default (req, res) => {
     found = fallback;
   }
 
-  const queryPart = rest ? (`?${Object.keys(rest).map((k) => `${k}=${rest[k]}`).join("&")}`) : "";
+  const queryPart = (_parsedUrl && _parsedUrl.query) ? `?${_parsedUrl.query}` : "";
 
   if (slug) {
     return redirect(res, 302, `/${found}${slug ? `/${slug.join("/")}` : ""}${queryPart}`);

apiUtils/passportMiddleware.js

@@ -0,0 +1,53 @@
+import OAuth2Strategy from "passport-oauth2";
+import passport from "passport";
+import sessions from "client-sessions";
+import appConfig from "../config.js";
+import redirect from "./redirect";
+
+export { default as passport } from "passport";
+
+let baseUrl = appConfig.CANONICAL_URL;
+if (!baseUrl.endsWith("/")) baseUrl = `${baseUrl}/`;
+
+const oauthRedirectUrl = `${baseUrl}callback`;
+
+// This is needed to allow custom parameters (e.g. loginActions) to be included
+// when requesting authorization. This is setup to allow only loginAction to pass through
+OAuth2Strategy.prototype.authorizationParams = function (options = {}) {
+  return { loginAction: options.loginAction };
+};
+
+passport.use("oauth2", new OAuth2Strategy({
+  authorizationURL: appConfig.OAUTH2_AUTH_URL,
+  tokenURL: appConfig.OAUTH2_TOKEN_URL,
+  clientID: appConfig.OAUTH2_CLIENT_ID,
+  clientSecret: appConfig.OAUTH2_CLIENT_SECRET,
+  callbackURL: oauthRedirectUrl,
+  state: true,
+  scope: ["offline", "openid"]
+}, (accessToken, refreshToken, params, profile, cb) => {
+  cb(null, { accessToken, refreshToken, idToken: params.id_token });
+}));
+
+passport.serializeUser((user, done) => {
+  done(null, JSON.stringify(user));
+});
+
+passport.deserializeUser((user, done) => {
+  done(null, JSON.parse(user));
+});
+
+export default (handler) => (req, res) => {
+  if (!res.redirect) {
+    res.redirect = (location) => redirect(res, 302, location);
+  }
+
+  sessions({
+    cookieName: "session", // This name is required so passport picks it up correctly
+    secret: appConfig.SESSION_SECRET,
+    duration: appConfig.SESSION_MAX_AGE_MS
+  })(req, res, () =>
+    passport.initialize()(req, res, () =>
+      passport.session()(req, res, () =>
+        handler(req, res))));
+};

bin/start

@@ -8,5 +8,7 @@ IFS="$(printf "\n\t")"
 
 cd "$(dirname "$0")/.."
 yarn install
-
-yarn start:dev
+printf "Waiting for Hydra service...  "
+./bin/wait-for.sh "${OAUTH2_HOST}:${OAUTH2_ADMIN_PORT}"
+printf "Hydra service found!\n"
+yarn start:dev