Commit 52c027fa authored by Andrea Ida Malkah Klaura's avatar Andrea Ida Malkah Klaura
Browse files

Merge branch 'feature-oidc-expiration' into develop

parents c75a659a 421822f5
...@@ -4,12 +4,17 @@ const prodEnv = require('./prod.env') ...@@ -4,12 +4,17 @@ const prodEnv = require('./prod.env')
module.exports = merge(prodEnv, { module.exports = merge(prodEnv, {
NODE_ENV: '"development"', NODE_ENV: '"development"',
OIDC_CLIENT_ID: '"174626"',
API_STEERING: '"http://127.0.0.1:8000/api/v1/"', API_STEERING: '"http://127.0.0.1:8000/api/v1/"',
API_STEERING_SHOWS: '"http://127.0.0.1:8000/api/v1/shows/"', API_STEERING_SHOWS: '"http://127.0.0.1:8000/api/v1/shows/"',
// OIDC endpoint of the pv/steering module // OIDC endpoint of the pv/steering module
API_STEERING_OIDC_URI: '"http://localhost:8000/openid"', API_STEERING_OIDC_URI: '"http://localhost:8000/openid"',
// local callback handler that is called by the pv/steering OIDC module after login // number of seconds before token gets invalid, when renewal should be started
API_STEERING_OIDC_EXPIRE_NOTIFICATION: '120',
// local callback handlers that are called by the pv/steering OIDC module after login/renwal
API_STEERING_OIDC_REDIRECT_URI: '"http://localhost:8080/static/oidc_callback.html"', API_STEERING_OIDC_REDIRECT_URI: '"http://localhost:8080/static/oidc_callback.html"',
API_STEERING_OIDC_REDIRECT_URI_SILENT: '"http://localhost:8080/static/oidc_callback_silentRenew.html"',
API_STEERING_OIDC_REDIRECT_URI_POPUP: '"http://localhost:8080/static/oidc_callback_popupRenew.html"',
// address that is called by the pv/steering OIDC module after logout - should be the dashboard entry point // address that is called by the pv/steering OIDC module after logout - should be the dashboard entry point
API_STEERING_OIDC_REDIRECT_URI_POSTLOGOUT: '"http://localhost:8080"' API_STEERING_OIDC_REDIRECT_URI_POSTLOGOUT: '"http://localhost:8080"'
}) })
...@@ -38,15 +38,19 @@ export default { ...@@ -38,15 +38,19 @@ export default {
name: '', name: '',
email: '', email: '',
access_token: '', access_token: '',
expires_at: 0,
logged_in: false logged_in: false
}, },
userOIDC: null, userOIDC: null,
mgr: new oidc.UserManager({ oidcmgr: new oidc.UserManager({
userStore: new oidc.WebStorageStateStore(), userStore: new oidc.WebStorageStateStore(),
authority: process.env.API_STEERING_OIDC_URI, authority: process.env.API_STEERING_OIDC_URI,
client_id: '174626', // the client id has to be a string, therefore we add the + ''
client_id: process.env.OIDC_CLIENT_ID,
redirect_uri: process.env.API_STEERING_OIDC_REDIRECT_URI, redirect_uri: process.env.API_STEERING_OIDC_REDIRECT_URI,
// redirect_uri: process.env.API_STEERING_OIDC_REDIRECT_URI, silent_redirect_uri: 'http://localhost:8080/static/oidc_callback_silentRenew.html',
popup_redirect_uri: 'http://localhost:8080/static/oidc_callback_popupRenew.html',
accessTokenExpiringNotificationTime: process.env.API_STEERING_OIDC_EXPIRE_NOTIFICATION,
response_type: 'id_token token', response_type: 'id_token token',
scope: 'openid profile email', scope: 'openid profile email',
post_logout_redirect_uri: process.env.API_STEERING_OIDC_REDIRECT_URI_POSTLOGOUT, post_logout_redirect_uri: process.env.API_STEERING_OIDC_REDIRECT_URI_POSTLOGOUT,
...@@ -62,41 +66,67 @@ export default { ...@@ -62,41 +66,67 @@ export default {
}, },
methods: { methods: {
signIn () { signIn () {
this.mgr.signinRedirect().catch(function (err) { this.oidcmgr.signinRedirect().catch(function (err) {
console.log(err) console.log(err)
}) })
}, },
signOut () { signOut () {
let self = this let self = this
this.mgr.signoutRedirect().then(function (resp) { this.oidcmgr.signoutRedirect().then(function (resp) {
self.user.logged_in = false self.user.logged_in = false
console.log('signed out', resp) console.log('signed out', resp)
}).catch(function (err) { }).catch(function (err) {
console.log(err) console.log(err)
}) })
}, },
getUser () { getOIDCUser () {
let self = this let self = this
this.mgr.getUser().then(function (u) { this.oidcmgr.getUser().then(function (user) {
if (u == null) { if (user == null) {
self.user.logged_in = false self.user.logged_in = false
self.user.name = '' self.user.name = ''
self.user.email = '' self.user.email = ''
self.user.access_token = '' self.user.access_token = ''
} else { } else {
self.userOIDC = u // TODO: check user.expires_at
self.user.logged_in = true // if token already expired try to get a new one or mark the user as logged out
self.user.name = u.profile.nickname self.setUserProperties(user)
self.user.email = u.profile.email
self.user.access_token = u.access_token
} }
}).catch(function (err) { }).catch(function (err) {
console.log(err) console.log(err)
}) })
},
setUserProperties (user) {
this.userOIDC = user
this.user.logged_in = true
this.user.name = user.profile.nickname
this.user.email = user.profile.email
this.user.access_token = user.access_token
// TODO: remove debug info after thorough testing
console.log(new Date(user.expires_at * 1000).toString())
console.log(new Date(user.expires_at * 1000).toUTCString())
console.log(user.access_token)
} }
}, },
mounted () { mounted () {
this.getUser() // TODO: remove oidc logging after thorough testing
oidc.Log.logger = console
let self = this
this.oidcmgr.events.addAccessTokenExpiring(function () {
console.log('starting silent access_token renewal')
self.oidcmgr.signinSilent().then(function (user) {
self.user.access_token = user.access_token
console.log(self.user.access_token)
}).catch(function (err) {
console.log(err)
alert('Your OpenID access token could not be renewed automatically.\n' +
'You will be logged out in ' + process.env.API_STEERING_OIDC_EXPIRE_NOTIFICATION + ' seconds.')
})
})
this.oidcmgr.events.addAccessTokenExpired(function () {
console.log('expired!')
})
this.getOIDCUser()
} }
} }
</script> </script>
......
...@@ -36,7 +36,7 @@ ...@@ -36,7 +36,7 @@
<b-dropdown-item href="#">Profile</b-dropdown-item> <b-dropdown-item href="#">Profile</b-dropdown-item>
<b-dropdown-item @click='$parent.signOut'>Signout</b-dropdown-item> <b-dropdown-item @click='$parent.signOut'>Signout</b-dropdown-item>
</b-nav-item-dropdown> </b-nav-item-dropdown>
<b-nav-item v-if="! user.logged_in" to="login"><img src="../assets/16x16/system-users.png" alt="log-in symbol" title="Log in"></b-nav-item> <b-nav-item v-if="! user.logged_in" to="home"><img src="../assets/16x16/system-users.png" alt="log-in symbol" title="Log in"></b-nav-item>
<div class="help-image-container"> <div class="help-image-container">
<b-nav-item> <b-nav-item>
<router-link to="help"><img class="help-image" src="../assets/help-browser-32x32.png" alt="Help symbol" title="Go to help pages"></router-link> <router-link to="help"><img class="help-image" src="../assets/help-browser-32x32.png" alt="Help symbol" title="Go to help pages"></router-link>
......
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Waiting...</title>
</head>
<body>
<script src="oidc-client.js"></script>
<script>
var mgr = new Oidc.UserManager()
mgr.signinPopupCallback()
</script>
</body>
</html>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Waiting...</title>
</head>
<body>
<script src="oidc-client.js"></script>
<script>
var mgr = new Oidc.UserManager()
mgr.signinSilentCallback()
</script>
</body>
</html>
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment