Commit d41023b5 authored by jackie / Andrea Ida Malkah Klaura's avatar jackie / Andrea Ida Malkah Klaura
Browse files

clean up oidc client integration (relates to #1)

parent 37cac932
This diff is collapsed.
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Waiting...</title>
</head>
<body>
<script src="js/oidc-client.min.js"></script>
<script>
var mgr = new Oidc.UserManager()
mgr.signinPopupCallback()
</script>
</body>
</html>
......@@ -5,11 +5,9 @@ import handleApiError from '../handleApiError'
const oidcmgr = new oidc.UserManager({
userStore: new oidc.WebStorageStateStore(),
authority: process.env.VUE_APP_API_STEERING_OIDC_URI,
// the client id has to be a string, therefore we add the + ''
client_id: process.env.VUE_APP_OIDC_CLIENT_ID,
redirect_uri: process.env.VUE_APP_API_STEERING_OIDC_REDIRECT_URI,
silent_redirect_uri: 'http://localhost:8080/oidc_callback_silentRenew.html',
popup_redirect_uri: 'http://localhost:8080/oidc_callback_popupRenew.html',
silent_redirect_uri: process.env.VUE_APP_API_STEERING_OIDC_REDIRECT_URI_SILENT,
accessTokenExpiringNotificationTime: process.env.VUE_APP_API_STEERING_OIDC_EXPIRE_NOTIFICATION,
response_type: 'id_token token',
scope: 'openid profile email username aura_shows',
......@@ -127,12 +125,14 @@ const actions = {
oidcmgr.events.addAccessTokenExpiring(() => {
this.$log.debug('Starting silent access_token renewal')
oidcmgr.signinSilent().then(user => {
this.$log.debug('Renewed access token:', user.access_token)
ctx.commit('setAccessToken', user.access_token)
this.$log.debug('Access token:', ctx.state.user.access_token)
}).catch(err => {
this.$log.error(err)
alert('Your OpenID access token could not be renewed automatically.\n' +
'You will be logged out in ' + process.env.VUE_APP_API_STEERING_OIDC_EXPIRE_NOTIFICATION + ' seconds.')
'You will be logged out in ' +
process.env.VUE_APP_API_STEERING_OIDC_EXPIRE_NOTIFICATION +
' seconds.\nFor details check the console.')
})
})
......@@ -145,33 +145,42 @@ const actions = {
if (user == null) {
ctx.commit('clearUserProperties')
} else {
// TODO: check user.expires_at
// if token already expired try to get a new one or mark the user as logged out
ctx.commit('setUserProperties', user)
ctx.dispatch('fetchSteeringUser')
// TODO: remove debug info after thorough testing
this.$log.debug(new Date(user.expires_at * 1000).toString())
this.$log.debug(new Date(user.expires_at * 1000).toUTCString())
this.$log.debug(user.access_token)
let uri = process.env.VUE_APP_TANK + 'auth/session'
let payload = {
backend: "oidc",
arguments: {
access_token: user.access_token,
token_type: "Bearer"
}
let expiry = new Date(user.expires_at * 1000)
// if token we have a token but it has already expired, log out the user
if (expiry <= new Date()) {
this.$log.debug('Token has already expired:', expiry.toString())
this.$log.debug('Logging out the user locally')
ctx.dispatch('signoutRedirect')
}
axios.post(uri, payload , {
headers: {
'Authorization': 'Bearer ' + user.access_token,
// only if the token is still valid we use the existing user info
// and establish a session with tank
else {
ctx.commit('setUserProperties', user)
ctx.dispatch('fetchSteeringUser')
// TODO: remove debug info after thorough testing
this.$log.debug('Token will expire at:', expiry.toString())
this.$log.debug('Access token', user.access_token)
// now that we have a valid token, we can create a session with tank
let uri = process.env.VUE_APP_TANK + 'auth/session'
let payload = {
backend: "oidc",
arguments: {
access_token: user.access_token,
token_type: "Bearer"
}
}
}).then(response => {
this.$log.debug('tank session token:', response.data.token)
ctx.commit('setTankToken', response.data.token)
}).catch(error => {
handleApiError(this, error, 'could not get a session with tank')
})
axios.post(uri, payload , {
headers: {
'Authorization': 'Bearer ' + user.access_token,
}
}).then(response => {
this.$log.debug('tank session token:', response.data.token)
ctx.commit('setTankToken', response.data.token)
}).catch(error => {
handleApiError(this, error, 'could not get a session with tank')
})
}
}
}).catch(err => {
this.$log.debug(err)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment