inteligr8/alfresco-ng2-components
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-ng2-components.git synced 2025-06-30 18:15:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

[ACS-6328] fix oauth config loading (#9098)

Browse Source 
* fix oauth config loading

* remove coma

* fix json schema path

* use auth config constructor

* update json schema

* update json schema

* fix tests
This commit is contained in:
Denys Vuika 2023-11-17 14:02:19 +00:00 committed by GitHub
parent 001d6ee83d
commit eb8aaecef6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 54 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
demo-shell/src/app.config.json
View File

@ -1,5 +1,5 @@
{
"$schema": "../../lib/core/src/lib/app-config/schema.json",
"$schema": "../../lib/core/src/lib/app-config/app.config.schema.json",
"ecmHost": "{protocol}//{hostname}{:port}",
"bpmHost": "{protocol}//{hostname}{:port}",
"identityHost": "{protocol}//{hostname}{:port}/auth/admin/realms/alfresco",

50
lib/core/src/lib/app-config/app.config.schema.json
View File

@ -1513,7 +1513,16 @@
],
"properties": {
"host": {
"type": "string"
"type": "string",
"description": "Host URL address"
},
"oidc": {
"type": "boolean",
"description": "Defines whether to use OpenId Connect during implicit flow."
},
"issuer": {
"type": "string",
"description": "The issuer's uri."
},
"silentLogin": {
"type": ["boolean", "string"]
@ -1522,13 +1531,19 @@
"type": "string"
},
"clientId": {
"type": "string"
"type": "string",
"description": "The client's id as registered with the auth server"
},
"secret": {
"type": "string"
},
"redirectUri": {
"type": "string"
"type": "string",
"description": "The client's redirectUri as registered with the auth server"
},
"postLogoutRedirectUri": {
"type": "string",
"description": "An optional second redirectUri where the auth server redirects the user to after logging out."
},
"redirectUriLogout": {
"type": "string"
@ -1536,6 +1551,14 @@
"refreshTokenTimeout": {
"type": "number"
},
"silentRefreshRedirectUri": {
"type": "string",
"description": "The redirect uri used when doing silent refresh."
},
"silentRefreshTimeout": {
"type": "number",
"description": "Timeout for silent refresh."
},
"publicUrls": {
"type": "array",
"items": {
@ -1543,7 +1566,26 @@
}
},
"scope": {
"type": "string"
"type": "string",
"description": "The requested scopes"
},
"dummyClientSecret": {
"type": "string",
"description": "Some auth servers don't allow using password flow w/o a client secret while the standards do not demand for it. In this case, you can set a password here. As this password is exposed to the public it does not bring additional security and is therefore as good as using no password."
},
"skipIssuerCheck": {
"type": "boolean",
"description": "Defined whether to skip the validation of the issuer in the discovery document. Normally, the discovey document's url starts with the url of the issuer."
},
"strictDiscoveryDocumentValidation": {
"type": "boolean",
"description": " Defines whether every url provided by the discovery document has to start with the issuer's url."
},
"implicitFlow": {
"type": ["boolean", "string"]
},
"codeFlow": {
"type": ["boolean", "string"]
}
}
},

9
lib/core/src/lib/auth/oidc/auth-config.service.spec.ts
View File

@ -21,7 +21,6 @@ import { EMPTY } from 'rxjs';
import { AppConfigService } from '../../app-config/app-config.service';
import { AUTH_MODULE_CONFIG } from './auth-config';
import { AuthConfigService } from './auth-config.service';
import { AuthConfig } from 'angular-oauth2-oidc';
import { OauthConfigModel } from '../models/oauth-config.model';
describe('AuthConfigService', () => {
@ -96,7 +95,7 @@ describe('AuthConfigService', () => {
]
};
const mockAuthConfigCodeFlow: OauthConfigModel = {
const mockAuthConfigCodeFlow = {
host: 'http://localhost:3000/auth/realms/alfresco',
clientId: 'fakeClientId',
scope: 'openid profile email',
@ -131,7 +130,7 @@ describe('AuthConfigService', () => {
describe('load auth config using hash', () => {
it('should load configuration if implicit flow is true ', async () => {
spyOnProperty(appConfigService, 'oauth2').and.returnValue(mockAuthConfigImplicitFlow);
const expectedConfig: AuthConfig = {
const expectedConfig = {
oidc: true,
issuer: 'http://localhost:3000/auth/realms/alfresco',
redirectUri: 'http://localhost:3000/#/view/authentication-confirmation/?',
@ -142,7 +141,7 @@ describe('AuthConfigService', () => {
dummyClientSecret: ''
};
expect(await service.loadConfig()).toEqual(expectedConfig);
expect(await service.loadConfig()).toEqual(jasmine.objectContaining(expectedConfig));
});
it('should load configuration if code flow is true ', async () => {
@ -159,7 +158,7 @@ describe('AuthConfigService', () => {
dummyClientSecret: ''
};
expect(await service.loadConfig()).toEqual(expectedConfig);
expect(await service.loadConfig()).toEqual(jasmine.objectContaining(expectedConfig));
});
});

7
lib/core/src/lib/auth/oidc/auth-config.service.ts
View File

@ -54,7 +54,8 @@ export class AuthConfigService {
const origin = this.getLocationOrigin();
const redirectUri = this.getRedirectUri();
const authConfig: AuthConfig = {
return new AuthConfig({
...oauth2,
oidc: oauth2.implicitFlow || oauth2.codeFlow || false,
issuer: oauth2.host,
redirectUri,
@ -64,9 +65,7 @@ export class AuthConfigService {
scope: oauth2.scope,
dummyClientSecret: oauth2.secret || '',
...(oauth2.codeFlow && { responseType: 'code' })
};
return authConfig;
});
}
getRedirectUri(): string {