npm - @5minds/node-red-contrib-processcube - Versions diffs - 1.5.2-feature-4b06ce-m3644zlp → 1.5.3 - Mend

@5minds/node-red-contrib-processcube 1.5.2-feature-4b06ce-m3644zlp → 1.5.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/package.json +2 -2
package/processcube-engine-config.js +103 -50
package/processinstance-delete.js +2 -3

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
     "name": "@5minds/node-red-contrib-processcube",
-    "version": "1.5.2-feature-4b06ce-m3644zlp",
+    "version": "1.5.3",
     "license": "MIT",
     "description": "Node-RED nodes for ProcessCube",
     "scripts": {
@@ -57,7 +57,7 @@
         "examples": "examples"
     },
     "dependencies": {
-        "@5minds/processcube_engine_client": "5.1.0-hotfix-a73235-m346kg1n",
+        "@5minds/processcube_engine_client": "^5.1.0",
         "jwt-decode": "^4.0.0",
         "openid-client": "^5.5.0"
     },

package/processcube-engine-config.js CHANGED Viewed

@@ -2,6 +2,8 @@ const engine_client = require('@5minds/processcube_engine_client');
 const jwt = require('jwt-decode');
 const oidc = require('openid-client');
+const DELAY_FACTOR = 0.85;
 module.exports = function (RED) {
     function ProcessCubeEngineNode(n) {
         RED.nodes.createNode(this, n);
@@ -34,55 +36,6 @@ module.exports = function (RED) {
             }
         };
-        async function getFreshIdentity(url, node) {
-            try {
-                if (
-                    !RED.util.evaluateNodeProperty(n.clientId, n.clientIdType, node) ||
-                    !RED.util.evaluateNodeProperty(n.clientSecret, n.clientSecretType, node)
-                ) {
-                    return null;
-                }
-                const res = await fetch(url + '/atlas_engine/api/v1/authority', {
-                    method: 'GET',
-                    headers: {
-                        Authorization: `Bearer ZHVtbXlfdG9rZW4=`,
-                        'Content-Type': 'application/json',
-                    },
-                });
-                const body = await res.json();
-                const issuer = await oidc.Issuer.discover(body);
-                const client = new issuer.Client({
-                    client_id: RED.util.evaluateNodeProperty(n.clientId, n.clientIdType, node),
-                    client_secret: RED.util.evaluateNodeProperty(n.clientSecret, n.clientSecretType, node),
-                });
-                const tokenSet = await client.grant({
-                    grant_type: 'client_credentials',
-                    scope: 'engine_etw engine_read engine_write',
-                });
-                const accessToken = tokenSet.access_token;
-                const decodedToken = jwt.jwtDecode(accessToken);
-                const freshIdentity = {
-                    token: tokenSet.access_token,
-                    userId: decodedToken.sub,
-                };
-                node.setIdentity(freshIdentity);
-                return freshIdentity;
-            } catch (e) {
-                console.log('Could not get fresh identity', e);
-                node.error('Could not get fresh identity');
-                node.error(e);
-            }
-        }
         node.on('close', async () => {
             if (this.engineClient) {
                 this.engineClient.dispose();
@@ -91,7 +44,25 @@ module.exports = function (RED) {
         });
         if (this.credentials.clientId && this.credentials.clientSecret) {
-            this.engineClient = new engine_client.EngineClient(this.url, () => getFreshIdentity(this.url, node));
+            this.engineClient = new engine_client.EngineClient(this.url);
+            this.engineClient.applicationInfo
+                .getAuthorityAddress()
+                .then((authorityUrl) => {
+                    startRefreshingIdentityCycle(
+                        this.credentials.clientId,
+                        this.credentials.clientSecret,
+                        authorityUrl,
+                        node
+                    ).catch((reason) => {
+                        console.error(reason);
+                        node.error(reason);
+                    });
+                })
+                .catch((reason) => {
+                    console.error(reason);
+                    node.error(reason);
+                });
         } else {
             this.engineClient = new engine_client.EngineClient(this.url);
         }
@@ -103,3 +74,85 @@ module.exports = function (RED) {
         },
     });
 };
+async function getFreshTokenSet(clientId, clientSecret, authorityUrl) {
+    const issuer = await oidc.Issuer.discover(authorityUrl);
+    const client = new issuer.Client({
+        client_id: clientId,
+        client_secret: clientSecret,
+    });
+    const tokenSet = await client.grant({
+        grant_type: 'client_credentials',
+        scope: 'engine_etw engine_read engine_write',
+    });
+    return tokenSet;
+}
+function getIdentityForExternalTaskWorkers(tokenSet) {
+    const accessToken = tokenSet.access_token;
+    const decodedToken = jwt.jwtDecode(accessToken);
+    return {
+        token: tokenSet.access_token,
+        userId: decodedToken.sub,
+    };
+}
+async function getExpiresInForExternalTaskWorkers(tokenSet) {
+    let expiresIn = tokenSet.expires_in;
+    if (!expiresIn && tokenSet.expires_at) {
+        expiresIn = Math.floor(tokenSet.expires_at - Date.now() / 1000);
+    }
+    if (expiresIn === undefined) {
+        throw new Error('Could not determine the time until the access token for external task workers expires');
+    }
+    return expiresIn;
+}
+/**
+ * Start refreshing the identity in regular intervals.
+ * @param {TokenSet | null} tokenSet The token set to refresh the identity for
+ * @returns {Promise<void>} A promise that resolves when the timer for refreshing the identity is initialized
+ * */
+async function startRefreshingIdentityCycle(clientId, clientSecret, authorityUrl, configNode) {
+    let retries = 5;
+    const refresh = async () => {
+        try {
+            const newTokenSet = await getFreshTokenSet(clientId, clientSecret, authorityUrl);
+            const expiresIn = await getExpiresInForExternalTaskWorkers(newTokenSet);
+            const delay = expiresIn * DELAY_FACTOR * 1000;
+            freshIdentity = getIdentityForExternalTaskWorkers(newTokenSet);
+            configNode.setIdentity(freshIdentity);
+            retries = 5;
+            setTimeout(refresh, delay);
+        } catch (error) {
+            if (retries === 0) {
+                console.error(
+                    'Could not refresh identity for external task worker processes. Stopping all external task workers.',
+                    { error }
+                );
+                return;
+            }
+            console.error('Could not refresh identity for external task worker processes.', {
+                error,
+                retryCount: retries,
+            });
+            retries--;
+            const delay = 2 * 1000;
+            setTimeout(refresh, delay);
+        }
+    };
+    await refresh();
+}

package/processinstance-delete.js CHANGED Viewed

@@ -29,9 +29,8 @@ module.exports = function (RED) {
             try {
                 const result = await client.processInstances.query({
-                    processModelId: modelId,
-                    identity: engine.identity,
-                });
+                    processModelId: modelId
+                }, { identity: engine.identity });
                 let allInstances = result.processInstances.filter((instance) => instance.state != 'suspended');