@5minds/node-red-contrib-processcube 1.5.2-feature-bdcb95-m362ojnw → 1.5.2-feature-fcaf4b-m3hagv0j
Sign up to get free protection for your applications and to get access to all the features.
- package/package.json +1 -1
- package/processcube-engine-config.js +34 -122
package/package.json
CHANGED
|
@@ -2,19 +2,19 @@ const engine_client = require('@5minds/processcube_engine_client');
|
|
|
2
2
|
const jwt = require('jwt-decode');
|
|
3
3
|
const oidc = require('openid-client');
|
|
4
4
|
|
|
5
|
-
const DELAY_FACTOR = 0.85;
|
|
6
|
-
|
|
7
5
|
module.exports = function (RED) {
|
|
8
6
|
function ProcessCubeEngineNode(n) {
|
|
9
7
|
RED.nodes.createNode(this, n);
|
|
10
8
|
const node = this;
|
|
11
9
|
const identityChangedCallbacks = [];
|
|
12
|
-
this.url = RED.util.evaluateNodeProperty(n.url, n.urlType, node);
|
|
13
10
|
this.identity = null;
|
|
14
11
|
|
|
15
12
|
this.credentials.clientId = RED.util.evaluateNodeProperty(n.clientId, n.clientIdType, node);
|
|
16
13
|
this.credentials.clientSecret = RED.util.evaluateNodeProperty(n.clientSecret, n.clientSecretType, node);
|
|
17
14
|
|
|
15
|
+
// set the engine url
|
|
16
|
+
const stopRefreshing = periodicallyRefreshEngineClient(this, n, 10000);
|
|
17
|
+
|
|
18
18
|
this.registerOnIdentityChanged = function (callback) {
|
|
19
19
|
identityChangedCallbacks.push(callback);
|
|
20
20
|
};
|
|
@@ -36,7 +36,33 @@ module.exports = function (RED) {
|
|
|
36
36
|
}
|
|
37
37
|
};
|
|
38
38
|
|
|
39
|
-
|
|
39
|
+
function periodicallyRefreshEngineClient(node, n, intervalMs) {
|
|
40
|
+
function refreshUrl() {
|
|
41
|
+
const newUrl = RED.util.evaluateNodeProperty(n.url, n.urlType, node);
|
|
42
|
+
|
|
43
|
+
if (node.url == newUrl) {
|
|
44
|
+
return;
|
|
45
|
+
}
|
|
46
|
+
|
|
47
|
+
node.url = newUrl;
|
|
48
|
+
if (node.credentials.clientId && node.credentials.clientSecret) {
|
|
49
|
+
this.engineClient.dispose();
|
|
50
|
+
node.engineClient = new engine_client.EngineClient(node.url, () =>
|
|
51
|
+
getFreshIdentity(node.url, node)
|
|
52
|
+
);
|
|
53
|
+
} else {
|
|
54
|
+
this.engineClient.dispose();
|
|
55
|
+
node.engineClient = new engine_client.EngineClient(node.url);
|
|
56
|
+
}
|
|
57
|
+
}
|
|
58
|
+
|
|
59
|
+
refreshUrl();
|
|
60
|
+
const intervalId = setInterval(refreshUrl, intervalMs);
|
|
61
|
+
|
|
62
|
+
return () => clearInterval(intervalId);
|
|
63
|
+
}
|
|
64
|
+
|
|
65
|
+
async function getFreshIdentity(url, node) {
|
|
40
66
|
try {
|
|
41
67
|
if (
|
|
42
68
|
!RED.util.evaluateNodeProperty(n.clientId, n.clientIdType, node) ||
|
|
@@ -45,9 +71,6 @@ module.exports = function (RED) {
|
|
|
45
71
|
return null;
|
|
46
72
|
}
|
|
47
73
|
|
|
48
|
-
node.log(RED.util.evaluateNodeProperty(n.clientId, n.clientIdType, node));
|
|
49
|
-
node.log(RED.util.evaluateNodeProperty(n.clientSecret, n.clientSecretType, node));
|
|
50
|
-
|
|
51
74
|
const res = await fetch(url + '/atlas_engine/api/v1/authority', {
|
|
52
75
|
method: 'GET',
|
|
53
76
|
headers: {
|
|
@@ -56,24 +79,20 @@ module.exports = function (RED) {
|
|
|
56
79
|
},
|
|
57
80
|
});
|
|
58
81
|
|
|
59
|
-
const
|
|
82
|
+
const body = await res.json();
|
|
60
83
|
|
|
61
|
-
|
|
84
|
+
const issuer = await oidc.Issuer.discover(body);
|
|
62
85
|
|
|
63
86
|
const client = new issuer.Client({
|
|
64
87
|
client_id: RED.util.evaluateNodeProperty(n.clientId, n.clientIdType, node),
|
|
65
88
|
client_secret: RED.util.evaluateNodeProperty(n.clientSecret, n.clientSecretType, node),
|
|
66
89
|
});
|
|
67
90
|
|
|
68
|
-
node.log('after client');
|
|
69
|
-
|
|
70
91
|
const tokenSet = await client.grant({
|
|
71
92
|
grant_type: 'client_credentials',
|
|
72
93
|
scope: 'engine_etw engine_read engine_write',
|
|
73
94
|
});
|
|
74
95
|
|
|
75
|
-
node.log('after grant');
|
|
76
|
-
|
|
77
96
|
const accessToken = tokenSet.access_token;
|
|
78
97
|
const decodedToken = jwt.jwtDecode(accessToken);
|
|
79
98
|
|
|
@@ -82,9 +101,7 @@ module.exports = function (RED) {
|
|
|
82
101
|
userId: decodedToken.sub,
|
|
83
102
|
};
|
|
84
103
|
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
configNode.setIdentity(freshIdentity);
|
|
104
|
+
node.setIdentity(freshIdentity);
|
|
88
105
|
|
|
89
106
|
return freshIdentity;
|
|
90
107
|
} catch (e) {
|
|
@@ -96,34 +113,11 @@ module.exports = function (RED) {
|
|
|
96
113
|
|
|
97
114
|
node.on('close', async () => {
|
|
98
115
|
if (this.engineClient) {
|
|
116
|
+
stopRefreshing();
|
|
99
117
|
this.engineClient.dispose();
|
|
100
118
|
this.engineClient = null;
|
|
101
119
|
}
|
|
102
120
|
});
|
|
103
|
-
|
|
104
|
-
if (this.credentials.clientId && this.credentials.clientSecret) {
|
|
105
|
-
this.engineClient = new engine_client.EngineClient(this.url, () => getFreshIdentity(this.url));
|
|
106
|
-
|
|
107
|
-
// this.engineClient.applicationInfo
|
|
108
|
-
// .getAuthorityAddress()
|
|
109
|
-
// .then((authorityUrl) => {
|
|
110
|
-
// startRefreshingIdentityCycle(
|
|
111
|
-
// this.credentials.clientId,
|
|
112
|
-
// this.credentials.clientSecret,
|
|
113
|
-
// authorityUrl,
|
|
114
|
-
// node
|
|
115
|
-
// ).catch((reason) => {
|
|
116
|
-
// console.error(reason);
|
|
117
|
-
// node.error(reason);
|
|
118
|
-
// });
|
|
119
|
-
// })
|
|
120
|
-
// .catch((reason) => {
|
|
121
|
-
// console.error(reason);
|
|
122
|
-
// node.error(reason);
|
|
123
|
-
// });
|
|
124
|
-
} else {
|
|
125
|
-
this.engineClient = new engine_client.EngineClient(this.url);
|
|
126
|
-
}
|
|
127
121
|
}
|
|
128
122
|
RED.nodes.registerType('processcube-engine-config', ProcessCubeEngineNode, {
|
|
129
123
|
credentials: {
|
|
@@ -132,85 +126,3 @@ module.exports = function (RED) {
|
|
|
132
126
|
},
|
|
133
127
|
});
|
|
134
128
|
};
|
|
135
|
-
|
|
136
|
-
// async function getFreshTokenSet(clientId, clientSecret, authorityUrl) {
|
|
137
|
-
// const issuer = await oidc.Issuer.discover(authorityUrl);
|
|
138
|
-
|
|
139
|
-
// const client = new issuer.Client({
|
|
140
|
-
// client_id: clientId,
|
|
141
|
-
// client_secret: clientSecret,
|
|
142
|
-
// });
|
|
143
|
-
|
|
144
|
-
// const tokenSet = await client.grant({
|
|
145
|
-
// grant_type: 'client_credentials',
|
|
146
|
-
// scope: 'engine_etw engine_read engine_write',
|
|
147
|
-
// });
|
|
148
|
-
|
|
149
|
-
// return tokenSet;
|
|
150
|
-
// }
|
|
151
|
-
|
|
152
|
-
// function getIdentityForExternalTaskWorkers(tokenSet) {
|
|
153
|
-
// const accessToken = tokenSet.access_token;
|
|
154
|
-
// const decodedToken = jwt.jwtDecode(accessToken);
|
|
155
|
-
|
|
156
|
-
// return {
|
|
157
|
-
// token: tokenSet.access_token,
|
|
158
|
-
// userId: decodedToken.sub,
|
|
159
|
-
// };
|
|
160
|
-
// }
|
|
161
|
-
|
|
162
|
-
// async function getExpiresInForExternalTaskWorkers(tokenSet) {
|
|
163
|
-
// let expiresIn = tokenSet.expires_in;
|
|
164
|
-
|
|
165
|
-
// if (!expiresIn && tokenSet.expires_at) {
|
|
166
|
-
// expiresIn = Math.floor(tokenSet.expires_at - Date.now() / 1000);
|
|
167
|
-
// }
|
|
168
|
-
|
|
169
|
-
// if (expiresIn === undefined) {
|
|
170
|
-
// throw new Error('Could not determine the time until the access token for external task workers expires');
|
|
171
|
-
// }
|
|
172
|
-
|
|
173
|
-
// return expiresIn;
|
|
174
|
-
// }
|
|
175
|
-
|
|
176
|
-
// /**
|
|
177
|
-
// * Start refreshing the identity in regular intervals.
|
|
178
|
-
// * @param {TokenSet | null} tokenSet The token set to refresh the identity for
|
|
179
|
-
// * @returns {Promise<void>} A promise that resolves when the timer for refreshing the identity is initialized
|
|
180
|
-
// * */
|
|
181
|
-
// async function startRefreshingIdentityCycle(clientId, clientSecret, authorityUrl, configNode) {
|
|
182
|
-
// let retries = 5;
|
|
183
|
-
|
|
184
|
-
// const refresh = async () => {
|
|
185
|
-
// try {
|
|
186
|
-
// const newTokenSet = await getFreshTokenSet(clientId, clientSecret, authorityUrl);
|
|
187
|
-
// const expiresIn = await getExpiresInForExternalTaskWorkers(newTokenSet);
|
|
188
|
-
// const delay = expiresIn * DELAY_FACTOR * 1000;
|
|
189
|
-
|
|
190
|
-
// freshIdentity = getIdentityForExternalTaskWorkers(newTokenSet);
|
|
191
|
-
|
|
192
|
-
// configNode.setIdentity(freshIdentity);
|
|
193
|
-
|
|
194
|
-
// retries = 5;
|
|
195
|
-
// setTimeout(refresh, delay);
|
|
196
|
-
// } catch (error) {
|
|
197
|
-
// if (retries === 0) {
|
|
198
|
-
// console.error(
|
|
199
|
-
// 'Could not refresh identity for external task worker processes. Stopping all external task workers.',
|
|
200
|
-
// { error }
|
|
201
|
-
// );
|
|
202
|
-
// return;
|
|
203
|
-
// }
|
|
204
|
-
// console.error('Could not refresh identity for external task worker processes.', {
|
|
205
|
-
// error,
|
|
206
|
-
// retryCount: retries,
|
|
207
|
-
// });
|
|
208
|
-
// retries--;
|
|
209
|
-
|
|
210
|
-
// const delay = 2 * 1000;
|
|
211
|
-
// setTimeout(refresh, delay);
|
|
212
|
-
// }
|
|
213
|
-
// };
|
|
214
|
-
|
|
215
|
-
// await refresh();
|
|
216
|
-
// }
|