@5minds/node-red-contrib-processcube 1.5.2-feature-bdcb95-m362ojnw → 1.5.2-feature-fcaf4b-m3hagv0j
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/processcube-engine-config.js +34 -122
package/package.json
CHANGED
|
@@ -2,19 +2,19 @@ const engine_client = require('@5minds/processcube_engine_client');
|
|
|
2
2
|
const jwt = require('jwt-decode');
|
|
3
3
|
const oidc = require('openid-client');
|
|
4
4
|
|
|
5
|
-
const DELAY_FACTOR = 0.85;
|
|
6
|
-
|
|
7
5
|
module.exports = function (RED) {
|
|
8
6
|
function ProcessCubeEngineNode(n) {
|
|
9
7
|
RED.nodes.createNode(this, n);
|
|
10
8
|
const node = this;
|
|
11
9
|
const identityChangedCallbacks = [];
|
|
12
|
-
this.url = RED.util.evaluateNodeProperty(n.url, n.urlType, node);
|
|
13
10
|
this.identity = null;
|
|
14
11
|
|
|
15
12
|
this.credentials.clientId = RED.util.evaluateNodeProperty(n.clientId, n.clientIdType, node);
|
|
16
13
|
this.credentials.clientSecret = RED.util.evaluateNodeProperty(n.clientSecret, n.clientSecretType, node);
|
|
17
14
|
|
|
15
|
+
// set the engine url
|
|
16
|
+
const stopRefreshing = periodicallyRefreshEngineClient(this, n, 10000);
|
|
17
|
+
|
|
18
18
|
this.registerOnIdentityChanged = function (callback) {
|
|
19
19
|
identityChangedCallbacks.push(callback);
|
|
20
20
|
};
|
|
@@ -36,7 +36,33 @@ module.exports = function (RED) {
|
|
|
36
36
|
}
|
|
37
37
|
};
|
|
38
38
|
|
|
39
|
-
|
|
39
|
+
function periodicallyRefreshEngineClient(node, n, intervalMs) {
|
|
40
|
+
function refreshUrl() {
|
|
41
|
+
const newUrl = RED.util.evaluateNodeProperty(n.url, n.urlType, node);
|
|
42
|
+
|
|
43
|
+
if (node.url == newUrl) {
|
|
44
|
+
return;
|
|
45
|
+
}
|
|
46
|
+
|
|
47
|
+
node.url = newUrl;
|
|
48
|
+
if (node.credentials.clientId && node.credentials.clientSecret) {
|
|
49
|
+
this.engineClient.dispose();
|
|
50
|
+
node.engineClient = new engine_client.EngineClient(node.url, () =>
|
|
51
|
+
getFreshIdentity(node.url, node)
|
|
52
|
+
);
|
|
53
|
+
} else {
|
|
54
|
+
this.engineClient.dispose();
|
|
55
|
+
node.engineClient = new engine_client.EngineClient(node.url);
|
|
56
|
+
}
|
|
57
|
+
}
|
|
58
|
+
|
|
59
|
+
refreshUrl();
|
|
60
|
+
const intervalId = setInterval(refreshUrl, intervalMs);
|
|
61
|
+
|
|
62
|
+
return () => clearInterval(intervalId);
|
|
63
|
+
}
|
|
64
|
+
|
|
65
|
+
async function getFreshIdentity(url, node) {
|
|
40
66
|
try {
|
|
41
67
|
if (
|
|
42
68
|
!RED.util.evaluateNodeProperty(n.clientId, n.clientIdType, node) ||
|
|
@@ -45,9 +71,6 @@ module.exports = function (RED) {
|
|
|
45
71
|
return null;
|
|
46
72
|
}
|
|
47
73
|
|
|
48
|
-
node.log(RED.util.evaluateNodeProperty(n.clientId, n.clientIdType, node));
|
|
49
|
-
node.log(RED.util.evaluateNodeProperty(n.clientSecret, n.clientSecretType, node));
|
|
50
|
-
|
|
51
74
|
const res = await fetch(url + '/atlas_engine/api/v1/authority', {
|
|
52
75
|
method: 'GET',
|
|
53
76
|
headers: {
|
|
@@ -56,24 +79,20 @@ module.exports = function (RED) {
|
|
|
56
79
|
},
|
|
57
80
|
});
|
|
58
81
|
|
|
59
|
-
const
|
|
82
|
+
const body = await res.json();
|
|
60
83
|
|
|
61
|
-
|
|
84
|
+
const issuer = await oidc.Issuer.discover(body);
|
|
62
85
|
|
|
63
86
|
const client = new issuer.Client({
|
|
64
87
|
client_id: RED.util.evaluateNodeProperty(n.clientId, n.clientIdType, node),
|
|
65
88
|
client_secret: RED.util.evaluateNodeProperty(n.clientSecret, n.clientSecretType, node),
|
|
66
89
|
});
|
|
67
90
|
|
|
68
|
-
node.log('after client');
|
|
69
|
-
|
|
70
91
|
const tokenSet = await client.grant({
|
|
71
92
|
grant_type: 'client_credentials',
|
|
72
93
|
scope: 'engine_etw engine_read engine_write',
|
|
73
94
|
});
|
|
74
95
|
|
|
75
|
-
node.log('after grant');
|
|
76
|
-
|
|
77
96
|
const accessToken = tokenSet.access_token;
|
|
78
97
|
const decodedToken = jwt.jwtDecode(accessToken);
|
|
79
98
|
|
|
@@ -82,9 +101,7 @@ module.exports = function (RED) {
|
|
|
82
101
|
userId: decodedToken.sub,
|
|
83
102
|
};
|
|
84
103
|
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
configNode.setIdentity(freshIdentity);
|
|
104
|
+
node.setIdentity(freshIdentity);
|
|
88
105
|
|
|
89
106
|
return freshIdentity;
|
|
90
107
|
} catch (e) {
|
|
@@ -96,34 +113,11 @@ module.exports = function (RED) {
|
|
|
96
113
|
|
|
97
114
|
node.on('close', async () => {
|
|
98
115
|
if (this.engineClient) {
|
|
116
|
+
stopRefreshing();
|
|
99
117
|
this.engineClient.dispose();
|
|
100
118
|
this.engineClient = null;
|
|
101
119
|
}
|
|
102
120
|
});
|
|
103
|
-
|
|
104
|
-
if (this.credentials.clientId && this.credentials.clientSecret) {
|
|
105
|
-
this.engineClient = new engine_client.EngineClient(this.url, () => getFreshIdentity(this.url));
|
|
106
|
-
|
|
107
|
-
// this.engineClient.applicationInfo
|
|
108
|
-
// .getAuthorityAddress()
|
|
109
|
-
// .then((authorityUrl) => {
|
|
110
|
-
// startRefreshingIdentityCycle(
|
|
111
|
-
// this.credentials.clientId,
|
|
112
|
-
// this.credentials.clientSecret,
|
|
113
|
-
// authorityUrl,
|
|
114
|
-
// node
|
|
115
|
-
// ).catch((reason) => {
|
|
116
|
-
// console.error(reason);
|
|
117
|
-
// node.error(reason);
|
|
118
|
-
// });
|
|
119
|
-
// })
|
|
120
|
-
// .catch((reason) => {
|
|
121
|
-
// console.error(reason);
|
|
122
|
-
// node.error(reason);
|
|
123
|
-
// });
|
|
124
|
-
} else {
|
|
125
|
-
this.engineClient = new engine_client.EngineClient(this.url);
|
|
126
|
-
}
|
|
127
121
|
}
|
|
128
122
|
RED.nodes.registerType('processcube-engine-config', ProcessCubeEngineNode, {
|
|
129
123
|
credentials: {
|
|
@@ -132,85 +126,3 @@ module.exports = function (RED) {
|
|
|
132
126
|
},
|
|
133
127
|
});
|
|
134
128
|
};
|
|
135
|
-
|
|
136
|
-
// async function getFreshTokenSet(clientId, clientSecret, authorityUrl) {
|
|
137
|
-
// const issuer = await oidc.Issuer.discover(authorityUrl);
|
|
138
|
-
|
|
139
|
-
// const client = new issuer.Client({
|
|
140
|
-
// client_id: clientId,
|
|
141
|
-
// client_secret: clientSecret,
|
|
142
|
-
// });
|
|
143
|
-
|
|
144
|
-
// const tokenSet = await client.grant({
|
|
145
|
-
// grant_type: 'client_credentials',
|
|
146
|
-
// scope: 'engine_etw engine_read engine_write',
|
|
147
|
-
// });
|
|
148
|
-
|
|
149
|
-
// return tokenSet;
|
|
150
|
-
// }
|
|
151
|
-
|
|
152
|
-
// function getIdentityForExternalTaskWorkers(tokenSet) {
|
|
153
|
-
// const accessToken = tokenSet.access_token;
|
|
154
|
-
// const decodedToken = jwt.jwtDecode(accessToken);
|
|
155
|
-
|
|
156
|
-
// return {
|
|
157
|
-
// token: tokenSet.access_token,
|
|
158
|
-
// userId: decodedToken.sub,
|
|
159
|
-
// };
|
|
160
|
-
// }
|
|
161
|
-
|
|
162
|
-
// async function getExpiresInForExternalTaskWorkers(tokenSet) {
|
|
163
|
-
// let expiresIn = tokenSet.expires_in;
|
|
164
|
-
|
|
165
|
-
// if (!expiresIn && tokenSet.expires_at) {
|
|
166
|
-
// expiresIn = Math.floor(tokenSet.expires_at - Date.now() / 1000);
|
|
167
|
-
// }
|
|
168
|
-
|
|
169
|
-
// if (expiresIn === undefined) {
|
|
170
|
-
// throw new Error('Could not determine the time until the access token for external task workers expires');
|
|
171
|
-
// }
|
|
172
|
-
|
|
173
|
-
// return expiresIn;
|
|
174
|
-
// }
|
|
175
|
-
|
|
176
|
-
// /**
|
|
177
|
-
// * Start refreshing the identity in regular intervals.
|
|
178
|
-
// * @param {TokenSet | null} tokenSet The token set to refresh the identity for
|
|
179
|
-
// * @returns {Promise<void>} A promise that resolves when the timer for refreshing the identity is initialized
|
|
180
|
-
// * */
|
|
181
|
-
// async function startRefreshingIdentityCycle(clientId, clientSecret, authorityUrl, configNode) {
|
|
182
|
-
// let retries = 5;
|
|
183
|
-
|
|
184
|
-
// const refresh = async () => {
|
|
185
|
-
// try {
|
|
186
|
-
// const newTokenSet = await getFreshTokenSet(clientId, clientSecret, authorityUrl);
|
|
187
|
-
// const expiresIn = await getExpiresInForExternalTaskWorkers(newTokenSet);
|
|
188
|
-
// const delay = expiresIn * DELAY_FACTOR * 1000;
|
|
189
|
-
|
|
190
|
-
// freshIdentity = getIdentityForExternalTaskWorkers(newTokenSet);
|
|
191
|
-
|
|
192
|
-
// configNode.setIdentity(freshIdentity);
|
|
193
|
-
|
|
194
|
-
// retries = 5;
|
|
195
|
-
// setTimeout(refresh, delay);
|
|
196
|
-
// } catch (error) {
|
|
197
|
-
// if (retries === 0) {
|
|
198
|
-
// console.error(
|
|
199
|
-
// 'Could not refresh identity for external task worker processes. Stopping all external task workers.',
|
|
200
|
-
// { error }
|
|
201
|
-
// );
|
|
202
|
-
// return;
|
|
203
|
-
// }
|
|
204
|
-
// console.error('Could not refresh identity for external task worker processes.', {
|
|
205
|
-
// error,
|
|
206
|
-
// retryCount: retries,
|
|
207
|
-
// });
|
|
208
|
-
// retries--;
|
|
209
|
-
|
|
210
|
-
// const delay = 2 * 1000;
|
|
211
|
-
// setTimeout(refresh, delay);
|
|
212
|
-
// }
|
|
213
|
-
// };
|
|
214
|
-
|
|
215
|
-
// await refresh();
|
|
216
|
-
// }
|