@mindline/sync 1.0.55 → 1.0.57

package/index.d.ts

@@ -223,6 +223,7 @@ declare module "@mindline/sync" {
         pb_increment: number;
         pb_idle: number;
         pb_idleMax: number;
+        pb_total: number;
         pb_timer: NodeJS.Timer;
         milestoneArray: MilestoneArray;
         constructor(config: Config|null, syncPortalGlobalState: InitInfo|null, bClearLocalStorage: boolean);
@@ -263,7 +264,7 @@ declare module "@mindline/sync" {
     // Azure AD Graph API
     //
     export function groupsGet(instance: IPublicClientApplication, user: User | undefined, groupSearchString: string): Promise<{groups: Group[], error: string}>;
-    export function signIn(user: User, tasks: TaskArray): void;
+    export function signIn(user: User, tasks: TaskArray): boolean;
     export function signInIncrementally(user: User, scope: string): void;
     export function requestAdminConsent(user: User, scope: string): void;
     export function signOut(user: User): boolean;

package/index.ts

@@ -337,14 +337,11 @@ export class InitInfo {
                 } else {
                     // we should not have InitInfo missing Workspace components
                     debugger;
-                    return false;
                 }
             }
             // find matching Tenants to tag with this workspace
             for (let tenantID of workspace.associatedTenants) {
-                let tenant = this.ts.find(
-                    (currentTenant) => currentTenant.tid === tenantID
-                );
+                let tenant = this.ts.find((currentTenant) => currentTenant.tid === tenantID);
                 if (tenant !== undefined) {
                     // we found the tenant
                     tenant[FILTER_FIELD] += workspace.id;
@@ -352,14 +349,11 @@ export class InitInfo {
                 } else {
                     // we should not have InitInfo missing Workspace components
                     debugger;
-                    return false;
                 }
             }
             // find matching Configs to tag with this workspace
             for (let configID of workspace.associatedConfigs) {
-                let config = this.cs.find(
-                    (currentConfig) => currentConfig.id === configID
-                );
+                let config = this.cs.find((currentConfig) => currentConfig.id === configID);
                 if (config !== undefined) {
                     // we found the config
                     config[FILTER_FIELD] += workspace.id;
@@ -367,7 +361,6 @@ export class InitInfo {
                 } else {
                     // we should not have InitInfo missing Workspace components
                     debugger;
-                    return false;
                 }
             }
         }
@@ -781,6 +774,7 @@ export class BatchArray {
     pb_increment: number;
     pb_idle: number;
     pb_idleMax: number;
+    pb_total: number;
     pb_timer: NodeJS.Timer;
     milestoneArray: MilestoneArray;
     constructor(
@@ -796,6 +790,7 @@ export class BatchArray {
         this.pb_timer = null;
         this.pb_idle = 0;
         this.pb_idleMax = 0;
+        this.pb_total = 0;
         this.milestoneArray = new MilestoneArray(false);
     }
     // populate tenantNodes based on config tenants
@@ -885,7 +880,7 @@ export class BatchArray {
         this.pb_increment = .25;
         this.pb_idle = 0;
         this.pb_idleMax = 0;
-        setIdleText(`No updates seen for ${this.pb_idle} seconds. [max idle: ${this.pb_idleMax}/60]`);
+        this.pb_total = 0;
         this.pb_timer = setInterval(() => {
             // if signalR has finished the sync, stop the timer
             if (this.milestoneArray.milestones[0].Write != null) {
@@ -897,9 +892,10 @@ export class BatchArray {
             }
             else {
                 // if we've gone 60 seconds without a signalR message, finish the sync
+                this.pb_total = this.pb_total + 1;
                 this.pb_idle = this.pb_idle + 1;
                 this.pb_idleMax = Math.max(this.pb_idle, this.pb_idleMax);
-                setIdleText(`No updates seen for ${this.pb_idle} seconds. [max idle: ${this.pb_idleMax}/60]`);
+                setIdleText(`${this.pb_total} seconds elapsed. Last update ${this.pb_idle} seconds ago. [max idle: ${this.pb_idleMax}/60]`);
                 if (this.pb_idle >= 60) {
                     clearInterval(this.pb_timer);
                     this.pb_timer = null;
@@ -1226,22 +1222,38 @@ export async function groupsGet(instance: IPublicClientApplication, user: User |
         return { groups: [], error: `Exception: ${error}` };
     }
 }
-export async function signIn(user: User, tasks: TaskArray): void {
+export async function signIn(user: User, tasks: TaskArray): Promise<boolean> {
+    // admin authority is blank at signIn, lookup authority real-time
+    if (user.authority == "") {
+        // lookup authority for this user (the lookup call does it based on domain, but TID works as well to find authority)
+        let tenant: Tenant = new Tenant();
+        tenant.domain = user.tid;
+        let bResult: boolean = await tenantUnauthenticatedLookup(tenant, false);
+        if (bResult) {
+            // success, we now know cloud instance where this tenant is provisioned
+            user.authority = tenant.authority;
+        }
+        else {
+            // can't sign in without an authority
+            debugger;
+            return false;
+        }
+    }
     switch (user.authority) {
         case graphConfig.authorityWW:
-            // SignIn by an admin consents more permissions than Challenge which requires a consented app
+            // SignIn by an admin consents the app, Challenge adds incremental permissions dynamically, but requires a consented app
             let tenantURL: string = window.location.href;
             tenantURL += "MicrosoftIdentity/Account/SignIn";
             let url: URL = new URL(tenantURL);
             url.searchParams.append("redirectUri", window.location.origin);
             url.searchParams.append("domainHint", "organizations");
-            if (user.oid !== "1") {
+            if (user.oid !== "1") { // "1" means no mail has been set by admin initially in the app, oid and mail should be same if user has set and not yet signed in
                 url.searchParams.append("loginHint", user.mail);
             }
             tasks.setTaskStart("initialization", new Date());
             tasks.setTaskStart("authenticate user", new Date());
             window.location.assign(url.href);
-            break;
+            return true;
         case graphConfig.authorityUS:
             // retrieve controller protected by USGov authorization
             let usURL: string = window.location.href;
@@ -1255,13 +1267,15 @@ export async function signIn(user: User, tasks: TaskArray): void {
             tasks.setTaskStart("initialization", new Date());
             tasks.setTaskStart("authenticate user", new Date());
             window.location.assign(urlUS.href);
-            break;
+            return true;
         case graphConfig.authorityCN:
             // unsupported
             break;
         default:
+            // unknown authority
             debugger;
     }
+    return false;
 }
 export function signInIncrementally(user: User, scope: string): void {
     if (user.oid == "1") return;
@@ -1304,7 +1318,7 @@ export function requestAdminConsent(user: User, scope: string): void {
     window.location.assign(url.href);
 }
 export async function signOut(user: User): Promise<boolean>{
-    if (user.oid == "1") return;
+    if (user.oid == "1") return false;
     // set logout_hint in the .NET session for streamlined logout
     let userEndpoint: string = window.location.href;
     userEndpoint += "user";
@@ -1320,7 +1334,7 @@ export async function signOut(user: User): Promise<boolean>{
     }
     else {
         console.log(`Failed to set admin ${user.mail} logout_hint`);
-        return;
+        return false;
     }
     // start the logout process triggering callbacks during logout
     //      OnRedirectToIdentityProviderForSignOut - this is where we set the logout_hint for user we are trying to logout
@@ -1328,6 +1342,7 @@ export async function signOut(user: User): Promise<boolean>{
     let signoutURL: string = window.location.href;
     signoutURL += "MicrosoftIdentity/Account/SignOut";
     window.location.assign(signoutURL);
+    return true;
 }
 //tenantRelationshipsGetByDomain - query AAD for associated company name and id
 export async function tenantRelationshipsGetByDomain(loggedInUser: User, tenant: Tenant, instance: IPublicClientApplication, debug: boolean): Promise<boolean> {
@@ -1667,6 +1682,17 @@ function processReturnedAdmins(workspace: Workspace, ii: InitInfo, returnedAdmin
         user.name = item.firstName ?? user.name;
         user.mail = item.email;
         user.tid = item.tenantId;
+        // *try* to set authority from tenant returned in previous call processReturnedTenants (it may not be there)
+        // ASSUMPTION: user either comes from
+        //      1. .NET session, in which case user has an authority from the token
+        //      2. Config API, in which case either
+        //          a. associated tenant with authority exists for this user (i.e. workspace owner has called POST init/configuration and created Admin and Tenant at same time)
+        //          b. user has never logged in (i.e. workspace owner has invited an incomplete admin to the workspace and there is no corresponding tenant)
+        //              i. this means that we *may* not have an authority stored for this user
+        let tenant: Tenant | undefined = ii.ts.find((t) => (t.tid === user.tid));
+        if (tenant != undefined) {
+            user.authority = tenant.authority;
+        }
         // ensure this workspace tracks this user
         let idx = workspace.associatedUsers.findIndex((u) => u === user.oid);
         if (idx == -1) workspace.associatedUsers.push(user.oid);
@@ -1813,9 +1839,9 @@ async function workspaceInfoGet(instance: IPublicClientApplication, authorizedUs
                 if (!adminsResult.result) return adminsResult;
                 if (!tenantsResult.result) return tenantsResult;
                 if (!configsResult.result) return configsResult;
-                // process returned workspace components
-                processReturnedAdmins(workspace, ii, adminsResult.array!);
+                // process returned workspace components (tenants first as they have the authorities that admins depend on)
                 processReturnedTenants(workspace, ii, tenantsResult.array!);
+                processReturnedAdmins(workspace, ii, adminsResult.array!);
                 processReturnedConfigs(workspace, ii, configsResult.array!);
                 // tag components with workspaceIDs
                 ii.tagWithWorkspaces();

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@mindline/sync",
   "type": "module",
-  "version": "1.0.55",
+  "version": "1.0.57",
   "types": "index.d.ts",
   "exports": "./index.ts",
   "description": "sync is a node.js package encapsulating javscript classes required for configuring Mindline sync service.",

package/users.json

@@ -3,7 +3,7 @@
     "oid": "1",
     "name": "",
     "mail": "",
-    "authority": "",
+    "authority": "https://login.microsoftonline.com/",
     "tid": "",
     "companyName": "",
     "companyDomain": "",