@sassoftware/viya-serverjs 0.6.1-2 → 0.6.1-3

package/src/iService.js

@@ -112,10 +112,10 @@ function iService (userRouteTable, useDefault, asset, allAppEnv, serverMode, use
 		let hapiServer = Hapi.server(sConfig);
 
 		/*
-		const cache = hapiServer.cache({ segment: 'sessions', expiresIn: 3 * 24 * 60 * 60 * 1000 });
+		const cache = hapiServer.cache({ segment: 'sid', expiresIn: 3 * 24 * 60 * 60 * 1000 });
 		hapiServer.app.cache = cache;
-		*/
-
+*/
+		
 		let nodeCacheOptions = {
 			stdTTL        : 24*60*60*1000, 
 			checkPeriod   : 3600,
@@ -125,6 +125,7 @@ function iService (userRouteTable, useDefault, asset, allAppEnv, serverMode, use
 		};
 		let storeCache = new NodeCache(nodeCacheOptions);
 		hapiServer.app.cache = storeCache;
+		
 
 		// common plugins
 		let visionOptions = {

package/src/plugins/SASauth.js

@@ -16,64 +16,69 @@
  *
  */
 
-
-let bell = require('@hapi/bell');
-let uuid = require('uuid');  
+let uuid = require('uuid');
 let debug = require('debug')('sasauth');
 
-exports.plugin = {
-    name    : 'SASauth',
-    version : '1.0.0',
-    register: iSASauth
-};
+async function SASauth(server, options) {
+  debug('in iSASauth');
+  debug('options', options);
 
-async function iSASauth (server, options) {
-    debug('in iSASauth');
-    debug('options', options);
-    let bellAuthOptions;
-    let provider;
-    // test for k8s deployment
-    let host = options.host + '/SASLogon';
-    
+  let provider;
+  // test for k8s deployment
+  let host = options.host + '/SASLogon';
+  if (options.ns != null) {
+    host = `https://sas-logon-app.${options.ns}.svc.cluster.local`;
+  } else if (options.nsHost != null) {
+    host = options.nsHost;
+  }
+  // ...
+  debug(host);
+  provider = {
+    name: 'sas',
+    protocol: 'oauth2',
+    useParamsAuth: false,
+    auth: host + '/oauth/authorize',
+    token: host + '/oauth/token',
 
-    if (options.ns != null) {
-        host = `https://sas-logon-app.${options.ns}.svc.cluster.local`;
-    } else if (options.nsHost != null) {
-        host = options.nsHost;
-    }
-    // ...
-    debug(host);
-    provider = {
-        name         : 'sas',
-        protocol     : 'oauth2',
-        useParamsAuth: false,
-        auth         : host + '/oauth/authorize',
-        token        : host + '/oauth/token',
+    profileMethod: 'get',
 
-        profileMethod: 'get',
-        
-        profile: async function (credentials, params, get) {  
-                     
-            server.log('SASAuth profile', credentials);
-            debug('credentials', credentials);
+    profile: async function (credentials, params, get) {
+      server.log('SASAuth profile', credentials);
+      debug('credentials', credentials);
+      debug('params', params);
+      credentials.profile = {
+        provider: 'sas',
+        id: 'sasuser',
+        displayName: 'SAS User',
+        email: 'sasuser@sas.com',
+        raw: {
+          id: 'sasuser',
+          displayName: 'SAS User',
+          emails: [
+            {
+              value: 'sasuser@sas.com'
+            }
+          ]
         }
-       
-        
-    };
-    
-    bellAuthOptions = {
-        provider    : provider,
-        password    : uuid.v4(),
-        clientId    : options.clientId,
-        clientSecret: options.clientSecret,
-        //   isSameSite  : options.isSameSite,
-        isSecure    : options.isSecure
-    };
-    // console.log('SASAuth options', bellAuthOptions);
-    debug('belloptions', bellAuthOptions);
-    server.log('SASAuth',bellAuthOptions);
-    await server.register(bell);
-    server.auth.strategy('sas', 'bell', bellAuthOptions);
-    
+      };
     }
-    
+
+
+  };
+
+  let bellAuthOptions = {
+    provider: provider,
+    password: uuid.v4(),
+    clientId: options.clientId,
+    clientSecret: options.clientSecret,
+    isSameSite  : options.isSameSite,
+    isSecure: options.isSecure
+  };
+
+  debug('belloptions', bellAuthOptions);
+
+  server.auth.strategy('sas', 'bell', bellAuthOptions);
+
+}
+
+export default SASauth;

package/src/plugins/appCookie.js

@@ -1,49 +1,35 @@
 
 let uuid = require('uuid');
-let debug = require('debug')('cookie');
+let debug = require('debug')('appcookie');
 
-module.exports = async function appCookie (server, options){
+async function appCookie(server, options) {
 
-    await server.register(require('@hapi/cookie'));
-    
-    debug('in appCookie');
-    debug(options.redirectTo);
-    let cookieOptions = {
-        cookie: {
-            name      : 'cookie',
-            password  : uuid.v4(),
-            isSecure  : options.isSecure,
-            isSameSite: options.isSameSite
-        },
-        redirectTo  : options.redirectTo,
-        appendNext  : {name: 'next'},
-        validate    : async (req, session) => {
-            debug('Cookie validateFunc', `path - ${req.path}`);
-            
-            if (session == null) {
-                console.log('session is null');
-                return {isValid: false};
-            }
-            let credentials = null;
-            let sid;
-            if (Array.isArray(session) === true && session.length > 0) {
-                sid = session[0].sid;
-            } else {
-                sid = session.sid;
-            }
-            if (sid != null) {
-                credentials = await req.server.app.cache.get(sid);
-             }
-             
-            if (credentials == null) {
-                return {isValid: false};
-            }
-            debug('Cookie validateFunc', sid);
-            return {isValid: true, credentials: credentials};
-        }
-    };
-    // console.log('cookie options', cookieOptions);
-    debug('Cookie Options',cookieOptions);
-    server.auth.strategy('session', 'cookie', cookieOptions);
+  debug('in appCookie');
+  debug(options.redirectTo);
+  let cookieOptions = {
+    cookie: {
+      name: 'session',
+      password: uuid.v4(),
+      isSecure: options.isSecure,
+      isSameSite: options.isSameSite
+    },
+    redirectTo: options.redirectTo,
+    appendNext: { name: 'next' },
+    validate: async (req, session) => {
+      debug('validating cookie session', session);
+      if (!session) {
+        return { isValid: false };
+      }
+      return {
+        isValid: true,
+        credentials: session      // becomes request.auth.credentials
+      };
+    }
+  };
+  debug('session cookie options', cookieOptions);
+
+  server.auth.strategy('session', 'cookie', cookieOptions);
+  server.auth.default('session');
 
 };
+export default appCookie;

package/src/plugins/setContext.js

@@ -16,20 +16,31 @@
  *
  */
 
-let debug = require('debug')('context');
-async function setContext (req,h){
-   let credentials = req.auth.credentials
-   debug(credentials);
-   let context = {
-        path   : req.path,
-        params : req.params,
-        query  : req.query,
+
+let debug = require('debug')('setcontext');
+async function setContext(req, h) {
+    let credentials = req.auth.credentials; 
+    let cachedCredentials = null;// use this once cookies are working properly
+    debug('Set Context Credentials', req.path, credentials);
+    try {
+        cachedCredentials = await req.server.app.cache.get('session');
+        debug('Cached Credentials', cachedCredentials);
+    } catch (e) {
+        debug('No cached credentials');
+    }
+
+    let fcredentials = credentials || cachedCredentials;
+  
+    let context = {
+        path: req.path,
+        params: req.params,
+        query: req.query,
         payload: req.payload,
-        queryOrig: (credentials != null) ? credentials.query : {},
-        token  : (credentials != null) ? `bearer ${credentials.token}` : null,
-        credentials: credentials,
-        host   : process.env.VIYA_SERVER
-        };
+        queryOrig: (fcredentials != null) ? fcredentials.query : {},
+        credentials: fcredentials,
+        credType: (credentials != null) ? 'auth' : 'cached',
+        host: process.env.VIYA_SERVER
+    };
     return context;
 }
 export default setContext;

package/src/{handlers → plugins}/setCookies.js

@@ -2,43 +2,52 @@
 * Copyright © 2019, SAS Institute Inc., Cary, NC, USA.  All Rights Reserved.
 * SPDX-License-Identifier: Apache-2.0
 */
-let uuid      = require('uuid');
+let uuid = require('uuid');
 let debug = require('debug')('setcookies');
 
-async function setCookies (req, h, options) {
+async function setCookies(req, h, options) {
     let credentials = req.auth.credentials;
-    
-    debug('setcookie', credentials);
- 
+
+    // protect against failed logon
     if (credentials != null && req.auth.error != null) {
         debug('setcookie credentials', credentials);
         debug('setcookie error', req.auth.error);
         debug('logon failed');
         return { status: false, error: req.auth.error };
     }
-        
-    // create a cookie(sid) and save credentials in cache
+
+    debug('credentials in setcookie', credentials);
+
+  // use cookieAuth to set cookies
+
+    let cookieInfo = {
+        name: 'session',
+        accessToken: credentials.token,
+        refreshToken: credentials.refreshToken,
+        expiresIn: credentials.expiresIn,
+        provider: credentials.provider,
+    }
+    debug('------------set cookie-------------\n', cookieInfo);
+    console.log('is it there', req.cookieAuth != null);   
+    await req.server.app.cache.set('session', cookieInfo,0);
+
+    req.cookieAuth.set(cookieInfo);
+
+    // set sid
+    
     const sid = uuid.v4();
     credentials.sid = sid;
     if (options != null) {
         options.allAppEnv.LOGONPAYLOAD.token = credentials.token;
         options.allAppEnv.LOGONPAYLOAD.tokenType = 'bearer';
-        options.userCache = {...credentials};
         debug(options.allAppEnv.LOGONPAYLOAD);
     }
-    debug('userCache', options.userCache);
-    
-    await req.server.app.cache.set(sid, credentials, 0);
-    // Can we get away without setting cookie for this session?
-    // Need to also modify keepAlive
-    if (process.env.COOKIES !== 'NO') {
-        debugger;
-        req.cookieAuth.set({ sid });
-    };
+
+
     debug('credentials query', credentials.query);
     let redirect = (credentials.query != null && credentials.query.next != null) ? credentials.query.next : null;
     debug('setcookie-redirect', redirect);
-    return { status: true, error: null , redirect: redirect};
+    return { status: true, error: null, redirect: redirect };
 }
 
 export default setCookies;
@@ -54,23 +63,23 @@ async function getCredentials (req) {
     };
 
     let payload = {
-		url   : `${process.env.VIYA_SERVER}/SASLogon/oauth/token`,
-		method: 'POST',
+        url   : `${process.env.VIYA_SERVER}/SASLogon/oauth/token`,
+        method: 'POST',
 
-		headers: {
-			// 'Authorization': 'Basic ' + Buffer.from(`${process.env.CLIENTID}:${process.env.CLIENTSECRET}`).toString('base64'),
-			'Accept'      : 'application/json',
-			'Content-Type': 'application/x-www-form-urlencoded'
-		},
+        headers: {
+            // 'Authorization': 'Basic ' + Buffer.from(`${process.env.CLIENTID}:${process.env.CLIENTSECRET}`).toString('base64'),
+            'Accept'      : 'application/json',
+            'Content-Type': 'application/x-www-form-urlencoded'
+        },
         data: qs.stringify({
             client_id    : `${process.env.CLIENTID}`,
             client_secret: `${process.env.CLIENTSECRET}`,
             redirect_uri : `${location}`,
 
-			'grant_type': 'authorization_code',
-			code        : req.query.code
-		})
-	};
+            'grant_type': 'authorization_code',
+            code        : req.query.code
+        })
+    };
     try {
         let r = await axios(payload);
         return r.data;

package/src/plugins/setDefaultRoutes.js

@@ -26,7 +26,6 @@ import {
   logout,
   logon,
   setupUserRoutes,
-  reactDev,
   proxyMapUri,
 } from "../handlers";
 let debug = require("debug")("routes");
@@ -34,27 +33,18 @@ import setContext from "./setContext.js";
 module.exports = function setDefaultRoutes(server, options) {
   debug("setDefaultRoutes");
   let appName = "/" + options.appName;
-  let authDefault = false;
-  let authLogon = false;
-  if (options.authFlow === "server") {
-    /*
-    authDefault =
-      options.serverMode === "app"
-        ? false
-        : {
-          strategies: ["token", "session"],
-          mode: "required",
-        };
-        */
-    authDefault = {
-      strategy: "session",
-      mode: "try",
-    };
-    authLogon = {
-      mode: "required",
-      strategy: "sas",
-    };
-  }
+
+  let authDefault = {
+    strategy: "session",
+    mode: "try",
+  };
+  let authLogon = {
+    strategy: "sas",
+    mode: "required"
+  };
+
+  console.log("Auth Flow", options.authFlow);
+
   let getAppb = getApp.bind(
     null,
     options // process.env.USETOKEN === "YES" ? options : null
@@ -96,7 +86,8 @@ module.exports = function setDefaultRoutes(server, options) {
       path: `${appName}`,
 
       options: {
-        auth: (process.env.USELOGON === 'YES') ? null : options.serverMode === "app" ? authLogon : authDefault,
+        // auth: (process.env.USELOGON === 'YES') ? null : options.serverMode === "app" ? authLogon : authDefault,
+        auth: authLogon,
         handler: getAppb,
       },
     },
@@ -130,15 +121,9 @@ module.exports = function setDefaultRoutes(server, options) {
       method: ["GET"],
       path: `${appName}/appenv`,
       options: {
-        auth: /*authDefault*/ false,
-        handler: async (req, h) => {
+        auth: authDefault,
+        handler: async (req, h) => { 
           let allAppEnv = options.allAppEnv;
-          if (options.userInfo != null) {
-            let uappenv = options.userInfo("APPENV", options);
-            if (uappenv != null) {
-              allAppEnv.APPENV = { ...allAppEnv.APPENV, ...uappenv };
-            }
-          }
           allAppEnv.credentials = options.credentials;
 
           let s =
@@ -156,15 +141,9 @@ module.exports = function setDefaultRoutes(server, options) {
       method: ["GET"],
       path: `/appenv`,
       options: {
-        auth: /*authDefault*/ false,
+        auth: authDefault,
         handler: async (req, h) => {
           let allAppEnv = options.allAppEnv;
-          if (options.userInfo != null) {
-            let uappenv = options.userInfo("APPENV", options);
-            if (uappenv != null) {
-              allAppEnv.APPENV = { ...allAppEnv.APPENV, ...uappenv };
-            }
-          }
           allAppEnv.credentials = options.credentials;
 
           let s =
@@ -174,27 +153,15 @@ module.exports = function setDefaultRoutes(server, options) {
             debug(options.allAppEnv);
 
           }
-          debug(s)
+        
           return s;
         },
       },
     },
-    /*
-    {
-      method: ["GET"],
-      path: `${appName}/{param*}`,
-
-      options: {
-        auth: authDefault,
-        handler: getApp2,
-      },
-    },
-    */
 
     {
       method: ["GET"],
-      path: `/{param*}`,
-
+      path: `/assets/{param*}`,
       options: {
         auth: authDefault,
         handler: getApp2,
@@ -221,7 +188,9 @@ module.exports = function setDefaultRoutes(server, options) {
   let pr = {
     method: ["GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"],
     path: `${appName}/proxy/{param*}`,
+
     options: {
+      auth: authDefault,
       handler: {
         proxy: {
           mapUri: proxyMapUri,
@@ -234,11 +203,8 @@ module.exports = function setDefaultRoutes(server, options) {
   debug(pr);
   defaultTable.push(pr);
 
-  let routeTables = uTable !== null ? defaultTable.concat(uTable) : defaultTable;
+  let routeTables0= uTable !== null ? defaultTable.concat(uTable) : defaultTable;
+  let routeTables = setupUserRoutes(routeTables0, options);
 
-  routeTables.forEach((r) => {
-    r.options.pre = [{ method: setContext, assign: 'context' }];
-    console.log, ('Setting pre for route', r.path, r.options.pre);
-  });
   server.route(routeTables);
 };

package/src/plugins/setupAuth.js

@@ -16,11 +16,10 @@
  *
  */
 
-let SASauth          = require('./SASauth');
-let appCookie        = require('./appCookie');
-let token            = require('./token');
+import SASAuth from './SASauth.js';
+import appCookie from './appCookie.js';
 let setDefaultRoutes = require('./setDefaultRoutes');
-let log		 = require('debug')('auth');
+let debug	 = require('debug')('auth');
 
 
 /** Notes:
@@ -29,21 +28,14 @@ let log		 = require('debug')('auth');
  */
 async function setupAuth (server, options){
 	
-	if (options.authFlow === 'server') {
-		await server.register({plugin: SASauth,   options: options});
-		// await server.register({plugin: appCookie, options: options});
-		await appCookie(server,options);
-		/*
-		let def = 'session';
-		if (options.serverMode === 'api') {
-			await server.register({ plugin: token });
-			def = 'token';
-		}
-		log('***********************Default auth', def);
-		server.auth.default(def);
-		*/
-		// console.log(server.registerations);
-	}
+	// register cookie and bell
+	await server.register(require('@hapi/cookie'));
+	await server.register(require('@hapi/bell'));
+
+	await appCookie(server, options);
+	await SASAuth(server, options);
+
+	// setup default routes now that we have auth strategies
 	setDefaultRoutes(server, options);
 	return true;
 };

package/src/plugins/setupUserRoutes.js

@@ -40,7 +40,7 @@ function setupUserRoutes (u, options) {
         } else if (rx.options.auth === 'logon') {
             rx.options.auth = options.authLogon;
         } 
-       
+        console.log('route', rx.method, rx.path, rx.options.auth, rx.options.pre);
         return rx;
     });
     return routes;

package/src/readCerts.js

@@ -1,33 +1,33 @@
-/**
- * Copyright © 2025, SAS Institute Inc., Cary, NC, USA.  All Rights Reserved.
- * SPDX-License-Identifier: Apache-2.0
- */
-import fs from 'fs';
-function getCerts(tlsdir) {
-
-    if (tlsdir == null || tlsdir === 'NONE') {
-        return null;
-    }
-
-    console.log(`[Note] Reading certs from directory: ` + tlsdir);
-    if (fs.existsSync(tlsdir) === false) {
-        console.error("[Warning] Specified cert dir does not exist: " + tlsdir);
-        return null;
-    }
-
-    let listOfFiles = fs.readdirSync(tlsdir);
-    console.log("[Note] TLS/SSL files found: " + listOfFiles);
-    let options = {};
-    for(let i=0; i < listOfFiles.length; i++) {
-        let fname = listOfFiles[i];
-        let name = tlsdir + '/' + listOfFiles[i];
-        let key = fname.split('.')[0];
-        console.log('Reading TLS file: ' + name + ' as key: ' + key);
-        options[key] = fs.readFileSync(name, { encoding: 'utf8' });
-    }
-    console.log('cert files', Object.keys(options));
-    
-    return options;
-   
-}
+/**
+ * Copyright © 2025, SAS Institute Inc., Cary, NC, USA.  All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ */
+import fs from 'fs';
+function getCerts(tlsdir) {
+
+    if (tlsdir == null || tlsdir === 'NONE') {
+        return null;
+    }
+
+    console.log(`[Note] Reading certs from directory: ` + tlsdir);
+    if (fs.existsSync(tlsdir) === false) {
+        console.error("[Warning] Specified cert dir does not exist: " + tlsdir);
+        return null;
+    }
+
+    let listOfFiles = fs.readdirSync(tlsdir);
+    console.log("[Note] TLS/SSL files found: " + listOfFiles);
+    let options = {};
+    for(let i=0; i < listOfFiles.length; i++) {
+        let fname = listOfFiles[i];
+        let name = tlsdir + '/' + listOfFiles[i];
+        let key = fname.split('.')[0];
+        console.log('Reading TLS file: ' + name + ' as key: ' + key);
+        options[key] = fs.readFileSync(name, { encoding: 'utf8' });
+    }
+    console.log('cert files', Object.keys(options));
+    
+    return options;
+   
+}
 export default getCerts;