@telia-ace/alliance-portal 1.0.6-next.3 → 1.0.6-next.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/CHANGELOG.md +14 -0
  2. package/dist/config.js +2 -0
  3. package/dist/graphql/generated.js +2 -1
  4. package/dist/index.js +17 -5
  5. package/package.json +2 -2
package/CHANGELOG.md CHANGED
@@ -1,5 +1,19 @@
1
1
  # @telia-ace/alliance-portal
2
2
 
3
+ ## 1.0.6-next.5
4
+
5
+ ### Patch Changes
6
+
7
+ - f2aafe4: Store user session in Redis cache to avoid hitting cookie size limits (https://github.com/telia-company/ace-alliance-sdk/issues/377).
8
+ - Updated dependencies [f2aafe4]
9
+ - @telia-ace/alliance-internal-node-utilities@1.0.3-next.2
10
+
11
+ ## 1.0.6-next.4
12
+
13
+ ### Patch Changes
14
+
15
+ - f743a2b: Skip checking user claims for groups when `AUTH_SKIP_GROUP_CLAIM_CHECK` is set to `'true'`.
16
+
3
17
  ## 1.0.6-next.3
4
18
 
5
19
  ### Patch Changes
package/dist/config.js CHANGED
@@ -4,9 +4,11 @@ exports.ConfigKeys = void 0;
4
4
  var ConfigKeys;
5
5
  (function (ConfigKeys) {
6
6
  ConfigKeys["AuthScopes"] = "AUTH_SCOPES";
7
+ ConfigKeys["AuthAuthority"] = "AUTH_AUTHORITY";
7
8
  ConfigKeys["AuthClientSecret"] = "AUTH_CLIENT_SECRET";
8
9
  ConfigKeys["AuthClientId"] = "AUTH_CLIENT_ID";
9
10
  ConfigKeys["AuthResponseType"] = "AUTH_RESPONSE_TYPE";
11
+ ConfigKeys["AuthSkipGroupClaimCheck"] = "AUTH_SKIP_GROUP_CLAIM_CHECK";
10
12
  ConfigKeys["ServiceBaseUrl"] = "SERVICE_BASE_URL";
11
13
  ConfigKeys["WebprovisionsTag"] = "WEBPROVISIONS_TAG";
12
14
  ConfigKeys["WebprovisionsDistributionUrl"] = "WEBPROVISIONS_DISTRIBUTION_URL";
package/dist/graphql/generated.js CHANGED
@@ -1,5 +1,6 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
- exports.GetUserDocument = exports.GetOrCreateUserDocument = void 0;
3
+ exports.GetUserDocument = exports.SetUserTypeDocument = exports.GetOrCreateUserDocument = void 0;
4
4
  exports.GetOrCreateUserDocument = { "kind": "Document", "definitions": [{ "kind": "OperationDefinition", "operation": "mutation", "name": { "kind": "Name", "value": "GetOrCreateUser" }, "variableDefinitions": [{ "kind": "VariableDefinition", "variable": { "kind": "Variable", "name": { "kind": "Name", "value": "input" } }, "type": { "kind": "NonNullType", "type": { "kind": "NamedType", "name": { "kind": "Name", "value": "GetOrCreateUserInput" } } } }], "selectionSet": { "kind": "SelectionSet", "selections": [{ "kind": "Field", "name": { "kind": "Name", "value": "getOrCreateUser" }, "arguments": [{ "kind": "Argument", "name": { "kind": "Name", "value": "input" }, "value": { "kind": "Variable", "name": { "kind": "Name", "value": "input" } } }], "selectionSet": { "kind": "SelectionSet", "selections": [{ "kind": "Field", "name": { "kind": "Name", "value": "objectId" } }, { "kind": "Field", "name": { "kind": "Name", "value": "displayName" } }, { "kind": "Field", "name": { "kind": "Name", "value": "type" } }] } }] } }] };
5
+ exports.SetUserTypeDocument = { "kind": "Document", "definitions": [{ "kind": "OperationDefinition", "operation": "mutation", "name": { "kind": "Name", "value": "SetUserType" }, "variableDefinitions": [{ "kind": "VariableDefinition", "variable": { "kind": "Variable", "name": { "kind": "Name", "value": "input" } }, "type": { "kind": "NonNullType", "type": { "kind": "NamedType", "name": { "kind": "Name", "value": "SetUserTypeInput" } } } }], "selectionSet": { "kind": "SelectionSet", "selections": [{ "kind": "Field", "name": { "kind": "Name", "value": "setUserType" }, "arguments": [{ "kind": "Argument", "name": { "kind": "Name", "value": "input" }, "value": { "kind": "Variable", "name": { "kind": "Name", "value": "input" } } }] }] } }] };
5
6
  exports.GetUserDocument = { "kind": "Document", "definitions": [{ "kind": "OperationDefinition", "operation": "query", "name": { "kind": "Name", "value": "GetUser" }, "variableDefinitions": [{ "kind": "VariableDefinition", "variable": { "kind": "Variable", "name": { "kind": "Name", "value": "objectId" } }, "type": { "kind": "NonNullType", "type": { "kind": "NamedType", "name": { "kind": "Name", "value": "String" } } } }, { "kind": "VariableDefinition", "variable": { "kind": "Variable", "name": { "kind": "Name", "value": "workspaceSlug" } }, "type": { "kind": "NonNullType", "type": { "kind": "NamedType", "name": { "kind": "Name", "value": "String" } } } }], "selectionSet": { "kind": "SelectionSet", "selections": [{ "kind": "Field", "name": { "kind": "Name", "value": "user" }, "arguments": [{ "kind": "Argument", "name": { "kind": "Name", "value": "objectId" }, "value": { "kind": "Variable", "name": { "kind": "Name", "value": "objectId" } } }, { "kind": "Argument", "name": { "kind": "Name", "value": "workspaceSlug" }, "value": { "kind": "Variable", "name": { "kind": "Name", "value": "workspaceSlug" } } }], "selectionSet": { "kind": "SelectionSet", "selections": [{ "kind": "Field", "name": { "kind": "Name", "value": "id" } }] } }] } }] };
package/dist/index.js CHANGED
@@ -26,13 +26,13 @@ async function startPortal() {
26
26
  response_type: configService.getOrThrow(config_2.ConfigKeys.AuthResponseType),
27
27
  scope: configService.getOrThrow(config_2.ConfigKeys.AuthScopes),
28
28
  },
29
+ issuerBaseURL: `${configService.getOrThrow(config_2.ConfigKeys.AuthAuthority)}/.well-known/openid-configuration`,
29
30
  async afterCallback(_, __, session) {
30
31
  const claims = (0, jose_1.decodeJwt)(session.id_token);
31
32
  const user = {
32
33
  displayName: claims.name || 'Empty displayName',
33
34
  email: claims.email || claims.emails[0] || 'Empty email',
34
35
  objectId: claims.sub || claims.oid,
35
- type: hasEnterpriseAdminRole(claims) ? 'system-admin' : 'user',
36
36
  };
37
37
  logger.trace({
38
38
  msg: 'decoded JWT and mapped claims to user, getting or creating user in database',
@@ -47,10 +47,22 @@ async function startPortal() {
47
47
  logger.trace({ msg: 'added user to database, if it did not already exist' });
48
48
  }
49
49
  catch { }
50
- // FUTURE TODO: Implement some external storage for sessions, such as redis
51
- // Temporary - With this the stored session cookie gets too big
52
- // @ts-ignore
53
- delete session.access_token;
50
+ // For easier testing as system admin during development
51
+ const skipGroupClaimCheck = configService.get(config_2.ConfigKeys.AuthSkipGroupClaimCheck) ===
52
+ 'true';
53
+ if (!skipGroupClaimCheck) {
54
+ const type = hasEnterpriseAdminRole(claims) ? 'system-admin' : 'user';
55
+ logger.trace({ msg: 'updating user type according to user claims', type });
56
+ try {
57
+ await (0, graphql_request_1.request)(configService.getOrThrow(alliance_internal_node_utilities_1.SharedConfigKeys.DbEndpoint), graphql_1.SetUserTypeDocument, { input: { objectId: user.objectId, type } }, {
58
+ authorization: (0, alliance_internal_node_utilities_1.createSystemUserToken)(configService),
59
+ });
60
+ logger.trace({
61
+ msg: 'user type updated',
62
+ });
63
+ }
64
+ catch { }
65
+ }
54
66
  return session;
55
67
  },
56
68
  }));
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@telia-ace/alliance-portal",
3
- "version": "1.0.6-next.3",
3
+ "version": "1.0.6-next.5",
4
4
  "description": "ACE Alliance portal",
5
5
  "license": "SEE LICENSE IN LICENSE.txt",
6
6
  "author": "Telia Company AB",
@@ -19,7 +19,7 @@
19
19
  "@nestjs/config": "^3.0.0",
20
20
  "@nestjs/core": "^10.1.0",
21
21
  "@nestjs/platform-express": "^10.1.0",
22
- "@telia-ace/alliance-internal-node-utilities": "1.0.3-next.1",
22
+ "@telia-ace/alliance-internal-node-utilities": "1.0.3-next.2",
23
23
  "express-openid-connect": "^2.16.0",
24
24
  "graphql": "^16.7.1",
25
25
  "graphql-request": "^6.1.0",