Commit 0ec57177 authored by Sébastien DA ROCHA's avatar Sébastien DA ROCHA
Browse files

Merge branch 'development' into 'master'

OIDC + màj NodeJS

See merge request !18
parents 8c1d6d6d b1ab9d2d
Pipeline #30287 passed with stage
in 1 minute and 10 seconds
module.exports = {
root: true,
parser: '@typescript-eslint/parser',
plugins: [
'@typescript-eslint',
],
extends: [
'eslint:recommended',
'plugin:@typescript-eslint/recommended',
],
};
......@@ -6,4 +6,6 @@ node_modules
/dist
.vscode
\ No newline at end of file
.vscode
*.sw[op]
FROM node:12.13-slim
FROM node:14-slim
# Create app directory
WORKDIR /app
......
[[source]]
name = "pypi"
url = "https://pypi.org/simple"
verify_ssl = true
[dev-packages]
[packages]
pyjwt = {extras = ["crypto"], version = "*"}
pytest = "*"
requests = "*"
python-decouple = "*"
redis = "*"
[requires]
python_version = "3.7"
{
"_meta": {
"hash": {
"sha256": "6c97d8906b08922c556655e546bd5c48ecab2dc0c9ff56700f39cbfa3709e577"
},
"pipfile-spec": 6,
"requires": {
"python_version": "3.7"
},
"sources": [
{
"name": "pypi",
"url": "https://pypi.org/simple",
"verify_ssl": true
}
]
},
"default": {
"attrs": {
"hashes": [
"sha256:149e90d6d8ac20db7a955ad60cf0e6881a3f20d37096140088356da6c716b0b1",
"sha256:ef6aaac3ca6cd92904cdd0d83f629a15f18053ec84e6432106f7a4d04ae4f5fb"
],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'",
"version": "==21.2.0"
},
"certifi": {
"hashes": [
"sha256:1a4995114262bffbc2413b159f2a1a480c969de6e6eb13ee966d470af86af59c",
"sha256:719a74fb9e33b9bd44cc7f3a8d94bc35e4049deebe19ba7d8e108280cfd59830"
],
"version": "==2020.12.5"
},
"cffi": {
"hashes": [
"sha256:fd78e5fee591709f32ef6edb9a015b4aa1a5022598e36227500c8f4e02328d9c",
"sha256:3c3f39fa737542161d8b0d680df2ec249334cd70a8f420f71c9304bd83c3cbed",
"sha256:72d8d3ef52c208ee1c7b2e341f7d71c6fd3157138abf1a95166e6165dd5d4369",
"sha256:8ae6299f6c68de06f136f1f9e69458eae58f1dacf10af5c17353eae03aa0d827",
"sha256:cd2868886d547469123fadc46eac7ea5253ea7fcb139f12e1dfc2bbd406427d1",
"sha256:bb89f306e5da99f4d922728ddcd6f7fcebb3241fc40edebcb7284d7514741991",
"sha256:58e3f59d583d413809d60779492342801d6e82fefb89c86a38e040c16883be53",
"sha256:06db6321b7a68b2bd6df96d08a5adadc1fa0e8f419226e25b2a5fbf6ccc7350f",
"sha256:f2d45f97ab6bb54753eab54fffe75aaf3de4ff2341c9daee1987ee1837636f1d",
"sha256:06d7cd1abac2ffd92e65c0609661866709b4b2d82dd15f611e602b9b188b0b69",
"sha256:48e1c69bbacfc3d932221851b39d49e81567a4d4aac3b21258d9c24578280058",
"sha256:6e4714cc64f474e4d6e37cfff31a814b509a35cb17de4fb1999907575684479c",
"sha256:6c97d7350133666fbb5cf4abdc1178c812cb205dc6f41d174a7b0f18fb93337e",
"sha256:a465da611f6fa124963b91bf432d960a555563efe4ed1cc403ba5077b15370aa",
"sha256:29314480e958fd8aab22e4a58b355b629c59bf5f2ac2492b61e3dc06d8c7a315",
"sha256:b85eb46a81787c50650f2392b9b4ef23e1f126313b9e0e9013b35c15e4288e2e",
"sha256:0f861a89e0043afec2a51fd177a567005847973be86f709bbb044d7f42fc4e05",
"sha256:04c468b622ed31d408fea2346bec5bbffba2cc44226302a0de1ade9f5ea3d373",
"sha256:005a36f41773e148deac64b08f233873a4d0c18b053d37da83f6af4d9087b813",
"sha256:1071534bbbf8cbb31b498d5d9db0f274f2f7a865adca4ae429e147ba40f73dea",
"sha256:d42b11d692e11b6634f7613ad8df5d6d5f8875f5d48939520d351007b3c13406",
"sha256:51182f8927c5af975fece87b1b369f722c570fe169f9880764b1ee3bca8347b5",
"sha256:cc5a8e069b9ebfa22e26d0e6b97d6f9781302fe7f4f2b8776c3e1daea35f1adc",
"sha256:8b198cec6c72df5289c05b05b8b0969819783f9418e0409865dac47288d2a053",
"sha256:2894f2df484ff56d717bead0a5c2abb6b9d2bf26d6960c4604d5c48bbc30ee73",
"sha256:9ff227395193126d82e60319a673a037d5de84633f11279e336f9c0f189ecc62",
"sha256:293e7ea41280cb28c6fcaaa0b1aa1f533b8ce060b9e701d78511e1e6c4a1de76",
"sha256:34eff4b97f3d982fb93e2831e6750127d1355a923ebaeeb565407b3d2f8d41a1",
"sha256:1bf1ac1984eaa7675ca8d5745a8cb87ef7abecb5592178406e55858d411eadc0",
"sha256:24a570cd11895b60829e941f2613a4f79df1a27344cbbb82164ef2e0116f09c7",
"sha256:43e0b9d9e2c9e5d152946b9c5fe062c151614b262fda2e7b201204de0b99e482",
"sha256:9e93e79c2551ff263400e1e4be085a1210e12073a31c2011dbbda14bda0c6132",
"sha256:3d3dd4c9e559eb172ecf00a2a7517e97d1e96de2a5e610bd9b68cea3925b4892",
"sha256:cbde590d4faaa07c72bf979734738f328d239913ba3e043b1e98fe9a39f8b2b6",
"sha256:9cf8022fb8d07a97c178b02327b284521c7708d7c71a9c9c355c178ac4bbd3d4",
"sha256:158d0d15119b4b7ff6b926536763dc0714313aa59e320ddf787502c70c4d4bee",
"sha256:65fa59693c62cf06e45ddbb822165394a288edce9e276647f0046e1ec26920f3",
"sha256:69e395c24fc60aad6bb4fa7e583698ea6cc684648e1ffb7fe85e3c1ca131a7d5",
"sha256:ad17025d226ee5beec591b52800c11680fca3df50b8b29fe51d882576e039ee0",
"sha256:35f27e6eb43380fa080dccf676dece30bef72e4a67617ffda586641cd4508d49",
"sha256:9de2e279153a443c656f2defd67769e6d1e4163952b3c622dcea5b08a6405322",
"sha256:df5052c5d867c1ea0b311fb7c3cd28b19df469c056f7fdcfe88c7473aa63e333",
"sha256:afb29c1ba2e5a3736f1c301d9d0abe3ec8b86957d04ddfa9d7a6a42b9367e396",
"sha256:681d07b0d1e3c462dd15585ef5e33cb021321588bebd910124ef4f4fb71aef55",
"sha256:5de7970188bb46b7bf9858eb6890aad302577a5f6f75091fd7cdd3ef13ef3045",
"sha256:24ec4ff2c5c0c8f9c6b87d5bb53555bf267e1e6f70e52e5a9740d32861d36b6f",
"sha256:99cd03ae7988a93dd00bcd9d0b75e1f6c426063d6f03d2f90b89e29b25b82dfa",
"sha256:0857f0ae312d855239a55c81ef453ee8fd24136eaba8e87a2eceba644c0d4c06",
"sha256:1f436816fc868b098b0d63b8920de7d208c90a67212546d02f84fe78a9c26396"
],
"version": "==1.14.5"
},
"chardet": {
"hashes": [
"sha256:0d6f53a15db4120f2b08c94f11e7d93d2c911ee118b6b30a04ec3ee8310179fa",
"sha256:f864054d66fd9118f2e67044ac8981a54775ec5b67aed0441892edb553d21da5"
],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4'",
"version": "==4.0.0"
},
"cryptography": {
"hashes": [
"sha256:0f1212a66329c80d68aeeb39b8a16d54ef57071bf22ff4e521657b27372e327d",
"sha256:1e056c28420c072c5e3cb36e2b23ee55e260cb04eee08f702e0edfec3fb51959",
"sha256:240f5c21aef0b73f40bb9f78d2caff73186700bf1bc6b94285699aff98cc16c6",
"sha256:26965837447f9c82f1855e0bc8bc4fb910240b6e0d16a664bb722df3b5b06873",
"sha256:37340614f8a5d2fb9aeea67fd159bfe4f5f4ed535b1090ce8ec428b2f15a11f2",
"sha256:3d10de8116d25649631977cb37da6cbdd2d6fa0e0281d014a5b7d337255ca713",
"sha256:3d8427734c781ea5f1b41d6589c293089704d4759e34597dce91014ac125aad1",
"sha256:7ec5d3b029f5fa2b179325908b9cd93db28ab7b85bb6c1db56b10e0b54235177",
"sha256:8e56e16617872b0957d1c9742a3f94b43533447fd78321514abbe7db216aa250",
"sha256:de4e5f7f68220d92b7637fc99847475b59154b7a1b3868fb7385337af54ac9ca",
"sha256:eb8cc2afe8b05acbd84a43905832ec78e7b3873fb124ca190f574dca7389a87d",
"sha256:ee77aa129f481be46f8d92a1a7db57269a2f23052d5f2433b4621bb457081cc9"
],
"version": "==3.4.7"
},
"idna": {
"hashes": [
"sha256:b307872f855b18632ce0c21c5e45be78c0ea7ae4c15c828c20788b26921eb3f6",
"sha256:b97d804b1e9b523befed77c48dacec60e6dcb0b5391d57af6a65a312a90648c0"
],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
"version": "==2.10"
},
"importlib-metadata": {
"hashes": [
"sha256:057e92c15bc8d9e8109738a48db0ccb31b4d9d5cfbee5a8670879a30be66304b",
"sha256:b7e52a1f8dec14a75ea73e0891f3060099ca1d8e6a462a4dff11c3e119ea1b31"
],
"markers": "python_version < '3.8'",
"version": "==4.2.0"
},
"iniconfig": {
"hashes": [
"sha256:011e24c64b7f47f6ebd835bb12a743f2fbe9a26d4cecaa7f53bc4f35ee9da8b3",
"sha256:bc3af051d7d14b2ee5ef9969666def0cd1a000e121eaea580d4a313df4b37f32"
],
"version": "==1.1.1"
},
"packaging": {
"hashes": [
"sha256:5b327ac1320dc863dca72f4514ecc086f31186744b84a230374cc1fd776feae5",
"sha256:67714da7f7bc052e064859c05c595155bd1ee9f69f76557e21f051443c20947a"
],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
"version": "==20.9"
},
"pluggy": {
"hashes": [
"sha256:15b2acde666561e1298d71b523007ed7364de07029219b604cf808bfa1c765b0",
"sha256:966c145cd83c96502c3c3868f50408687b38434af77734af1e9ca461a4081d2d"
],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
"version": "==0.13.1"
},
"py": {
"hashes": [
"sha256:21b81bda15b66ef5e1a777a21c4dcd9c20ad3efd0b3f817e7a809035269e1bd3",
"sha256:3b80836aa6d1feeaa108e046da6423ab8f6ceda6468545ae8d02d9d58d18818a"
],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
"version": "==1.10.0"
},
"pycparser": {
"hashes": [
"sha256:2d475327684562c3a96cc71adf7dc8c4f0565175cf86b6d7a404ff4c771f15f0",
"sha256:7582ad22678f0fcd81102833f60ef8d0e57288b6b5fb00323d101be910e35705"
],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
"version": "==2.20"
},
"pyjwt": {
"extras": [
"crypto"
],
"hashes": [
"sha256:934d73fbba91b0483d3857d1aff50e96b2a892384ee2c17417ed3203f173fca1",
"sha256:fba44e7898bbca160a2b2b501f492824fc8382485d3a6f11ba5d0c1937ce6130"
],
"index": "pypi",
"version": "==2.1.0"
},
"pyparsing": {
"hashes": [
"sha256:c203ec8783bf771a155b207279b9bccb8dea02d8f0c9e5f8ead507bc3246ecc1",
"sha256:ef9d7589ef3c200abe66653d3f1ab1033c3c419ae9b9bdb1240a85b024efc88b"
],
"markers": "python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3'",
"version": "==2.4.7"
},
"pytest": {
"hashes": [
"sha256:50bcad0a0b9c5a72c8e4e7c9855a3ad496ca6a881a3641b4260605450772c54b",
"sha256:91ef2131a9bd6be8f76f1f08eac5c5317221d6ad1e143ae03894b862e8976890"
],
"index": "pypi",
"version": "==6.2.4"
},
"python-decouple": {
"hashes": [
"sha256:2e5adb0263a4f963b58d7407c4760a2465d464ee212d733e2a2c179e54c08d8f",
"sha256:a8268466e6389a639a20deab9d880faee186eb1eb6a05e54375bdf158d691981"
],
"index": "pypi",
"version": "==3.4"
},
"redis": {
"hashes": [
"sha256:0e7e0cfca8660dea8b7d5cd8c4f6c5e29e11f31158c0b0ae91a397f00e5a05a2",
"sha256:432b788c4530cfe16d8d943a09d40ca6c16149727e4afe8c2c9d5580c59d9f24"
],
"index": "pypi",
"version": "==3.5.3"
},
"requests": {
"hashes": [
"sha256:27973dd4a904a4f13b263a19c866c13b92a39ed1c964655f025f3f8d3d75b804",
"sha256:c210084e36a42ae6b9219e00e48287def368a26d03a048ddad7bfee44f75871e"
],
"index": "pypi",
"version": "==2.25.1"
},
"toml": {
"hashes": [
"sha256:806143ae5bfb6a3c6e736a764057db0e6a0e05e338b5630894a5f779cabb4f9b",
"sha256:b3bda1d108d5dd99f4a20d24d9c348e91c4db7ab1b749200bded2f839ccbe68f"
],
"markers": "python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3'",
"version": "==0.10.2"
},
"typing-extensions": {
"hashes": [
"sha256:0ac0f89795dd19de6b97debb0c6af1c70987fd80a2d62d1958f7e56fcc31b497",
"sha256:50b6f157849174217d0656f99dc82fe932884fb250826c18350e159ec6cdf342",
"sha256:779383f6086d90c99ae41cf0ff39aac8a7937a9283ce0a414e5dd782f4c94a84"
],
"markers": "python_version < '3.8'",
"version": "==3.10.0.0"
},
"urllib3": {
"hashes": [
"sha256:753a0374df26658f99d826cfe40394a686d05985786d946fbe4165b5148f5a7c",
"sha256:a7acd0977125325f516bda9735fa7142b909a8d01e8b2e4c8108d0984e6e0098"
],
"markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4' and python_version < '4'",
"version": "==1.26.5"
},
"zipp": {
"hashes": [
"sha256:3607921face881ba3e026887d8150cca609d517579abe052ac81fc5aeffdbd76",
"sha256:51cb66cc54621609dd593d1787f286ee42a5c0adbb4b29abea5a63edc3e03098"
],
"markers": "python_version >= '3.6'",
"version": "==3.4.1"
}
},
"develop": {}
}
This diff is collapsed.
......@@ -23,7 +23,7 @@
"@godaddy/terminus": "^4.1.2",
"@nestjs/common": "^5.1.0",
"@nestjs/core": "^5.1.0",
"@nestjs/swagger": "^3.0.2",
"@nestjs/swagger": "^3.1.0",
"@nestjs/terminus": "^5.6.0",
"class-transformer": "^0.2.0",
"class-validator": "^0.9.1",
......@@ -39,7 +39,7 @@
"request-promise-native": "^1.0.5",
"rxjs": "^6.2.2",
"serve-favicon": "^2.5.0",
"swagger-ui-express": "^4.0.2",
"swagger-ui-express": "^4.1.4",
"typescript": "^3.0.1",
"uuid": "^3.3.2"
},
......@@ -77,4 +77,4 @@
"coverageDirectory": "../coverage",
"testEnvironment": "node"
}
}
\ No newline at end of file
}
......@@ -22,6 +22,7 @@ export class AppModule {
.apply(VerifyXsrfTokenAndDecodeJWTPayloadMiddleware).forRoutes(
{ path: 'user', method: RequestMethod.GET },
{ path: 'user', method: RequestMethod.DELETE },
{ path: 'user/createOidcAccount', method: RequestMethod.POST },
{ path: 'user/resources', method: RequestMethod.GET },
{ path: 'user/resources/add', method: RequestMethod.POST },
{ path: 'user/resources/renew', method: RequestMethod.POST },
......
......@@ -9,6 +9,7 @@ export class ConfigService {
constructor() {
dotenv.config();
this._config.legacyAuthServiceUrl = process.env.LEGACY_AUTH_SERVICE_URL;
this._config.legacyAuthOidcUrl = process.env.LEGACY_AUTH_OIDC_URL;
this._config.adminPassword = process.env.ADMIN_PASSWORD;
this._config.adminUsername = process.env.ADMIN_USERNAME;
this._config.serviceEmailUrl = process.env.SERVICE_EMAIL_URL;
......@@ -44,7 +45,7 @@ export class ConfigService {
async initilizePublicPrivateKeys() {
try {
const redis = new Redis(this.config.redis.sentinelPort, this.config.redis.sentinelHost, this.config.redis.groupName);
const redis = new Redis(this.config.redis);
let keys: any = await redis.getValueByKey('encryptionKeys');
if (keys) {
......@@ -68,4 +69,4 @@ export class ConfigService {
throw new InternalServerErrorException('Failed to initialize Public/Private keys');
}
}
}
\ No newline at end of file
}
export interface RedisCfg{
sentinel:boolean, // config simple ou sentinel
sentinelPort: number,
sentinelHost: string,
groupName: string,
ttl:number
}
export const Config = {
legacyAuthServiceUrl: '',
legacyAuthOidcUrl: '',
adminUsername: '',
adminPassword: '',
serviceEmailUrl: '',
......@@ -14,11 +26,13 @@ export const Config = {
},
resetPasswordSessionTtl: 86400, // 24 hours
redis: {
sentinel:true, //false in dev with simple redis server
sentinelPort: null,
sentinelHost: '',
groupName: '',
ttl: 3600, // in seconds
},
imageHost: '',
apiKey: '',
accessTokenCookieKey: '',
};
\ No newline at end of file
};
import { InternalServerErrorException, Logger } from '@nestjs/common';
import { handleError } from '../legacy/errorHandlingHelper';
import * as IORedis from 'ioredis';
import { RedisCfg } from 'configuration/config';
export class Redis {
constructor(
private redisSentinelPort: number,
private redisSentinelHost: string,
private redisGroupName: string,
private redisConfig: RedisCfg
) { }
connect() {
Logger.log(`Entering function`, `Redis.connect`);
const client = new IORedis({
sentinels: [
{ host: this.redisSentinelHost, port: this.redisSentinelPort },
],
name: this.redisGroupName,
});
let cfg:any={
host: this.redisConfig.sentinelHost, port: this.redisConfig.sentinelPort ,
name: this.redisConfig.groupName,
};
if(this.redisConfig.sentinel){
cfg={
sentinels: [
{ host: this.redisConfig.sentinelHost, port: this.redisConfig.sentinelPort },
],
name: this.redisConfig.groupName,
};
}
const client = new IORedis(cfg);
client.on('error', (error) => {
Logger.error('Redis client error.', `${error}`, `Redis.connect`);
......
import {
Controller, Post, Body, HttpException, InternalServerErrorException,
HttpCode, Get, Req, Delete, Put, Query
HttpCode, Get, Req, Delete, Put, Query, Res, HttpStatus, Param,
} from '@nestjs/common';
import { LegacyService } from './legacy.service';
import { LegacyServiceOIDC } from './legacy.service.oidc';
import { ApiOperation, ApiResponse, ApiUseTags, ApiImplicitHeader, ApiImplicitBody } from '@nestjs/swagger';
import {
LoginForm, UserCreationForm, UserInfoWithEcryptedPassword, JWTToken, Service, Resource, RestrictedAccessDataset,
AccessRequest, UpdatePasswordForm, UserUpdateForm, UserInfo, AccessDeletionResponse,
AccessRequestResponse, AccessRenewalResponse, UserAccountValidationRequest, PasswordResetForm, PasswordForgottenForm
AccessRequestResponse, AccessRenewalResponse, UserAccountValidationRequest, PasswordResetForm, PasswordForgottenForm,
} from './legacy.model';
import { handleError } from './errorHandlingHelper';
import { TokenService } from './token.service';
@ApiUseTags('legacy')
@Controller()
......@@ -17,6 +19,8 @@ export class LegacyController {
constructor(
private legacyService: LegacyService,
private legacyServiceOidc: LegacyServiceOIDC,
private tokenService: TokenService,
) { }
@Get('user')
......@@ -78,6 +82,32 @@ export class LegacyController {
}
}
@Post('user/createOidcAccount')
@ApiImplicitHeader({
name: 'Cookie',
description: 'The JWT token containing user information',
})
@ApiImplicitHeader({
name: 'X-Xsrf-Token',
description: 'Cross Site reference token contained in the JWT token',
})
@ApiOperation({ title: 'Create the user specified in the OIDC JWT token if he doesn\'t exists. Return silently if the user exsist' })
@ApiResponse({ status: 200, description: 'User created' })
@ApiResponse({ status: 400, description: 'Bad Request (Invalid token, Missing token )' })
@ApiResponse({ status: 500, description: 'Internal error' })
@HttpCode(201)
async createOidcAccount(@Req() req) {
try {
return await this.legacyServiceOidc.createAccount(req.headers.token);
} catch (error) {
if (error instanceof HttpException) {
throw error;
} else {
throw new InternalServerErrorException();
}
}
}
@Post('user/login')
@ApiOperation({ title: 'Check if the user exist and returns its information with the encrypted password.' })
@ApiResponse({ status: 200, description: 'Success, returns user info', type: UserInfoWithEcryptedPassword })
......@@ -217,6 +247,14 @@ export class LegacyController {
@Get('user/resources')
@ApiOperation({ title: 'Get the list of accessible resources by the specified user.' })
@ApiImplicitHeader({
name: 'Cookie',
description: 'The JWT token containing user information',
})
@ApiImplicitHeader({
name: 'X-Xsrf-Token',
description: 'Cross Site reference token contained in the JWT token',
})
@ApiImplicitHeader({
name: 'Cookie',
description: 'The JWT token is sent by the browser as a cookie (refer to the config of the Authentication project to know which key is used)',
......@@ -228,7 +266,12 @@ export class LegacyController {
async getUserResources(@Req() req): Promise<Resource[]> {
const token: JWTToken = req.headers.token;
try {
const userServices = await this.legacyService.getUserResources(token.username, token.authzKey);
let userServices;
if (token.authzKey == null) { // is OIDC token
userServices = await this.legacyServiceOidc.getUserResources(token);
} else {
userServices = await this.legacyService.getUserResources(token);
}
return userServices;
} catch (error) {
if (error instanceof HttpException) {
......@@ -254,7 +297,12 @@ export class LegacyController {
async addUserResource(@Req() req, @Body() body) {
const token: JWTToken = req.headers.token;
try {
return await this.legacyService.addUserResource(token, body);
if (token.authzKey == null) { // is OIDC token
const access_token = await this.tokenService.getAccessToken(token)
return await this.legacyServiceOidc.addUserResource(token, body, access_token);
} else {
return await this.legacyService.addUserResource(token, body);
}
} catch (error) {
if (error instanceof HttpException) {
throw error;
......@@ -266,6 +314,14 @@ export class LegacyController {
@Post('user/resources/renew')
@ApiOperation({ title: 'Renew access to a restricted access dataset for an existing user.' })
@ApiImplicitHeader({
name: 'Cookie',
description: 'The JWT token containing user information',
})
@ApiImplicitHeader({
name: 'X-Xsrf-Token',
description: 'Cross Site reference token contained in the JWT token',
})
@ApiImplicitHeader({
name: 'Cookie',
description: 'The JWT token is sent by the browser as a cookie (refer to the config of the Authentication project to know which key is used)',
......@@ -279,7 +335,11 @@ export class LegacyController {
async renewUserResource(@Req() req, @Body() body: AccessRequest[]) {
const token: JWTToken = req.headers.token;
try {
return await this.legacyService.renewUserResource(token, body);
if (token.authzKey == null) { // is OIDC token
return await this.legacyServiceOidc.renewUserResource(token, body);
} else {
return await this.legacyService.renewUserResource(token, body);
}
} catch (error) {
if (error instanceof HttpException) {
throw error;
......@@ -302,7 +362,12 @@ export class LegacyController {
async deleteUserResource(@Req() req, @Body() body) {
const token: JWTToken = req.headers.token;
try {
return await this.legacyService.deleteUserResource(token, body);
if (token.authzKey == null) { // is OIDC token
return await this.legacyServiceOidc.deleteUserResource(token, body);
} else {
return await this.legacyService.deleteUserResource(token, body);
}
} catch (error) {
if (error instanceof HttpException) {
throw error;
......
import { Module } from '@nestjs/common';
import { LegacyService } from './legacy.service';
import { LegacyServiceOIDC } from './legacy.service.oidc';
import { LegacyController } from './legacy.controller';
import { TokenService } from './token.service';
@Module({
providers: [LegacyService],
providers: [LegacyService, LegacyServiceOIDC,TokenService],
controllers: [LegacyController],
})
export class LegacyModule {}
import {
Injectable, HttpException, BadRequestException, HttpStatus,
InternalServerErrorException, UnauthorizedException,
} from '@nestjs/common';
import {
LoginForm, UserInfoWithEcryptedPassword, UserCreationForm, Service, JWTToken, Resource, RestrictedAccessDataset,
AccessRequest, UpdatePasswordForm, UserUpdateForm, UserInfo, LegacyUserUpdateForm, LegacyUserCreationForm,
AccessDeletionResponse, AccessRequestResponse, AccessRenewalResponse, PasswordResetForm, PasswordForgottenForm, Email,
} from './legacy.model';