Update cookie configuration

13e43577 · FORESTIER Fabien · 8754ae7e · 13e43577 · 13e43577 · 13e43577
Commit 13e43577 authored 5 years ago by FORESTIER Fabien
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -39,8 +39,7 @@ deploy_development:
    - export AUTHENTICATION_SERVICE_BIND_PORT=3002
    - export LEGACY_MIDDLEWARE_URL=http://vm-refonte-data-2:9000/middleware-legacy
    - export KONG_URL=http://vm-refonte-data-2:9001
-    - export COOKIE_DOMAIN=kong-dev.alpha.grandlyon.com
-    - export XSRF_TOKEN_COOKIE_DOMAIN=alpha.grandlyon.com
+    - export COOKIE_DOMAIN=data-reloaded-dev.alpha.grandlyon.com
    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
    - docker-compose pull
    - docker-compose --project-name service-authentication-${TAG} up -d --force-recreate
@@ -56,7 +55,6 @@ deploy_staging:
    - export LEGACY_MIDDLEWARE_URL=http://vm-refonte-data-2:9100/middleware-legacy
    - export KONG_URL=http://vm-refonte-data-2:9101
    - export COOKIE_DOMAIN=kong-rec.alpha.grandlyon.com
-    - export XSRF_TOKEN_COOKIE_DOMAIN=alpha.grandlyon.com
    - docker login -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD $CI_REGISTRY
    - TAG=dev docker-compose pull
    - docker tag $CI_REGISTRY/refonte-data/service-authentication:dev $CI_REGISTRY/refonte-data/service-authentication:${TAG}

--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -17,7 +17,6 @@ services:
      # - GLC_CLIENT_SECRET=${GLC_CLIENT_SECRET}
      - LEGACY_MIDDLEWARE_URL=${LEGACY_MIDDLEWARE_URL}
      - COOKIE_DOMAIN=${COOKIE_DOMAIN}
-      - XSRF_TOKEN_COOKIE_DOMAIN=${XSRF_TOKEN_COOKIE_DOMAIN}
      - ACCESS_TOKEN_COOKIE_KEY=${ACCESS_TOKEN_COOKIE_KEY}
      - KONG_URL=${KONG_URL}
      - JWT_LIFETIME=${JWT_LIFETIME} # in seconds

--- a/src/authentication/authentication.controller.ts
+++ b/src/authentication/authentication.controller.ts
-import {
-  Controller, Get, Res, Body, Post, InternalServerErrorException,
-  HttpException, Put, Req, HttpStatus,
-} from '@nestjs/common';
-import { ApiResponse, ApiUseTags, ApiOperation, ApiImplicitHeader } from '@nestjs/swagger';
-
-import { AuthenticationService } from './authentication.service';
-import { handleError } from '../helpers';
-import {
-  LoginResponse, LoginForm, UserUpdateForm,
-  JWTTokenInfo, UserInfoUpdateResponse, UserInfoWithoutPassword,
-} from './authentication.model';
+import { Body, Controller, Get, HttpException, HttpStatus, InternalServerErrorException, Post, Put, Req, Res } from '@nestjs/common';
+import { ApiImplicitHeader, ApiOperation, ApiResponse, ApiUseTags } from '@nestjs/swagger';
 import { Response } from 'express';
 import { ConfigService } from '../configuration/config.service';
+import { handleError } from '../helpers';
+import { JWTTokenInfo, LoginForm, LoginResponse, UserInfoUpdateResponse, UserInfoWithoutPassword, UserUpdateForm } from './authentication.model';
+import { AuthenticationService } from './authentication.service';
+

 @ApiUseTags('authentication')
 @Controller()
@@ -47,7 +41,7 @@ export class AuthenticationController {
        'XSRF-TOKEN',
        loginResult.xsrfToken,
        {
-          domain: this._configService.config.xsrfTokenCookieDomain,
+          domain: this._configService.config.cookieDomain,
          expires: cookieExpiresAt,
          sameSite: 'Strict',
        },
@@ -75,7 +69,7 @@ export class AuthenticationController {
      'XSRF-TOKEN',
      '',
      {
-        domain: this._configService.config.xsrfTokenCookieDomain,
+        domain: this._configService.config.cookieDomain,
        expires: new Date(0),
        sameSite: 'Strict',
      },
@@ -166,7 +160,7 @@ export class AuthenticationController {
        'XSRF-TOKEN',
        updateResult.xsrfToken,
        {
-          domain: this._configService.config.xsrfTokenCookieDomain,
+          domain: this._configService.config.cookieDomain,
          expires: cookieExpiresAt,
          sameSite: 'Strict',
        },

--- a/src/configuration/config.service.ts
+++ b/src/configuration/config.service.ts
-import { Config } from './config';
 import * as dotenv from 'dotenv';
+import { Config } from './config';
 export class ConfigService {
  private _config = Config;

@@ -14,7 +14,6 @@ export class ConfigService {
    this._config.kongStatus = process.env.KONG_URL + '/status';
    this._config.jwtLifetime = parseInt(process.env.JWT_LIFETIME, 10);
    this._config.cookieDomain = process.env.COOKIE_DOMAIN;
-    this._config.xsrfTokenCookieDomain = process.env.XSRF_TOKEN_COOKIE_DOMAIN;
    this._config.accessTokenCookieKey = process.env.ACCESS_TOKEN_COOKIE_KEY;
    // this._config.providers.OIDC.discoveryUrl = process.env.OIDC_DISCOVERY_URL;
    // this._config.providers.GLC.discoveryUrl = process.env.GLC_DISCOVERY_URL;

--- a/src/configuration/config.ts
+++ b/src/configuration/config.ts
@@ -19,7 +19,6 @@ export const Config = {
  kongConsumers: '',
  kongStatus: '',
  cookieDomain: '',
-  xsrfTokenCookieDomain: '',
  accessTokenCookieKey: '',
  jwtLifetime: 3600,
  // redis: {

--- a/template.env
+++ b/template.env
@@ -2,7 +2,6 @@ TAG=<version number>
 AUTHENTICATION_SERVICE_BIND_PORT=<service port>
 LEGACY_MIDDLEWARE_URL=<url of the legacy auth middleware>
 COOKIE_DOMAIN=<domain for which the cookie will be set>
-XSRF_TOKEN_COOKIE_DOMAIN=<domain for which the cookie containing the xsrf token will be set>
 ACCESS_TOKEN_COOKIE_KEY=<cookie key where the access token will be stored>
 KONG_URL=<api gateway url>
 JWT_LIFETIME=<life time of the JWT>
\ No newline at end of file