fix: use auth server instead of email authorizer

UserOfficeProject · Jan 6, 2023 · 10e4ec2 · 10e4ec2
1 parent 8596363
commit 10e4ec2
Show file tree

Hide file tree

Showing 2 changed files with 76 additions and 43 deletions.
diff --git a/apps/user-office-backend/src/config/dependencyConfigE2E.ts b/apps/user-office-backend/src/config/dependencyConfigE2E.ts
@@ -1,7 +1,7 @@
 import { ConsoleLogger, setLogger } from '@user-office-software/duo-logger';
 
 import 'reflect-metadata';
-import { EmailAsExternalTokenAuthorization } from '../auth/EmailAsExternalTokenAuthorization';
+import { OAuthAuthorization } from '../auth/OAuthAuthorization';
 import PostgresAdminDataSource from '../datasources/postgres/AdminDataSource';
 import PostgresCallDataSource from '../datasources/postgres/CallDataSource';
 import PostgresEventLogsDataSource from '../datasources/postgres/EventLogsDataSource';
@@ -65,7 +65,7 @@ mapClass(
   PostgresPredefinedMessageDataSource
 );
 
-mapClass(Tokens.UserAuthorization, EmailAsExternalTokenAuthorization);
+mapClass(Tokens.UserAuthorization, OAuthAuthorization);
 
 mapClass(Tokens.AssetRegistrar, SkipAssetRegistrar);
 

diff --git a/apps/user-office-frontend-e2e/cypress/support/user.ts b/apps/user-office-frontend-e2e/cypress/support/user.ts
@@ -1,7 +1,6 @@
 import {
   CreateUserMutation,
   CreateUserMutationVariables,
-  ExternalTokenLoginMutation,
   FeatureId,
   GetFeaturesQuery,
   Role,
@@ -117,6 +116,15 @@ const getUserIdFromIdOrCredentials = (
   }
 };
 
+const getCredentialsFromUserId = (testUserId: TestUserId) => {
+  const user = initialDBData.users[testUserId];
+
+  return {
+    email: user.email,
+    password: user.password,
+  };
+};
+
 const selectRole = async (token: string, selectedRoleId: number) => {
   const api = getE2EApi();
   const response = await api.selectRole({
@@ -132,53 +140,78 @@ const selectRole = async (token: string, selectedRoleId: number) => {
   return response.selectRole.token;
 };
 
+const getOauthExternalToken = async (testUserId: TestUserId) => {
+  const DEV_AUTH_SERVER_URL = 'http://localhost:5000';
+  const { email, password } = getCredentialsFromUserId(testUserId);
+  const params = {
+    login: email,
+    password: password,
+    scopes: 'openid email profile',
+  };
+
+  const options = {
+    method: 'POST',
+    headers: {
+      Accept: 'application/json',
+      'Content-Type': 'application/json',
+    },
+    body: JSON.stringify(params),
+  };
+
+  return fetch(`${DEV_AUTH_SERVER_URL}/get-code`, options)
+    .then((response) => response.json())
+    .then((response) => {
+      return response.code;
+    });
+};
+
+const getExternalToken = async (testUserId: TestUserId) => {
+  const isOauth = featureFlags.getEnabledFeatures().get(FeatureId.OAUTH);
+  if (isOauth) {
+    return getOauthExternalToken(testUserId);
+  } else {
+    return extTokenStoreStfc.get(testUserId)!;
+  }
+};
+
 const login = (
   idOrCredentials: TestUserId | { email: string; password: string },
   role?: number
-): Cypress.Chainable<ExternalTokenLoginMutation> => {
+) => {
   const testUserId = getUserIdFromIdOrCredentials(idOrCredentials);
 
-  const isOauth = featureFlags.getEnabledFeatures().get(FeatureId.OAUTH);
-
-  const extTokenStore = isOauth ? extTokenStoreOAuth : extTokenStoreStfc;
-  const externalToken = extTokenStore.get(testUserId)!;
+  cy.wrap(getExternalToken(testUserId)).then((externalToken) => {
+    const api = getE2EApi();
+    api
+      .externalTokenLogin({
+        externalToken: externalToken as string,
+        redirectUri: 'http://localhost:3000/external-auth', // has to be set because it is a required field
+      })
+      .then(async (resp) => {
+        let token = resp.externalTokenLogin.token;
+        if (!token) {
+          return resp;
+        }
+        if (role) {
+          token = await selectRole(token, role);
+        }
+
+        const isOauth = featureFlags.getEnabledFeatures().get(FeatureId.OAUTH);
+        if (!isOauth && !role && testUserId === 'officer') {
+          token = await selectRole(token, 2); // It appears that the officer user in UOWS has 2 roles, once the second role is removed this can be removed
+        }
+        const { user, exp, currentRole } = jwtDecode(token) as DecodedTokenData;
+        window.localStorage.setItem('token', token);
+        window.localStorage.setItem(
+          'currentRole',
+          currentRole.shortCode.toUpperCase()
+        );
+        window.localStorage.setItem('expToken', `${exp}`);
+        window.localStorage.setItem('user', JSON.stringify(user));
 
-  const api = getE2EApi();
-  const request = api
-    .externalTokenLogin({
-      externalToken,
-      redirectUri: '',
-    })
-    .then(async (resp) => {
-      let token = resp.externalTokenLogin.token;
-
-      if (!token) {
         return resp;
-      }
-
-      if (role) {
-        token = await selectRole(token, role);
-      }
-
-      if (!isOauth && !role && testUserId === 'officer') {
-        token = await selectRole(token, 2); // It appears that the officer user in UOWS has 2 roles, once the second role is removed this can be removed
-      }
-
-      const { user, exp, currentRole } = jwtDecode(token) as DecodedTokenData;
-
-      window.localStorage.setItem('token', token);
-      window.localStorage.setItem(
-        'currentRole',
-        currentRole.shortCode.toUpperCase()
-      );
-
-      window.localStorage.setItem('expToken', `${exp}`);
-      window.localStorage.setItem('user', JSON.stringify(user));
-
-      return resp;
-    });
-
-  return cy.wrap(request);
+      });
+  });
 };
 
 const logout = () => {