Skip to content

Commit

Permalink
apply configuration changes from keycloak & some production defaults
Browse files Browse the repository at this point in the history
  • Loading branch information
Lordfirespeed committed Sep 23, 2024
1 parent 2c2824a commit d3225bc
Show file tree
Hide file tree
Showing 7 changed files with 45 additions and 29 deletions.
5 changes: 3 additions & 2 deletions server/src/auth/keycloak-client.ts
Original file line number Diff line number Diff line change
Expand Up @@ -13,13 +13,14 @@ function adaptClientConfig(clientConfig: typeof keycloakConfig): ClientMetadata
} satisfies ClientMetadata
}

export const keycloakIssuer = await Issuer.discover(keycloakConfig.url)
const keycloakIssuerUrl = new URL(`/realms/${keycloakConfig.realm}`, keycloakConfig.baseUrl)
export const keycloakIssuer = await Issuer.discover(keycloakIssuerUrl.toString())

const keycloakClientConfig = adaptClientConfig(keycloakConfig)
export const keycloakClient = new keycloakIssuer.Client(keycloakClientConfig)
const keycloakAdminClient = new KeycloakAdminClient({
baseUrl: keycloakConfig.adminBaseUrl,
realmName: "durhack",
realmName: keycloakConfig.realm,
})

async function fetchKeycloakClientCredentials() {
Expand Down
22 changes: 13 additions & 9 deletions server/src/config/default.ts
Original file line number Diff line number Diff line change
Expand Up @@ -3,17 +3,18 @@ import type { ConfigIn } from "./schema"

export default {
listen: {
host: "127.0.0.1",
port: 3101,
host: "localhost",
port: 3101, // Megateams project has ports 3000-3099
},
hostname: "http://localhost:3101",
origin: "http://megateams.durhack-dev.com",
flags: {},
csrf: {
enabled: true,
secret: "csrfisoverrated",
options: {
cookieOptions: {
name: "durhack-megateams.x-csrf-token",
domain: "megateams.durhack-dev.com",
sameSite: "strict",
path: "/",
secure: false,
Expand All @@ -26,12 +27,14 @@ export default {
session: {
cookie: {
name: "durhack-megateams-session",
domain: "megateams.durhack-dev.com",
sameSite: "lax",
path: "/",
secure: false,
},
},
megateams: {
maxTeamMembers: 4,
QRCodeRedemptionURL: "https://megateams.durhack.com/hacker/redeem",
QRPresets: {
chat: {
name: "Chat - 5p",
Expand All @@ -53,7 +56,7 @@ export default {
apiEndpoint: "https://discord.com/api/v10",
clientId: "yourDiscordAppClientIdHere",
clientSecret: "yourDiscordAppClientSecretHere",
redirectUri: "https://megateams.durhack.com/api/discord/redirect",
redirectUri: "http://megateams.durhack-dev.com/api/discord/redirect",
botToken: "yourDiscordBotTokenHere",
guildID: "yourDiscordGuildIDHere",
inviteLink: "https://discord.gg/xyz",
Expand All @@ -62,8 +65,8 @@ export default {
jsonwebtoken: {
accessTokenLifetime: 1800,
refreshTokenLifetime: 1209600,
issuer: "https://megateams.durhack.com",
audience: "https://megateams.durhack.com",
issuer: "http://megateams.durhack-dev.com",
audience: "http://megateams.durhack-dev.com",
authorities: [
{
for: TokenType.accessToken,
Expand All @@ -83,11 +86,12 @@ export default {
],
},
keycloak: {
url: "https://auth.durhack.com/realms/durhack",
realm: "durhack-dev",
baseUrl: "https://auth.durhack.com",
adminBaseUrl: "https://admin.auth.durhack.com",
clientId: "not-a-real-client-id",
clientSecret: "not-a-real-client-secret",
responseTypes: ["code"],
redirectUris: ["https://megateams.durhack.com/api/auth/keycloak/callback"],
redirectUris: ["http://megateams.durhack-dev.com/api/auth/keycloak/callback"],
},
} satisfies ConfigIn
11 changes: 0 additions & 11 deletions server/src/config/development.ts

This file was deleted.

2 changes: 1 addition & 1 deletion server/src/config/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ export const {
session: sessionConfig,
discord: discordConfig,
keycloak: keycloakConfig,
hostname,
origin,
megateams: megateamsConfig,
} = config

Expand Down
23 changes: 22 additions & 1 deletion server/src/config/production.ts
Original file line number Diff line number Diff line change
Expand Up @@ -2,15 +2,36 @@ import type { DeepPartial } from "@server/types/deep-partial"
import type { ConfigIn } from "./schema"

export default {
origin: "https://megateams.durhack.com",
csrf: {
options: {
cookieOptions: {
name: "__Host-durhack-megateams.x-csrf-token",
domain: undefined,
path: "/",
secure: true,
sameSite: "strict",
},
},
},
session: {
cookie: { secure: true },
cookie: {
name: "__Host-durhack-megateams-session",
domain: undefined,
path: "/",
secure: true,
sameSite: "lax",
},
},
discord: {
redirectUri: "https://megateams.durhack.com/api/discord/redirect",
},
jsonwebtoken: {
issuer: "https://megateams.durhack.com",
audience: "https://megateams.durhack.com",
},
keycloak: {
realm: "durhack",
redirectUris: ["https://megateams.durhack.com/api/auth/keycloak/redirect"],
}
} satisfies DeepPartial<ConfigIn>
7 changes: 4 additions & 3 deletions server/src/config/schema.ts
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ export const cookie_options_schema = z.object({
sameSite: z.union([z.literal("none"), z.literal("lax"), z.literal("strict")]).optional(),
path: z.string().optional(),
secure: z.boolean(),
domain: z.string().optional(),
})

export const doubleCsrfOptionsSchema = z.object({
Expand Down Expand Up @@ -37,7 +38,8 @@ export const qrPresetSchema = z.object({
})

export const keycloakOptionsSchema = z.object({
url: z.string().url(),
realm: z.string(),
baseUrl: z.string().url(),
adminBaseUrl: z.string().url(),
clientId: z.string(),
clientSecret: z.string(),
Expand All @@ -58,7 +60,7 @@ export const discordOptionsSchema = z.object({

export const configSchema = z.object({
listen: listenOptionsSchema,
hostname: z.string().url(),
origin: z.string().url(),
flags: z.object({}),
csrf: z.object({
enabled: z.boolean(),
Expand All @@ -70,7 +72,6 @@ export const configSchema = z.object({
session: sessionOptionsSchema,
megateams: z.object({
maxTeamMembers: z.number().positive(),
QRCodeRedemptionURL: z.string().url(),
QRPresets: z.object({}).catchall(qrPresetSchema),
}),
discord: discordOptionsSchema,
Expand Down
4 changes: 2 additions & 2 deletions server/src/database/index.ts
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ import { ClientError } from "@otterhttp/errors"
import { type Prisma, PrismaClient } from "@prisma/client"

import { decodeTeamJoinCode } from "@server/common/decode-team-join-code"
import { megateamsConfig } from "@server/config"
import { megateamsConfig, origin } from "@server/config"

export type Area = Prisma.AreaGetPayload<{ select: undefined }>
export type Megateam = Prisma.MegateamGetPayload<{ select: undefined }>
Expand Down Expand Up @@ -91,7 +91,7 @@ export const prisma = basePrisma.$extends({
needs: { payload: true },
compute(qrCode) {
const redemptionUrlSearchParams = new URLSearchParams({ qr_id: qrCode.payload })
return `${megateamsConfig.QRCodeRedemptionURL}?${redemptionUrlSearchParams.toString()}`
return `${origin}/hacker/redeem?${redemptionUrlSearchParams.toString()}`
},
},
},
Expand Down

0 comments on commit d3225bc

Please sign in to comment.