-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Update userDetails parsing and logout. (#31)
* Update express to work with keycloaks aouth data * Update packages * Add jsonwebtokens * Use keycloak jwts instead of user-details endpoint Clear session on all cases of logout * Remove json webtoken, update gatekeeper package * Move jwt parsing to gatekeeper package * Update fixtures * Update env sample * Update yarn file * Improve coverage * Fix mock return values for client-oauth2 * Check idTokenHint is used correctly * Add profile to scopes * Ignore coverage from types folder * Bump gatekeeper package
- Loading branch information
1 parent
1b770a1
commit 630d0ed
Showing
10 changed files
with
337 additions
and
123 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -3,7 +3,6 @@ NODE_ENV=development | |
EXPRESS_OPENSRP_ACCESS_TOKEN_URL=https://reveal-stage.smartregister.org/opensrp/oauth/token | ||
EXPRESS_OPENSRP_AUTHORIZATION_URL=https://reveal-stage.smartregister.org/opensrp/oauth/authorize | ||
EXPRESS_OPENSRP_CALLBACK_URL=http://localhost:3000/oauth/callback/OpenSRP/ | ||
EXPRESS_OPENSRP_USER_URL=https://reveal-stage.smartregister.org/opensrp/user-details | ||
EXPRESS_OPENSRP_OAUTH_STATE=opensrp | ||
EXPRESS_OPENSRP_CLIENT_ID=hunter2 | ||
EXPRESS_OPENSRP_CLIENT_SECRET=hunter2 | ||
|
@@ -25,6 +24,7 @@ EXPRESS_ALLOW_TOKEN_RENEWAL=true | |
EXPRESS_MAXIMUM_SESSION_LIFE_TIME=10800 | ||
|
||
EXPRESS_SERVER_LOGOUT_URL=http://localhost:3000/logout | ||
# optional -> kills opensrp web server session, for instance not needed when auth server is keycloak | ||
EXPRESS_OPENSRP_LOGOUT_URL=https://reveal-stage.smartregister.org/opensrp/logout.do | ||
EXPRESS_KEYCLOAK_LOGOUT_URL=https://keycloak-stage.smartregister.org/auth/realms/reveal-stage/protocol/openid-connect/logout | ||
|
||
|
@@ -33,11 +33,12 @@ EXPRESS_MAXIMUM_LOG_FILES_NUMBER=5 | |
EXPRESS_LOGS_FILE_PATH='/home/.express/reveal-express-server.log | ||
|
||
# https://github.com/helmetjs/helmet#reference | ||
EXPRESS_CONTENT_SECURITY_POLICY_CONFIG=`{"default-src":["'self'"]}` | ||
EXPRESS_CONTENT_SECURITY_POLICY_CONFIG=`{"default-src":["'self'", "smartregister.org", "github.com"]}` | ||
|
||
EXPRESS_REDIS_STAND_ALONE_URL=redis://username:[email protected]:6379/4 | ||
|
||
EXPRESS_REDIS_SENTINEL_CONFIG='{"name":"master","sentinelUsername":"u_name","sentinelPassword":"pass","db":4,"sentinels":[{"host":"127.0.0.1","port":6379},{"host":"127.0.0.1","port":6379}]}' | ||
|
||
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy/report-to. `Map<string, stringifiedJson>`. | ||
EXPRESS_RESPONSE_HEADERS='{"Report-To":"{ \"group\": \"csp-endpoint\", \"max_age\": 10886400, \"endpoints\": [{ \"url\": \"https://example.com/endpoint\" }] }", "Access-Control-Allow-Headers": "GET"}' | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.