Skip to content

Commit

Permalink
feat(tenant-management): auth0 idp
Browse files Browse the repository at this point in the history 
organization name for silo will be key
while for other will be tier name

GH-47
  • Loading branch information
@yeshamavani
yeshamavani committed Oct 21, 2024
1 parent eeee31c commit ecf5dbb
Show file tree
Hide file tree
Showing 4 changed files with 21 additions and 19 deletions.
17 changes: 7 additions & 10 deletions services/tenant-management-service/src/controllers/idp.controller.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -49,21 +49,18 @@ export class IdpController {
})
payload: IdpDetailsDTO,
): Promise<IdpResp> {
const res: IdpResp = {
let res: IdpResp = {
authId: '',
};
switch (payload.tenant.identityProvider) {
case IdPKey.AUTH0: {
const auth0Resp = await this.idpAuth0Provider(payload);
return auth0Resp;
}
case IdPKey.AUTH0:
res = await this.idpAuth0Provider(payload);
break;
case IdPKey.COGNITO:
break;

case IdPKey.KEYCLOAK: {
const keycloakResp = await this.idpKeycloakProvider(payload);
return keycloakResp;
}
case IdPKey.KEYCLOAK:
res = await this.idpKeycloakProvider(payload);
break;
default:
break;
}
Expand Down
4 changes: 2 additions & 2 deletions services/tenant-management-service/src/interceptors/callback-verifier.interceptor.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ import {AuthenticationBindings, IAuthUser} from 'loopback4-authentication';
import {SYSTEM_USER} from '../keys';
import {WebhookSecretRepository} from '../repositories';

const DEFAULT_TIME_TOLERANCE = 10000;
const DEFAULT_TIME_TOLERANCE = 20000;

export class CallbackVerifierProvider implements Provider<Interceptor> {
constructor(
Expand Down Expand Up @@ -78,7 +78,7 @@ export class CallbackVerifierProvider implements Provider<Interceptor> {
}

const hh = Math.abs(timestamp - Date.now());
// timestamp should be within 10 seconds
// timestamp should be within 20 seconds
if (hh > TIMESTAMP_TOLERANCE) {
this.logger.error('Timestamp out of tolerance');
throw new HttpErrors.Unauthorized();
Expand Down
6 changes: 2 additions & 4 deletions services/tenant-management-service/src/interceptors/webhook-verifier.interceptor.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -79,10 +79,8 @@ export class WebhookVerifierProvider implements Provider<Interceptor> {
throw new HttpErrors.Unauthorized();
}

// timestamp should be within 5 seconds
if (
Math.abs(timestamp - Date.now()) > this.webhookConfig.timestampTolerance
) {
// timestamp should be within 5-20 seconds
if (Math.abs(timestamp - Date.now()) > 20000) {
this.logger.error('Timestamp out of tolerance');
throw new HttpErrors.Unauthorized();
}
Expand Down
13 changes: 10 additions & 3 deletions services/tenant-management-service/src/providers/idp/idp-auth0.provider.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,10 +39,17 @@ export class Auth0IdpProvider implements Provider<ConfigureIdpFunc<IdpResp>> {
}

const configValue = tenantConfig[0].configValue;

/**Organization name for silo tenants will be its key
* whereas for pooled tenants it will be the plan tier
* all the pooled tenants will be under the same organization
*/
const orgName =
planTier === 'PREMIUM' ? tenant.key : planTier.toLowerCase();
const organizationData: PostOrganizationsRequest = {
name: tenant.key,
name: orgName,
// eslint-disable-next-line
display_name: configValue.display_name,
display_name: orgName,
branding: {
// eslint-disable-next-line
logo_url: configValue.logo_url,
Expand Down Expand Up @@ -117,7 +124,7 @@ export class Auth0IdpProvider implements Provider<ConfigureIdpFunc<IdpResp>> {
} else {
try {
const organizationResponse =
await this.management.organizations.getByName({name: tenant.name});
await this.management.organizations.getByName({name: orgName});

if (organizationResponse.status === STATUS_OK) {
organizationId = organizationResponse.data.id;
Expand Down

0 comments on commit ecf5dbb

Please sign in to comment.