From 6f98fa61e4991ed7b8bdbf177bea87c97c9238e0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcell=20F=C3=BCl=C3=B6p?= Date: Fri, 24 Feb 2023 21:09:21 +0000 Subject: [PATCH] refactor: satisfy linter requirements --- backend/internal/token.js | 45 +++++----- backend/routes/api/main.js | 2 +- backend/routes/api/oidc.js | 88 ++++++++++---------- backend/routes/api/settings.js | 8 +- frontend/js/app/api.js | 2 +- frontend/js/app/settings/oidc-config/main.js | 14 ++-- frontend/js/login/ui/login.js | 14 ++-- 7 files changed, 84 insertions(+), 89 deletions(-) diff --git a/backend/internal/token.js b/backend/internal/token.js index 8e04341d..27da42b4 100644 --- a/backend/internal/token.js +++ b/backend/internal/token.js @@ -88,7 +88,7 @@ module.exports = { * @param {String} [issuer] * @returns {Promise} */ - getTokenFromOAuthClaim: (data, issuer) => { + getTokenFromOAuthClaim: (data) => { let Token = new TokenModel(); data.scope = 'user'; @@ -101,31 +101,26 @@ module.exports = { .andWhere('is_disabled', 0) .first() .then((user) => { - if (!user) { - throw new error.AuthError('No relevant user found'); - } - - // Create a moment of the expiry expression - let expiry = helpers.parseDatePeriod(data.expiry); - if (expiry === null) { - throw new error.AuthError('Invalid expiry time: ' + data.expiry); - } - - let iss = 'api', - attrs = { id: user.id }, - scope = [ data.scope ], - expiresIn = data.expiry; - - return Token.create({ iss, attrs, scope, expiresIn }) - .then((signed) => { - return { - token: signed.token, - expires: expiry.toISOString() - }; - }); - + if (!user) { + throw new error.AuthError('No relevant user found'); } - ); + + // Create a moment of the expiry expression + let expiry = helpers.parseDatePeriod(data.expiry); + if (expiry === null) { + throw new error.AuthError('Invalid expiry time: ' + data.expiry); + } + + let iss = 'api', + attrs = { id: user.id }, + scope = [ data.scope ], + expiresIn = data.expiry; + + return Token.create({ iss, attrs, scope, expiresIn }) + .then((signed) => { + return { token: signed.token, expires: expiry.toISOString() }; + }); + }); }, /** diff --git a/backend/routes/api/main.js b/backend/routes/api/main.js index 2f3ec6d7..546cc727 100644 --- a/backend/routes/api/main.js +++ b/backend/routes/api/main.js @@ -27,7 +27,7 @@ router.get('/', (req, res/*, next*/) => { router.use('/schema', require('./schema')); router.use('/tokens', require('./tokens')); -router.use('/oidc', require('./oidc')) +router.use('/oidc', require('./oidc')); router.use('/users', require('./users')); router.use('/audit-log', require('./audit-log')); router.use('/reports', require('./reports')); diff --git a/backend/routes/api/oidc.js b/backend/routes/api/oidc.js index b02c503f..6fd87c70 100644 --- a/backend/routes/api/oidc.js +++ b/backend/routes/api/oidc.js @@ -3,7 +3,7 @@ const error = require('../../lib/error'); const express = require('express'); const jwtdecode = require('../../lib/express/jwt-decode'); const oidc = require('openid-client'); -const settingModel = require('../../models/setting'); +const settingModel = require('../../models/setting'); const internalToken = require('../../internal/token'); let router = express.Router({ @@ -29,15 +29,15 @@ router * * Retrieve all users */ - .get(jwtdecode(), async (req, res, next) => { - console.log("oidc: init flow"); + .get(jwtdecode(), async (req, res) => { + console.log('oidc: init flow'); settingModel .query() .where({id: 'oidc-config'}) .first() - .then( row => getInitParams(req, row)) - .then( params => redirectToAuthorizationURL(res, params)) - .catch( err => redirectWithError(res, err)); + .then((row) => getInitParams(req, row)) + .then((params) => redirectToAuthorizationURL(res, params)) + .catch((err) => redirectWithError(res, err)); }); @@ -58,15 +58,15 @@ router * * Retrieve a specific user */ - .get(jwtdecode(), async (req, res, next) => { - console.log("oidc: callback"); + .get(jwtdecode(), async (req, res) => { + console.log('oidc: callback'); settingModel .query() .where({id: 'oidc-config'}) .first() - .then( settings => validateCallback(req, settings)) - .then( token => redirectWithJwtToken(res, token)) - .catch( err => redirectWithError(res, err)); + .then((settings) => validateCallback(req, settings)) + .then((token) => redirectWithJwtToken(res, token)) + .catch((err) => redirectWithError(res, err)); }); /** @@ -74,21 +74,21 @@ router * * @param {Setting} row * */ -let getClient = async row => { +let getClient = async (row) => { let issuer; try { issuer = await oidc.Issuer.discover(row.meta.issuerURL); - } catch(err) { + } catch (err) { throw new error.AuthError(`Discovery failed for the specified URL with message: ${err.message}`); } return new issuer.Client({ - client_id: row.meta.clientID, - client_secret: row.meta.clientSecret, - redirect_uris: [row.meta.redirectURL], + client_id: row.meta.clientID, + client_secret: row.meta.clientSecret, + redirect_uris: [row.meta.redirectURL], response_types: ['code'], }); -} +}; /** * Generates state, nonce and authorization url. @@ -98,18 +98,18 @@ let getClient = async row => { * @return { {String}, {String}, {String} } state, nonce and url * */ let getInitParams = async (req, row) => { - let client = await getClient(row); - let state = crypto.randomUUID(); - let nonce = crypto.randomUUID(); - let url = client.authorizationUrl({ - scope: 'openid email profile', - resource: `${req.protocol}://${req.get('host')}${req.originalUrl}`, - state, - nonce, - }) + let client = await getClient(row), + state = crypto.randomUUID(), + nonce = crypto.randomUUID(), + url = client.authorizationUrl({ + scope: 'openid email profile', + resource: `${req.protocol}://${req.get('host')}${req.originalUrl}`, + state, + nonce, + }); return { state, nonce, url }; -} +}; /** * Parses state and nonce from cookie during the callback phase. @@ -117,21 +117,21 @@ let getInitParams = async (req, row) => { * @param {Request} req * @return { {String}, {String} } state and nonce * */ -let parseStateFromCookie = req => { +let parseStateFromCookie = (req) => { let state, nonce; let cookies = req.headers.cookie.split(';'); - for (cookie of cookies) { + for (let cookie of cookies) { if (cookie.split('=')[0].trim() === 'npm_oidc') { - let raw = cookie.split('=')[1]; - let val = raw.split('--'); - state = val[0].trim(); - nonce = val[1].trim(); + let raw = cookie.split('=')[1], + val = raw.split('--'); + state = val[0].trim(); + nonce = val[1].trim(); break; } } return { state, nonce }; -} +}; /** * Executes validation of callback parameters. @@ -140,33 +140,33 @@ let parseStateFromCookie = req => { * @param {Setting} settings * @return {Promise} a promise resolving to a jwt token * */ -let validateCallback = async (req, settings) => { - let client = await getClient(settings); +let validateCallback = async (req, settings) => { + let client = await getClient(settings); let { state, nonce } = parseStateFromCookie(req); - const params = client.callbackParams(req); + const params = client.callbackParams(req); const tokenSet = await client.callback(settings.meta.redirectURL, params, { state, nonce }); - let claims = tokenSet.claims(); + let claims = tokenSet.claims(); console.log('oidc: authentication successful for email', claims.email); - return internalToken.getTokenFromOAuthClaim({ identity: claims.email }) -} + return internalToken.getTokenFromOAuthClaim({ identity: claims.email }); +}; let redirectToAuthorizationURL = (res, params) => { console.log('oidc: init flow > url > ', params.url); - res.cookie("npm_oidc", params.state + '--' + params.nonce); + res.cookie('npm_oidc', params.state + '--' + params.nonce); res.redirect(params.url); -} +}; let redirectWithJwtToken = (res, token) => { res.cookie('npm_oidc', token.token + '---' + token.expires); res.redirect('/login'); -} +}; let redirectWithError = (res, error) => { console.log('oidc: callback error: ', error); res.cookie('npm_oidc_error', error.message); res.redirect('/login'); -} +}; module.exports = router; diff --git a/backend/routes/api/settings.js b/backend/routes/api/settings.js index edb9edd8..f04f3d7f 100644 --- a/backend/routes/api/settings.js +++ b/backend/routes/api/settings.js @@ -71,14 +71,14 @@ router .then((row) => { if (row.id === 'oidc-config') { // redact oidc configuration via api - let m = row.meta + let m = row.meta; row.meta = { - name: m.name, + name: m.name, enabled: m.enabled === true && !!(m.clientID && m.clientSecret && m.issuerURL && m.redirectURL && m.name) }; // remove these temporary cookies used during oidc authentication - res.clearCookie('npm_oidc') - res.clearCookie('npm_oidc_error') + res.clearCookie('npm_oidc'); + res.clearCookie('npm_oidc_error'); } res.status(200) .send(row); diff --git a/frontend/js/app/api.js b/frontend/js/app/api.js index b314b40b..207cb548 100644 --- a/frontend/js/app/api.js +++ b/frontend/js/app/api.js @@ -60,7 +60,7 @@ function fetch(verb, path, data, options) { beforeSend: function (xhr) { // allow unauthenticated access to OIDC configuration - if (path === "settings/oidc-config") return; + if (path === 'settings/oidc-config') return; xhr.setRequestHeader('Authorization', 'Bearer ' + (token ? token.t : null)); }, diff --git a/frontend/js/app/settings/oidc-config/main.js b/frontend/js/app/settings/oidc-config/main.js index 34b16b57..b4eb6d1c 100644 --- a/frontend/js/app/settings/oidc-config/main.js +++ b/frontend/js/app/settings/oidc-config/main.js @@ -9,10 +9,10 @@ module.exports = Mn.View.extend({ className: 'modal-dialog wide', ui: { - form: 'form', - buttons: '.modal-footer button', - cancel: 'button.cancel', - save: 'button.save', + form: 'form', + buttons: '.modal-footer button', + cancel: 'button.cancel', + save: 'button.save', }, events: { @@ -28,16 +28,16 @@ module.exports = Mn.View.extend({ let data = this.ui.form.serializeJSON(); data.id = this.model.get('id'); if (data.meta.enabled) { - data.meta.enabled = data.meta.enabled === "on" || data.meta.enabled === "true"; + data.meta.enabled = data.meta.enabled === 'on' || data.meta.enabled === 'true'; } this.ui.buttons.prop('disabled', true).addClass('btn-disabled'); App.Api.Settings.update(data) - .then(result => { + .then((result) => { view.model.set(result); App.UI.closeModal(); }) - .catch(err => { + .catch((err) => { alert(err.message); this.ui.buttons.prop('disabled', false).removeClass('btn-disabled'); }); diff --git a/frontend/js/login/ui/login.js b/frontend/js/login/ui/login.js index 50064f24..dc5605d8 100644 --- a/frontend/js/login/ui/login.js +++ b/frontend/js/login/ui/login.js @@ -31,12 +31,12 @@ module.exports = Mn.View.extend({ .then(() => { window.location = '/'; }) - .catch(err => { + .catch((err) => { this.ui.error.text(err.message).show(); this.ui.button.removeClass('btn-loading').prop('disabled', false); }); }, - 'click @ui.oidcButton': function(e) { + 'click @ui.oidcButton': function() { this.ui.identity.prop('disabled', true); this.ui.secret.prop('disabled', true); this.ui.button.prop('disabled', true); @@ -51,12 +51,12 @@ module.exports = Mn.View.extend({ let cookies = document.cookie.split(';'), token, expiry, error; for (cookie of cookies) { - let raw = cookie.split('='), - name = raw[0].trim(), + let raw = cookie.split('='), + name = raw[0].trim(), value = raw[1]; if (name === 'npm_oidc') { - let v = value.split('---'); - token = v[0]; + let v = value.split('---'); + token = v[0]; expiry = v[1]; } if (name === 'npm_oidc_error') { @@ -80,7 +80,7 @@ module.exports = Mn.View.extend({ } // fetch oidc configuration and show alternative action button if enabled - let response = await Api.Settings.getById("oidc-config"); + let response = await Api.Settings.getById('oidc-config'); if (response && response.meta && response.meta.enabled === true) { this.ui.oidcProvider.html(response.meta.name); this.ui.oidcLogin.show();