From bb62a40124357c819088db69f4a8da79485f5684 Mon Sep 17 00:00:00 2001 From: Mark Patton Date: Tue, 2 Apr 2024 14:30:18 -0400 Subject: [PATCH 1/8] Remove unused Dockerfile --- .docker/ember-dev/Dockerfile | 5 ----- 1 file changed, 5 deletions(-) delete mode 100644 .docker/ember-dev/Dockerfile diff --git a/.docker/ember-dev/Dockerfile b/.docker/ember-dev/Dockerfile deleted file mode 100644 index 8d331522..00000000 --- a/.docker/ember-dev/Dockerfile +++ /dev/null @@ -1,5 +0,0 @@ -FROM node:12-alpine - -WORKDIR /app - -CMD yarn install && ./node_modules/ember-cli/bin/ember server --port $EMBER_PORT From da23c917c8122ff73285f123e47c91f1d7e886fe Mon Sep 17 00:00:00 2001 From: Mark Patton Date: Tue, 2 Apr 2024 14:31:10 -0400 Subject: [PATCH 2/8] Switch to including favicon in index.html --- app/index.html | 1 + app/services/app-static-config.js | 17 ----------------- 2 files changed, 1 insertion(+), 17 deletions(-) diff --git a/app/index.html b/app/index.html index a9ed6cf8..d8388fde 100644 --- a/app/index.html +++ b/app/index.html @@ -8,6 +8,7 @@ {{content-for "head"}} + diff --git a/app/services/app-static-config.js b/app/services/app-static-config.js index b56b6138..3495b421 100644 --- a/app/services/app-static-config.js +++ b/app/services/app-static-config.js @@ -32,10 +32,6 @@ export default class AppStaticConfigService extends Service { const overrides = `${this._config.branding.overrides}`; this.addCSS(overrides); } - if (this._config.branding.favicon) { - const favicon = `${this._config.branding.favicon}`; - this.addFavicon(favicon); - } } } @@ -85,17 +81,4 @@ export default class AppStaticConfigService extends Service { window.document.head.appendChild(newLink); } - - addFavicon(uri) { - const fav = document.querySelector('head link[rel="icon"]'); - if (fav || !uri) { - return; - } - - const newFav = window.document.createElement('link'); - newFav.setAttribute('rel', 'icon'); - newFav.setAttribute('href', uri); - - window.document.head.appendChild(newFav); - } } From d84ac728018a69708441c4e778ce87bba0f12822 Mon Sep 17 00:00:00 2001 From: Mark Patton Date: Tue, 2 Apr 2024 14:32:01 -0400 Subject: [PATCH 3/8] Modify nginx to not set CSP header or forward 404 requests to index.html --- .docker/nginx-template.conf | 23 ----------------------- 1 file changed, 23 deletions(-) diff --git a/.docker/nginx-template.conf b/.docker/nginx-template.conf index 3e085091..ed098eec 100644 --- a/.docker/nginx-template.conf +++ b/.docker/nginx-template.conf @@ -5,31 +5,8 @@ server { #charset utf-8; #access_log /var/log/nginx/host.access.log main; - # Add Content Security Policy - add_header Content-Security-Policy "$CSP_HEADERS"; - location / { root /usr/share/nginx/html; index index.html index.htm; - add_header Content-Security-Policy "$CSP_HEADERS"; - } - - # This is important, any 404 will cause the ember - # app to re-load. This is because all ember URLs - # (e.g. https://pass/grants/foo), when issued as an HTTP - # request, have nothing that 'serves' them. Instead, the - # ember app, when loaded, inspects the URL and renders the - # correct page client-side. So we want the ember app to load - # and parse all these 404 URLs. - # - # Note, the equals sign means that a 200 is returned - # instead of a 404 - error_page 404 = ${PASS_UI_ROOT_URL}/index.html; - - # redirect server error pages to the static page /50x.html - # - error_page 500 502 503 504 /50x.html; - location = /50x.html { - root /usr/share/nginx/html; } } From 638b3a00d959bf662808a3ec2218d483b0188963 Mon Sep 17 00:00:00 2001 From: Mark Patton Date: Tue, 2 Apr 2024 14:32:27 -0400 Subject: [PATCH 4/8] Switch authenticator to use the whoami service --- app/authenticators/http-only.js | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/app/authenticators/http-only.js b/app/authenticators/http-only.js index 616c74b5..06893c44 100644 --- a/app/authenticators/http-only.js +++ b/app/authenticators/http-only.js @@ -18,9 +18,6 @@ export default class HttpOnly extends Base { */ restore(data) { return new RSVP.Promise((resolve, reject) => { - if (window.location.pathname === '/app/auth-callback') { - return reject('Could not restore session.'); - } if (!this._validateData(data)) { return reject('Could not restore session.'); } @@ -35,7 +32,7 @@ export default class HttpOnly extends Base { * @public */ async authenticate() { - const url = `${window.location.origin}/authenticated`; + const url = `/user/whoami`; let response = await fetch(url); @@ -61,16 +58,16 @@ export default class HttpOnly extends Base { async _validateData(data) { // see https://tools.ietf.org/html/rfc6749#section-4.2.2 - if (isEmpty(data) || isEmpty(data.user.id)) return false; + if (isEmpty(data) || isEmpty(data.id)) return false; - const url = `${window.location.origin}/authenticated`; + const url = `/user/whoami`; let response = await fetch(url); if (response.ok) { const refreshedData = await response.json(); - return data.user.id === refreshedData.user.id; + return data.id === refreshedData.id; } else { return false; } From fa1214375f42bb6ea9f7cf1551dcf35f50d6de24 Mon Sep 17 00:00:00 2001 From: Mark Patton Date: Tue, 2 Apr 2024 14:33:01 -0400 Subject: [PATCH 5/8] Update the current user service to new structure from whoami --- app/services/current-user.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/services/current-user.js b/app/services/current-user.js index d36f060a..bc25f3db 100644 --- a/app/services/current-user.js +++ b/app/services/current-user.js @@ -21,7 +21,7 @@ export default class CurrentUserService extends Service { */ @task load = function* () { - let userId = this.session.data.authenticated.user.id; + let userId = this.session.data.authenticated.id; if (userId) { let user = yield this.store.findRecord('user', userId); From 82194f15fa8dbd269e8eb21ae0ad2e268ba2dd77 Mon Sep 17 00:00:00 2001 From: Mark Patton Date: Tue, 2 Apr 2024 14:33:17 -0400 Subject: [PATCH 6/8] Remove unused routes --- app/router.js | 2 -- app/routes/auth-callback.js | 15 --------------- 2 files changed, 17 deletions(-) delete mode 100644 app/routes/auth-callback.js diff --git a/app/router.js b/app/router.js index f7c8d5a9..ba14f45b 100644 --- a/app/router.js +++ b/app/router.js @@ -28,8 +28,6 @@ Router.map(function () { }); this.route('not-found-error', { path: '/*path' }); this.route('thanks'); - this.route('auth-callback'); - this.route('authenticated'); }); export default Router; diff --git a/app/routes/auth-callback.js b/app/routes/auth-callback.js deleted file mode 100644 index 321c71ec..00000000 --- a/app/routes/auth-callback.js +++ /dev/null @@ -1,15 +0,0 @@ -import Route from '@ember/routing/route'; -import { inject as service } from '@ember/service'; - -export default class AuthCallbackRoute extends Route { - @service session; - @service router; - - async beforeModel() { - try { - await this.session.authenticate('authenticator:http-only'); - } catch (error) { - window.location.replace(`${window.location.origin}/logout`); - } - } -} From 29e20b36787c47f8995beb5ddf1a8902337aba7e Mon Sep 17 00:00:00 2001 From: Mark Patton Date: Mon, 15 Apr 2024 10:03:37 -0400 Subject: [PATCH 7/8] Remove no longer needed mock /authenticated --- mirage/config.js | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/mirage/config.js b/mirage/config.js index d46def22..19f899c6 100644 --- a/mirage/config.js +++ b/mirage/config.js @@ -42,17 +42,6 @@ export default function (config) { }; }); - /** Auth Service */ - this.get('/authenticated', (schema, request) => { - const user = schema.find('user', 0); - - return { - user: { - id: user.id, - }, - }; - }); - /** User Service */ this.get('/pass-user-service/whoami', (schema, request) => { const userId = request.queryParams.userToken; From f4bfbff494ec6e3f35d25af6d5dc153d94999ef6 Mon Sep 17 00:00:00 2001 From: Mark Patton Date: Mon, 15 Apr 2024 10:04:28 -0400 Subject: [PATCH 8/8] Update unit tests to handle different current user service structure --- tests/acceptance/app-test.js | 2 +- tests/acceptance/nih-submission-test.js | 4 +--- tests/acceptance/proxy-submission-test.js | 4 +--- tests/unit/services/current-user-test.js | 2 +- 4 files changed, 4 insertions(+), 8 deletions(-) diff --git a/tests/acceptance/app-test.js b/tests/acceptance/app-test.js index 1fe4c387..b66c4f55 100644 --- a/tests/acceptance/app-test.js +++ b/tests/acceptance/app-test.js @@ -11,7 +11,7 @@ module('Acceptance | application', function (hooks) { setupMirage(hooks); hooks.beforeEach(async function () { - await authenticateSession({ user: { id: '0' } }); + await authenticateSession({ id: '0' }); }); test('Make sure app loads outside of root', async function (assert) { diff --git a/tests/acceptance/nih-submission-test.js b/tests/acceptance/nih-submission-test.js index 732986fb..e278e283 100644 --- a/tests/acceptance/nih-submission-test.js +++ b/tests/acceptance/nih-submission-test.js @@ -12,9 +12,7 @@ module('Acceptance | submission', function (hooks) { setupMirage(hooks); hooks.beforeEach(async function () { - await authenticateSession({ - user: { id: '0' }, - }); + await authenticateSession({ id: '0' }); }); test('can walk through an nih submission workflow and make a submission - base case', async function (assert) { diff --git a/tests/acceptance/proxy-submission-test.js b/tests/acceptance/proxy-submission-test.js index 6a0968ad..cb0b099c 100644 --- a/tests/acceptance/proxy-submission-test.js +++ b/tests/acceptance/proxy-submission-test.js @@ -33,9 +33,7 @@ module('Acceptance | proxy submission', function (hooks) { this.server.create('user', attrs); - await authenticateSession({ - user: { id: '0' }, - }); + await authenticateSession({ id: '0' }); }); test('can walk through a proxy submission workflow and make a submission – with pass account', async function (assert) { diff --git a/tests/unit/services/current-user-test.js b/tests/unit/services/current-user-test.js index 3b7528de..63525075 100644 --- a/tests/unit/services/current-user-test.js +++ b/tests/unit/services/current-user-test.js @@ -19,7 +19,7 @@ module('Unit | Service | current-user', (hooks) => { '@id': user.get('id'), }; - service.set('session', { data: { authenticated: { user: { id: '000' } } } }); + service.set('session', { data: { authenticated: { id: '000' } } }); service.set( 'store',