Merge pull request #2669 from aneelac22/feature/stage-itless

updates for restricted env
RedHatInsights · Oct 18, 2023 · bfa7bc3 · bfa7bc3
2 parents c36a638 + d28f21a
commit bfa7bc3
Show file tree

Hide file tree

Showing 10 changed files with 96 additions and 39 deletions.
diff --git a/config/webpack.config.js b/config/webpack.config.js
@@ -133,7 +133,7 @@ const commonConfig = ({ dev }) => {
         },
       ],
     },
-    plugins: plugins(dev, process.env.BETA === 'true'),
+    plugins: plugins(dev, process.env.BETA === 'true', process.env.NODE_ENV === 'restricted'),
     devServer: {
       allowedHosts: 'all',
       headers: {

diff --git a/config/webpack.plugins.js b/config/webpack.plugins.js
@@ -12,7 +12,7 @@ const getDynamicModules = require('./get-dynamic-modules');
 
 const deps = require('../package.json').dependencies;
 
-const plugins = (dev = false, beta = false) => {
+const plugins = (dev = false, beta = false, restricted = false) => {
   const ChunkMapper = new (require('./chunk-mapper'))({
     modules: 'chrome',
     _unstableHotReload: dev,
@@ -53,7 +53,7 @@ const plugins = (dev = false, beta = false) => {
     }),
     ChunkMapper,
     new HtmlWebpackPlugin({
-      template: path.resolve(__dirname, '../src/index.ejs'),
+      template: restricted ? path.resolve(__dirname, '../src/indexRes.ejs') : path.resolve(__dirname, '../src/index.ejs'),
       inject: 'body',
       minify: false,
       filename: dev ? 'index.html' : '../index.html',

diff --git a/package.json b/package.json
@@ -12,6 +12,7 @@
     "build": "NODE_ENV=production webpack --config config/webpack.config.js  --mode=production",
     "build:beta": "BETA=true npm run build",
     "build:dev": "NODE_ENV=development webpack --config config/webpack.config.js  --mode=development",
+    "build:res": "NODE_ENV=restricted webpack --config config/webpack.config.js --mode=production",
     "cypress": "cypress",
     "cypress:run": "cypress run --browser electron",
     "dev": "DEV_SERVER=true webpack serve --config config/webpack.config.js --mode=development",

diff --git a/src/auth/index.ts b/src/auth/index.ts
@@ -5,7 +5,7 @@ import { ChromeUser } from '@redhat-cloud-services/types';
 import { Store } from 'redux';
 
 import * as jwt from '../jwt/jwt';
-import { getTokenWithAuthorizationCode } from '../cognito/auth';
+import { createUser, getTokenWithAuthorizationCode } from '../cognito/auth';
 import { ITLessCognito } from '../utils/common';
 import consts, { defaultAuthOptions as defaultOptions } from '../utils/consts';
 import { ACCOUNT_REQUEST_TIMEOUT, ACTIVE_REMOTE_REQUEST, CROSS_ACCESS_ACCOUNT_NUMBER, CROSS_ACCESS_ORG_ID } from '../utils/consts';
@@ -59,10 +59,14 @@ export const createAuthObject = (libjwt: LibJWT, getUser: () => Promise<ChromeUs
 });
 
 export const createGetUser = (libjwt: LibJWT): (() => Promise<ChromeUser | undefined | void>) => {
-  return () =>
-    libjwt.initPromise.then(libjwt.jwt.getUserInfo).catch(() => {
-      libjwt.jwt.logoutAllTabs();
-    });
+  if (isITLessCognito) {
+    return () => createUser();
+  } else {
+    return () =>
+      libjwt.initPromise.then(libjwt.jwt.getUserInfo).catch(() => {
+        libjwt.jwt.logoutAllTabs();
+      });
+  }
 };
 
 export const createGetUserPermissions = (libJwt: LibJWT, getUser: () => Promise<void | ChromeUser>) => {

diff --git a/src/bootstrap.tsx b/src/bootstrap.tsx
@@ -22,6 +22,7 @@ import initializeJWT from './jwt/initialize-jwt';
 import AppPlaceholder from './components/AppPlaceholder';
 import { initializeVisibilityFunctions } from './utils/VisibilitySingleton';
 import { createGetUser } from './auth';
+import { getTokenWithAuthorizationCode } from './cognito/auth';
 
 const language: keyof typeof messages = 'en';
 
@@ -46,16 +47,18 @@ const initializeAccessRequestCookies = () => {
 const libjwtSetup = (chromeConfig: { ssoUrl?: string }, ssoScopes: string[] = []) => {
   const libjwt = auth({ ...chromeConfig, ssoScopes } || { ssoScopes });
 
-  libjwt.initPromise.then(() => {
-    return libjwt.jwt
-      .getUserInfo()
-      .then((chromeUser) => {
-        if (chromeUser) {
-          sentry(chromeUser);
-        }
-      })
-      .catch(noop);
-  });
+  if (!ITLess()) {
+    libjwt.initPromise.then(() => {
+      return libjwt.jwt
+        .getUserInfo()
+        .then((chromeUser) => {
+          if (chromeUser) {
+            sentry(chromeUser);
+          }
+        })
+        .catch(noop);
+    });
+  }
 
   return libjwt;
 };
@@ -96,7 +99,10 @@ const useInitialize = () => {
     const getUser = createGetUser(libJwt);
     initializeVisibilityFunctions({
       getUser,
-      getToken: () => libJwt!.initPromise.then(() => libJwt!.jwt.getUserInfo().then(() => libJwt!.jwt.getEncodedToken())),
+      getToken: () =>
+        ITLessCognito()
+          ? getTokenWithAuthorizationCode()
+          : libJwt!.initPromise.then(() => libJwt!.jwt.getUserInfo().then(() => libJwt!.jwt.getEncodedToken())),
       getUserPermissions: createGetUserPermissions(libJwt, getUser),
     });
 

diff --git a/src/indexRes.ejs b/src/indexRes.ejs
@@ -0,0 +1,30 @@
+<!DOCTYPE html>
+<html lang="en-US">
+
+<head>
+    <meta charset="UTF-8">
+    <title>
+        Hybrid Cloud Console
+    </title>
+    <meta http-equiv="Content-Security-Policy" content="default-src 'self' https: wss: data: blob: 'unsafe-inline' 'unsafe-eval' https://*.redhat.com/ https://www.redhat.com  https://*.openshift.com/ https://api.stage.openshift.com/ https://identity.api.openshift.com/ https://www.youtube.com/ https://redhat.sc.omtrdc.net/ https://www.redhat.com https://*.storage.googleapis.com/ https://stage.quay.io https://quay.io;">
+    <meta http-equiv="Pragma" content="no-cache">
+    <meta http-equiv="cache-control" content="no-cache, no-store, must-revalidate">
+    <meta http-equiv="x-ua-compatible" content="ie=edge">
+    <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
+    <link rel="icon" type="image/png" href="https://access.redhat.com/webassets/avalon/g/favicon.ico">
+    <link rel="stylesheet" type="text/css" href="<%= pf4styles %>">
+    <link rel="stylesheet" type="text/css" href="<%= pf5styles %>">
+    <script type="text/javascript">
+        window.insights = {
+            chrome: {
+                isChrome2: true
+            }
+        }
+    </script>
+</head>
+
+<body class="pf-m-redhat-font">
+    <div id="chrome-entry"></div>
+    <div id="consent_blackbar"></div>
+</body>
+</html>
diff --git a/src/jwt/initialize-jwt.ts b/src/jwt/initialize-jwt.ts
@@ -1,22 +1,37 @@
 import { ChromeUser } from '@redhat-cloud-services/types';
 import { LibJWT } from '../auth';
 import { spinUpStore } from '../redux/redux-config';
+import { ITLessCognito } from '../utils/common';
+import { createUser, getTokenWithAuthorizationCode } from '../cognito/auth';
 
 const initializeJWT = async (libjwt: LibJWT) => {
   const { actions } = spinUpStore();
-  try {
-    await libjwt.initPromise;
-    const user = await libjwt.jwt.getUserInfo();
-    if (user) {
-      actions.userLogIn(user as ChromeUser);
+  if (ITLessCognito()) {
+    try {
+      await getTokenWithAuthorizationCode();
+      const user = await createUser();
+      if (user) {
+        actions.userLogIn(user as ChromeUser);
+      }
+    } catch (error) {
+      console.error(error);
+      actions.userLogIn(false);
     }
-    const encodedToken = libjwt.jwt.getEncodedToken();
-    if (encodedToken) {
-      // chromeInstance.cache = new CacheAdapter('chrome-store', `${decodeToken(encodedToken).session_state}-chrome-store`);
+  } else {
+    try {
+      await libjwt.initPromise;
+      const user = await libjwt.jwt.getUserInfo();
+      if (user) {
+        actions.userLogIn(user as ChromeUser);
+      }
+      const encodedToken = libjwt.jwt.getEncodedToken();
+      if (encodedToken) {
+        // chromeInstance.cache = new CacheAdapter('chrome-store', `${decodeToken(encodedToken).session_state}-chrome-store`);
+      }
+    } catch (error) {
+      console.error(error);
+      actions.userLogIn(false);
     }
-  } catch (error) {
-    console.error(error);
-    actions.userLogIn(false);
   }
 };
 

diff --git a/src/jwt/jwt.ts b/src/jwt/jwt.ts
@@ -4,6 +4,7 @@ import { BroadcastChannel } from 'broadcast-channel';
 import cookie from 'js-cookie';
 import {
   DEFAULT_SSO_ROUTES,
+  ITLess,
   ITLessCognito,
   ITLessKeycloak,
   LOGIN_SCOPES_STORAGE_KEY,
@@ -136,7 +137,7 @@ export const doOffline = (key: string, val: string, configSsoUrl?: string) => {
       scopes.push(partnerScope);
     }
 
-    if (ssoScopes && !itLessKeycloakEnv) {
+    if (ssoScopes && !ITLess()) {
       try {
         // make sure add openid scope when custom scope is used
         scopes.push('openid', JSON.parse(ssoScopes));

diff --git a/src/utils/common.ts b/src/utils/common.ts
@@ -32,15 +32,15 @@ export const DEFAULT_SSO_ROUTES = {
     sso: 'https://sso.stage.redhat.com/auth',
     portal: 'https://access.stage.redhat.com',
   },
-  frh: {
+  frhStage: {
     url: ['console.stage.openshiftusgov.com'],
     sso: 'https://ocm-ra-stage-domain.auth-fips.us-gov-west-1.amazoncognito.com/login',
     portal: 'https://console.stage.openshiftusgov.com',
   },
-  frhStage: {
-    url: ['console.stage.openshiftusgov.com'],
+  frh: {
+    url: ['console.openshiftusgov.com'],
     sso: 'https://ocm-ra-stage-domain.auth-fips.us-gov-west-1.amazoncognito.com/login',
-    portal: 'https://console.stage.openshiftusgov.com',
+    portal: 'https://console.openshiftusgov.com',
   },
   ephem: {
     url: ['ephem.outsrights.cc'],
@@ -211,11 +211,11 @@ export function getRouterBasename(pathname?: string) {
 }
 
 export function ITLess() {
-  return getEnv() === 'frh' || getEnv() === 'frhStage' || getEnv() === 'ephem' || getEnv() === 'int' || getEnv() === 'scr';
+  return getEnv() === 'frhStage' || getEnv() === 'frh' || getEnv() === 'ephem' || getEnv() === 'int' || getEnv() === 'scr';
 }
 
 export function ITLessCognito() {
-  return getEnv() === 'frh' || getEnv() === 'frhStage';
+  return getEnv() === 'frhStage' || getEnv() === 'frh';
 }
 
 export function ITLessKeycloak() {

diff --git a/src/utils/fetchNavigationFiles.ts b/src/utils/fetchNavigationFiles.ts
@@ -2,13 +2,13 @@ import axios from 'axios';
 import { BundleNavigation, NavItem, Navigation } from '../@types/types';
 import { Required } from 'utility-types';
 import { itLessBundles, requiredBundles } from '../components/AppFilter/useAppFilter';
-import { ITLessKeycloak, getChromeStaticPathname, isBeta } from './common';
+import { ITLess, getChromeStaticPathname, isBeta } from './common';
 
 export function isBundleNavigation(item: unknown): item is BundleNavigation {
   return typeof item !== 'undefined';
 }
 
-const bundles = ITLessKeycloak() ? itLessBundles : requiredBundles;
+const bundles = ITLess() ? itLessBundles : requiredBundles;
 
 export function isNavItems(navigation: Navigation | NavItem[]): navigation is Navigation {
   return Array.isArray((navigation as Navigation).navItems);