From 7976d030cca2e18ae4134ac3e1bd658552f44940 Mon Sep 17 00:00:00 2001 From: Igor Richter Date: Wed, 13 Sep 2023 15:52:46 +0200 Subject: [PATCH 1/6] add v3 call for depseudonymisation behind a feature flag --- controllers/oauth2.js | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/controllers/oauth2.js b/controllers/oauth2.js index 710f055e1c..71d9ffec54 100644 --- a/controllers/oauth2.js +++ b/controllers/oauth2.js @@ -131,11 +131,18 @@ router.post('/consent', auth.authChecker, (r, w) => acceptConsent(r, w, r.query. router.get('/username/:pseudonym', (req, res, next) => { if (req.cookies.jwt) { - return api(req).get('/pseudonym', { - qs: { - pseudonym: req.params.pseudonym, - }, - }).then((pseudonym) => { + if (Configuration.get('FEATURE_CTL_TOOLS_TAB_ENABLED')) { + res = api(req, { version: 'v3' }) + .get(`/pseudonyms/${req.params.pseudonym}`); + } else { + res = api(req) + .get('/pseudonym', { + qs: { + pseudonym: req.params.pseudonym, + }, + }); + } + res.then((pseudonym) => { let shortName; let completeName; const anonymousName = '???'; @@ -153,7 +160,8 @@ router.get('/username/:pseudonym', (req, res, next) => { shortTitle: res.locals.theme.short_title, }), }); - }).catch(next); + }) + .catch(next); } return res.render('oauth2/username', { depseudonymized: false, From 5c3f44d012f5c8e52a4d4e05722a2c534deff8d4 Mon Sep 17 00:00:00 2001 From: Igor Richter Date: Wed, 20 Sep 2023 15:10:22 +0200 Subject: [PATCH 2/6] change response to an array entry --- controllers/oauth2.js | 1 + 1 file changed, 1 insertion(+) diff --git a/controllers/oauth2.js b/controllers/oauth2.js index 71d9ffec54..c7cdee48d8 100644 --- a/controllers/oauth2.js +++ b/controllers/oauth2.js @@ -134,6 +134,7 @@ router.get('/username/:pseudonym', (req, res, next) => { if (Configuration.get('FEATURE_CTL_TOOLS_TAB_ENABLED')) { res = api(req, { version: 'v3' }) .get(`/pseudonyms/${req.params.pseudonym}`); + res = [res]; } else { res = api(req) .get('/pseudonym', { From f9a77ba2736f9348f0a818062728ade212945e9f Mon Sep 17 00:00:00 2001 From: Arne Gnisa Date: Wed, 20 Sep 2023 15:46:34 +0200 Subject: [PATCH 3/6] N21-1269 changed response --- controllers/oauth2.js | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/controllers/oauth2.js b/controllers/oauth2.js index c7cdee48d8..61b445bd63 100644 --- a/controllers/oauth2.js +++ b/controllers/oauth2.js @@ -101,7 +101,8 @@ router.get('/consent', csrfProtection, auth.authChecker, (req, res, next) => { ({ skipConsent } = tools.data[0]); } else { throw new Error( - `Unable to find a singular LtiTool with client_id ${consentRequest.client.client_id} for consent request`, + `Unable to find a singular LtiTool with client_id + ${consentRequest.client.client_id} for consent request`, ); } } @@ -132,9 +133,11 @@ router.post('/consent', auth.authChecker, (r, w) => acceptConsent(r, w, r.query. router.get('/username/:pseudonym', (req, res, next) => { if (req.cookies.jwt) { if (Configuration.get('FEATURE_CTL_TOOLS_TAB_ENABLED')) { - res = api(req, { version: 'v3' }) + const apiv3res = api(req, { version: 'v3' }) .get(`/pseudonyms/${req.params.pseudonym}`); - res = [res]; + res = { + data: [apiv3res], + }; } else { res = api(req) .get('/pseudonym', { From dc21757237db136d05ae35448a7ebdd990fa2b4b Mon Sep 17 00:00:00 2001 From: Arne Gnisa Date: Wed, 20 Sep 2023 16:19:57 +0200 Subject: [PATCH 4/6] N21-1269 fixes /username/:pseudonym --- controllers/oauth2.js | 39 +++++++++++++++++++-------------------- 1 file changed, 19 insertions(+), 20 deletions(-) diff --git a/controllers/oauth2.js b/controllers/oauth2.js index 61b445bd63..1ada5ee88e 100644 --- a/controllers/oauth2.js +++ b/controllers/oauth2.js @@ -132,21 +132,20 @@ router.post('/consent', auth.authChecker, (r, w) => acceptConsent(r, w, r.query. router.get('/username/:pseudonym', (req, res, next) => { if (req.cookies.jwt) { + let apiPromise; if (Configuration.get('FEATURE_CTL_TOOLS_TAB_ENABLED')) { - const apiv3res = api(req, { version: 'v3' }) - .get(`/pseudonyms/${req.params.pseudonym}`); - res = { - data: [apiv3res], - }; + apiPromise = api(req, { version: 'v3' }) + .get(`/pseudonyms/${req.params.pseudonym}`) + .then((response) => ({ data: [response] })); } else { - res = api(req) - .get('/pseudonym', { - qs: { - pseudonym: req.params.pseudonym, - }, - }); + apiPromise = api(req).get('/pseudonym', { + qs: { + pseudonym: req.params.pseudonym, + }, + }); } - res.then((pseudonym) => { + + apiPromise.then((pseudonym) => { let shortName; let completeName; const anonymousName = '???'; @@ -164,15 +163,15 @@ router.get('/username/:pseudonym', (req, res, next) => { shortTitle: res.locals.theme.short_title, }), }); - }) - .catch(next); + }).catch(next); + } else { + return res.render('oauth2/username', { + depseudonymized: false, + completeName: res.$t('login.oauth2.label.showName'), + shortName: res.$t('login.oauth2.label.showName'), + infoText: '', + }); } - return res.render('oauth2/username', { - depseudonymized: false, - completeName: res.$t('login.oauth2.label.showName'), - shortName: res.$t('login.oauth2.label.showName'), - infoText: '', - }); }); module.exports = router; From 29a9ba5ea339e26380552b6d3b3d31ce30abcb18 Mon Sep 17 00:00:00 2001 From: Arne Gnisa Date: Thu, 21 Sep 2023 11:44:10 +0200 Subject: [PATCH 5/6] N21-1269 changes username logic --- controllers/oauth2.js | 86 ++++++++++++++++++++++++++----------------- 1 file changed, 52 insertions(+), 34 deletions(-) diff --git a/controllers/oauth2.js b/controllers/oauth2.js index 1ada5ee88e..c7b2383580 100644 --- a/controllers/oauth2.js +++ b/controllers/oauth2.js @@ -18,13 +18,15 @@ const getVersion = () => { const VERSION = getVersion(); router.get('/login', csrfProtection, (req, res, next) => api(req, { version: VERSION }) - .get(`/oauth2/loginRequest/${req.query.login_challenge}`).then((loginRequest) => { + .get(`/oauth2/loginRequest/${req.query.login_challenge}`) + .then((loginRequest) => { req.session.login_challenge = req.query.login_challenge; if (loginRequest.skip) { return res.redirect('/oauth2/login/success'); } return res.redirect(Configuration.get('NOT_AUTHENTICATED_REDIRECT_URL')); - }).catch(next)); + }) + .catch(next)); router.get('/login/success', csrfProtection, auth.authChecker, (req, res, next) => { if (!req.session.login_challenge) res.redirect('/dashboard/'); @@ -38,14 +40,17 @@ router.get('/login/success', csrfProtection, auth.authChecker, (req, res, next) .patch( `/oauth2/loginRequest/${req.session.login_challenge}/?accept=1`, { body }, - ).then((loginRequest) => { + ) + .then((loginRequest) => { delete (req.session.login_challenge); return res.redirect(loginRequest.redirect_to); - }).catch(next); + }) + .catch(next); }); router.all('/logout', csrfProtection, auth.authChecker, (req) => { - api(req, { version: VERSION }).get('/oauth2/logoutRequest'); + api(req, { version: VERSION }) + .get('/oauth2/logoutRequest'); }); router.all('/logout/redirect', csrfProtection, auth.authChecker, (req, res, next) => { @@ -53,8 +58,10 @@ router.all('/logout/redirect', csrfProtection, auth.authChecker, (req, res, next redirect_to: '', }; - return api(req, { version: VERSION }).patch(`/oauth2/logoutRequest/${req.query.logout_challenge}`, { body }) - .then((logoutRequest) => res.redirect(logoutRequest.redirect_to)).catch(next); + return api(req, { version: VERSION }) + .patch(`/oauth2/logoutRequest/${req.query.logout_challenge}`, { body }) + .then((logoutRequest) => res.redirect(logoutRequest.redirect_to)) + .catch(next); }); const acceptConsent = (r, w, challenge, grantScopes, remember = false) => { @@ -64,7 +71,8 @@ const acceptConsent = (r, w, challenge, grantScopes, remember = false) => { remember_for: 60 * 60 * 24 * 30, }; - return api(r, { version: VERSION }).patch(`/oauth2/consentRequest/${challenge}/?accept=1`, { body }) + return api(r, { version: VERSION }) + .patch(`/oauth2/consentRequest/${challenge}/?accept=1`, { body }) .then((consentRequest) => w.redirect(consentRequest.redirect_to)); }; @@ -87,7 +95,8 @@ router.get('/consent', csrfProtection, auth.authChecker, (req, res, next) => { // An error occurred (at hydra) return res.send(`${req.query.error}
${req.query.error_description}`); } - return api(req, { version: VERSION }).get(`/oauth2/consentRequest/${req.query.consent_challenge}`) + return api(req, { version: VERSION }) + .get(`/oauth2/consentRequest/${req.query.consent_challenge}`) .then(async (consentRequest) => { let skipConsent = consentRequest.context?.skipConsent; @@ -125,35 +134,42 @@ router.get('/consent', csrfProtection, auth.authChecker, (req, res, next) => { value: scope, })), }); - }).catch(next); + }) + .catch(next); }); router.post('/consent', auth.authChecker, (r, w) => acceptConsent(r, w, r.query.challenge, r.body.grantScopes, true)); -router.get('/username/:pseudonym', (req, res, next) => { +router.get('/username/:pseudonym', async (req, res, next) => { if (req.cookies.jwt) { - let apiPromise; - if (Configuration.get('FEATURE_CTL_TOOLS_TAB_ENABLED')) { - apiPromise = api(req, { version: 'v3' }) - .get(`/pseudonyms/${req.params.pseudonym}`) - .then((response) => ({ data: [response] })); - } else { - apiPromise = api(req).get('/pseudonym', { - qs: { - pseudonym: req.params.pseudonym, - }, - }); - } - - apiPromise.then((pseudonym) => { - let shortName; - let completeName; - const anonymousName = '???'; - completeName = anonymousName; - shortName = completeName; - if (pseudonym.data.length) { - completeName = `${pseudonym.data[0].user.firstName} ${pseudonym.data[0].user.lastName}`; - shortName = `${pseudonym.data[0].user.firstName} ${pseudonym.data[0].user.lastName.charAt(0)}.`; + try { + let shortName = '???'; + let completeName = '???'; + + if (Configuration.get('FEATURE_CTL_TOOLS_TAB_ENABLED')) { + const pseudonymResponse = await api(req, { version: 'v3' }) + .get(`/pseudonyms/${req.params.pseudonym}`); + + const userResponse = await api(req) + .get('/users', { + qs: { id: pseudonymResponse.userId }, + $limit: 1, + }); + completeName = `${userResponse.data[0].firstName} ${userResponse.data[0].lastName}`; + shortName = `${userResponse.data[0].firstName} ${userResponse.data[0].lastName.charAt(0)}.`; + } else { + const feathersPseudonymResponse = await api(req) + .get('/pseudonym', { + qs: { + pseudonym: req.params.pseudonym, + }, + }); + if (feathersPseudonymResponse.data.length) { + // eslint-disable-next-line max-len + completeName = `${feathersPseudonymResponse.data[0].user.firstName} ${feathersPseudonymResponse.data[0].user.lastName}`; + // eslint-disable-next-line max-len + shortName = `${feathersPseudonymResponse.data[0].user.firstName} ${feathersPseudonymResponse.data[0].user.lastName.charAt(0)}.`; + } } return res.render('oauth2/username', { depseudonymized: true, @@ -163,7 +179,9 @@ router.get('/username/:pseudonym', (req, res, next) => { shortTitle: res.locals.theme.short_title, }), }); - }).catch(next); + } catch (error) { + return next(error); + } } else { return res.render('oauth2/username', { depseudonymized: false, From 6227045958934c8865258aa9b521cbfe34350c62 Mon Sep 17 00:00:00 2001 From: Arne Gnisa Date: Fri, 22 Sep 2023 12:02:48 +0200 Subject: [PATCH 6/6] N21-1269 review fixes --- controllers/oauth2.js | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/controllers/oauth2.js b/controllers/oauth2.js index c7b2383580..aadc175442 100644 --- a/controllers/oauth2.js +++ b/controllers/oauth2.js @@ -155,8 +155,10 @@ router.get('/username/:pseudonym', async (req, res, next) => { qs: { id: pseudonymResponse.userId }, $limit: 1, }); - completeName = `${userResponse.data[0].firstName} ${userResponse.data[0].lastName}`; - shortName = `${userResponse.data[0].firstName} ${userResponse.data[0].lastName.charAt(0)}.`; + if (userResponse.data?.length === 1) { + completeName = `${userResponse.data[0].firstName} ${userResponse.data[0].lastName}`; + shortName = `${userResponse.data[0].firstName} ${userResponse.data[0].lastName.charAt(0)}.`; + } } else { const feathersPseudonymResponse = await api(req) .get('/pseudonym', {