IT4Change/gradido
3
0
Fork 0
mirror of https://github.com/IT4Change/gradido.git synced 2026-02-06 09:56:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

gms webhook called implicit over api verify-auth-token by the configured

Browse Source 
gms.community-auth-url
This commit is contained in:
Claus-Peter Huebner 2024-03-18 23:25:17 +01:00
parent 2b8b086f6c
commit 7b08ada615
4 changed files with 25 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
backend/src/apis/gms/GmsClient.ts
View File

@ -151,7 +151,7 @@ export async function verifyAuthToken(
token: string,
): Promise<string> {
const baseUrl = CONFIG.GMS_URL.endsWith('/') ? CONFIG.GMS_URL : CONFIG.GMS_URL.concat('/')
const service = 'verify-auth-token'
const service = 'verify-auth-token?token='.concat(token).concat('&uuid=').concat(communityUuid)
const config = {
headers: {
accept: 'application/json',
@ -161,12 +161,14 @@ export async function verifyAuthToken(
// authorization: apiKey,
},
}
/*
const data = {
uuid: communityUuid,
token: token,
}
*/
try {
const result = await axios.get(baseUrl.concat(service), data, config)
const result = await axios.get(baseUrl.concat(service), config)
logger.debug('GET-Response of verify-auth-token:', result)
if (result.status !== 200) {
throw new LogError(

2
backend/src/server/createServer.ts
View File

@ -97,7 +97,7 @@ export const createServer = async (
// GMS Webhook
// eslint-disable-next-line @typescript-eslint/no-misused-promises
app.post('/hook/gms/' + CONFIG.GMS_WEBHOOK_SECRET, gmsWebhook)
app.get('/hook/gms/' + CONFIG.GMS_WEBHOOK_SECRET, gmsWebhook)
// Apollo Server
const apollo = new ApolloServer({

1
backend/src/server/plugins.ts
View File

@ -37,6 +37,7 @@ const logPlugin = {
const { logger } = requestContext
const { query, mutation, variables, operationName } = requestContext.request
if (operationName !== 'IntrospectionQuery') {
logger.debug('requestDidStart:', requestContext)
logger.info(`Request:
${mutation || query}variables: ${JSON.stringify(filterVariables(variables), null, 2)}`)
}

33
backend/src/webhook/gms.ts
View File

@ -6,27 +6,32 @@
import { User as DbUser } from '@entity/User'
import { decode } from '@/auth/JWT'
import { backendLogger as logger } from '@/server/logger'
// import { backendLogger as logger } from '@/server/logger'
export const gmsWebhook = async (req: any, res: any): Promise<void> => {
logger.info('GMS Hook received', req.body)
const { token } = req.body
console.log('GMS Hook received', req)
const { token } = req.query
if (!token) {
logger.warn('gmsWebhook: missing token')
console.log('gmsWebhook: missing token')
res.status(400).json({ message: 'false' })
return
}
console.log('gmsWebhook: found token=', token)
const payload = await decode(token)
if (payload) {
const user = await DbUser.findOne({ where: { gradidoID: payload.gradidoID } })
if (!user) {
logger.warn('gmsWebhook: missing user')
res.status(400).json({ message: 'false' })
return
}
logger.info('gmsWebhook: authenticate user=', user)
console.log('gmsWebhook: decoded token=', payload)
if (!payload) {
console.log('gmsWebhook: invalid token')
res.status(400).json({ message: 'false' })
return
}
logger.info('gmsWebhook: authentication successful')
res.status(200).json({ message: 'true' })
const user = await DbUser.findOne({ where: { gradidoID: payload.gradidoID } })
if (!user) {
console.log('gmsWebhook: missing user')
res.status(400).json({ message: 'false' })
return
}
console.log('gmsWebhook: authenticate user=', user)
console.log('gmsWebhook: authentication successful')
res.status(200).json({ userUuid: user.gradidoID })
}