From 2ef8f03c664babe61770e968ad34f8ce8f15efbe Mon Sep 17 00:00:00 2001
From: Lansana DIOMANDE <ldiomande@takima.fr>
Date: Tue, 19 Apr 2022 16:55:13 +0200
Subject: [PATCH] refactor: use config.ts to handle value of
 REJECT_UNAUTHORIZED

---
 deadlock-plugins/deadlock-extension/src/config.prod.ts   | 1 +
 .../deadlock-extension/src/config.staging.ts             | 1 +
 deadlock-plugins/deadlock-extension/src/config.ts        | 1 +
 .../src/core/keycloakOAuth2DeviceFlowConnection.ts       | 9 +++++----
 4 files changed, 8 insertions(+), 4 deletions(-)

diff --git a/deadlock-plugins/deadlock-extension/src/config.prod.ts b/deadlock-plugins/deadlock-extension/src/config.prod.ts
index 80c3d02a..46ee6889 100644
--- a/deadlock-plugins/deadlock-extension/src/config.prod.ts
+++ b/deadlock-plugins/deadlock-extension/src/config.prod.ts
@@ -2,3 +2,4 @@ export const KEYCLOAK_DEVICE_AUTH_URL =
   'https://auth.deadlock.io/auth/realms/Deadlock/protocol/openid-connect/auth/device';
 export const KEYCLOAK_TOKEN_CREATE_URL = 'https://auth.deadlock.io/auth/realms/Deadlock/protocol/openid-connect/token';
 export const KEYCLOAK_USER_INFO_URL = 'https://auth.deadlock.io/auth/realms/Deadlock/protocol/openid-connect/userinfo';
+export const REJECT_UNAUTHORIZED = true;
diff --git a/deadlock-plugins/deadlock-extension/src/config.staging.ts b/deadlock-plugins/deadlock-extension/src/config.staging.ts
index 757b1b4d..e8ddb5e9 100644
--- a/deadlock-plugins/deadlock-extension/src/config.staging.ts
+++ b/deadlock-plugins/deadlock-extension/src/config.staging.ts
@@ -4,3 +4,4 @@ export const KEYCLOAK_TOKEN_CREATE_URL =
   'https://auth.staging.deadlock.io/auth/realms/Deadlock/protocol/openid-connect/token';
 export const KEYCLOAK_USER_INFO_URL =
   'https://auth.staging.deadlock.io/auth/realms/Deadlock/protocol/openid-connect/userinfo';
+export const REJECT_UNAUTHORIZED = true;
diff --git a/deadlock-plugins/deadlock-extension/src/config.ts b/deadlock-plugins/deadlock-extension/src/config.ts
index 4ea235cf..a53b3ab5 100644
--- a/deadlock-plugins/deadlock-extension/src/config.ts
+++ b/deadlock-plugins/deadlock-extension/src/config.ts
@@ -4,3 +4,4 @@ export const KEYCLOAK_TOKEN_CREATE_URL =
   'https://auth.dev.deadlock.io/auth/realms/Deadlock/protocol/openid-connect/token';
 export const KEYCLOAK_USER_INFO_URL =
   'https://auth.dev.deadlock.io/auth/realms/Deadlock/protocol/openid-connect/userinfo';
+export const REJECT_UNAUTHORIZED = false;
diff --git a/deadlock-plugins/deadlock-extension/src/core/keycloakOAuth2DeviceFlowConnection.ts b/deadlock-plugins/deadlock-extension/src/core/keycloakOAuth2DeviceFlowConnection.ts
index 07eba23c..c57b5b05 100644
--- a/deadlock-plugins/deadlock-extension/src/core/keycloakOAuth2DeviceFlowConnection.ts
+++ b/deadlock-plugins/deadlock-extension/src/core/keycloakOAuth2DeviceFlowConnection.ts
@@ -3,8 +3,9 @@ import fetch, { Response } from 'node-fetch';
 import { HttpStatusCode } from '../customTypings/HttpStatusCode';
 import { TokenFetchErrorCode } from '../customTypings/KeycloakAPITypes';
 import { error as err, log } from '../recorder/utils';
+import { REJECT_UNAUTHORIZED } from '../config';
 
-process.env['NODE_TLS_REJECT_UNAUTHORIZED'] = '0'; // TODO: remove when SSL will work
+process.env['NODE_TLS_REJECT_UNAUTHORIZED'] = REJECT_UNAUTHORIZED ? '1' : '0'; // TODO: remove when SSL will work
 
 export default class KeycloakOAuth2DeviceFlowConnection {
   private waitDuration: WaitDuration;
@@ -39,7 +40,7 @@ export default class KeycloakOAuth2DeviceFlowConnection {
         Authorization: `Bearer ${accessToken}`,
       },
       body: '',
-      agent: new https.Agent({ rejectUnauthorized: false }), // TODO: remove when SSL will work
+      agent: new https.Agent({ rejectUnauthorized: REJECT_UNAUTHORIZED }), // TODO: remove when SSL will work
     });
     const tokenValidationRequestResponseCode = tokenValidationRequestResponse.status;
     switch (tokenValidationRequestResponseCode) {
@@ -126,7 +127,7 @@ export default class KeycloakOAuth2DeviceFlowConnection {
         'Content-Type': 'application/x-www-form-urlencoded',
       },
       body: body,
-      agent: new https.Agent({ rejectUnauthorized: false }), // TODO: remove when SSL will work
+      agent: new https.Agent({ rejectUnauthorized: REJECT_UNAUTHORIZED }), // TODO: remove when SSL will work
     });
   }
 
@@ -146,7 +147,7 @@ export default class KeycloakOAuth2DeviceFlowConnection {
           'Content-Type': 'application/x-www-form-urlencoded',
         },
         body: body,
-        agent: new https.Agent({ rejectUnauthorized: false }), // TODO: remove when SSL will work
+        agent: new https.Agent({ rejectUnauthorized: REJECT_UNAUTHORIZED }), // TODO: remove when SSL will work
       });
       userAuthenticationRequestResponseCode = userAuthenticationRequestResponse.status;
       switch (userAuthenticationRequestResponseCode) {
-- 
GitLab