From 2ef8f03c664babe61770e968ad34f8ce8f15efbe Mon Sep 17 00:00:00 2001 From: Lansana DIOMANDE <ldiomande@takima.fr> Date: Tue, 19 Apr 2022 16:55:13 +0200 Subject: [PATCH] refactor: use config.ts to handle value of REJECT_UNAUTHORIZED --- deadlock-plugins/deadlock-extension/src/config.prod.ts | 1 + .../deadlock-extension/src/config.staging.ts | 1 + deadlock-plugins/deadlock-extension/src/config.ts | 1 + .../src/core/keycloakOAuth2DeviceFlowConnection.ts | 9 +++++---- 4 files changed, 8 insertions(+), 4 deletions(-) diff --git a/deadlock-plugins/deadlock-extension/src/config.prod.ts b/deadlock-plugins/deadlock-extension/src/config.prod.ts index 80c3d02a..46ee6889 100644 --- a/deadlock-plugins/deadlock-extension/src/config.prod.ts +++ b/deadlock-plugins/deadlock-extension/src/config.prod.ts @@ -2,3 +2,4 @@ export const KEYCLOAK_DEVICE_AUTH_URL = 'https://auth.deadlock.io/auth/realms/Deadlock/protocol/openid-connect/auth/device'; export const KEYCLOAK_TOKEN_CREATE_URL = 'https://auth.deadlock.io/auth/realms/Deadlock/protocol/openid-connect/token'; export const KEYCLOAK_USER_INFO_URL = 'https://auth.deadlock.io/auth/realms/Deadlock/protocol/openid-connect/userinfo'; +export const REJECT_UNAUTHORIZED = true; diff --git a/deadlock-plugins/deadlock-extension/src/config.staging.ts b/deadlock-plugins/deadlock-extension/src/config.staging.ts index 757b1b4d..e8ddb5e9 100644 --- a/deadlock-plugins/deadlock-extension/src/config.staging.ts +++ b/deadlock-plugins/deadlock-extension/src/config.staging.ts @@ -4,3 +4,4 @@ export const KEYCLOAK_TOKEN_CREATE_URL = 'https://auth.staging.deadlock.io/auth/realms/Deadlock/protocol/openid-connect/token'; export const KEYCLOAK_USER_INFO_URL = 'https://auth.staging.deadlock.io/auth/realms/Deadlock/protocol/openid-connect/userinfo'; +export const REJECT_UNAUTHORIZED = true; diff --git a/deadlock-plugins/deadlock-extension/src/config.ts b/deadlock-plugins/deadlock-extension/src/config.ts index 4ea235cf..a53b3ab5 100644 --- a/deadlock-plugins/deadlock-extension/src/config.ts +++ b/deadlock-plugins/deadlock-extension/src/config.ts @@ -4,3 +4,4 @@ export const KEYCLOAK_TOKEN_CREATE_URL = 'https://auth.dev.deadlock.io/auth/realms/Deadlock/protocol/openid-connect/token'; export const KEYCLOAK_USER_INFO_URL = 'https://auth.dev.deadlock.io/auth/realms/Deadlock/protocol/openid-connect/userinfo'; +export const REJECT_UNAUTHORIZED = false; diff --git a/deadlock-plugins/deadlock-extension/src/core/keycloakOAuth2DeviceFlowConnection.ts b/deadlock-plugins/deadlock-extension/src/core/keycloakOAuth2DeviceFlowConnection.ts index 07eba23c..c57b5b05 100644 --- a/deadlock-plugins/deadlock-extension/src/core/keycloakOAuth2DeviceFlowConnection.ts +++ b/deadlock-plugins/deadlock-extension/src/core/keycloakOAuth2DeviceFlowConnection.ts @@ -3,8 +3,9 @@ import fetch, { Response } from 'node-fetch'; import { HttpStatusCode } from '../customTypings/HttpStatusCode'; import { TokenFetchErrorCode } from '../customTypings/KeycloakAPITypes'; import { error as err, log } from '../recorder/utils'; +import { REJECT_UNAUTHORIZED } from '../config'; -process.env['NODE_TLS_REJECT_UNAUTHORIZED'] = '0'; // TODO: remove when SSL will work +process.env['NODE_TLS_REJECT_UNAUTHORIZED'] = REJECT_UNAUTHORIZED ? '1' : '0'; // TODO: remove when SSL will work export default class KeycloakOAuth2DeviceFlowConnection { private waitDuration: WaitDuration; @@ -39,7 +40,7 @@ export default class KeycloakOAuth2DeviceFlowConnection { Authorization: `Bearer ${accessToken}`, }, body: '', - agent: new https.Agent({ rejectUnauthorized: false }), // TODO: remove when SSL will work + agent: new https.Agent({ rejectUnauthorized: REJECT_UNAUTHORIZED }), // TODO: remove when SSL will work }); const tokenValidationRequestResponseCode = tokenValidationRequestResponse.status; switch (tokenValidationRequestResponseCode) { @@ -126,7 +127,7 @@ export default class KeycloakOAuth2DeviceFlowConnection { 'Content-Type': 'application/x-www-form-urlencoded', }, body: body, - agent: new https.Agent({ rejectUnauthorized: false }), // TODO: remove when SSL will work + agent: new https.Agent({ rejectUnauthorized: REJECT_UNAUTHORIZED }), // TODO: remove when SSL will work }); } @@ -146,7 +147,7 @@ export default class KeycloakOAuth2DeviceFlowConnection { 'Content-Type': 'application/x-www-form-urlencoded', }, body: body, - agent: new https.Agent({ rejectUnauthorized: false }), // TODO: remove when SSL will work + agent: new https.Agent({ rejectUnauthorized: REJECT_UNAUTHORIZED }), // TODO: remove when SSL will work }); userAuthenticationRequestResponseCode = userAuthenticationRequestResponse.status; switch (userAuthenticationRequestResponseCode) { -- GitLab