-
Notifications
You must be signed in to change notification settings - Fork 103
/
app.js
138 lines (112 loc) · 3.92 KB
/
app.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
'use strict';
const Express = require('express');
const path = require('path');
const hogan = require('hogan-express');
const cookieParser = require('cookie-parser');
const Permissions = require('./lib/permissions');
const KeyCloakService = require('./lib/keyCloakService');
const AdminClient = require('./lib/adminClient');
/**
* URL patterns for permissions. URL patterns documentation https://github.com/snd/url-pattern.
*/
const PERMISSIONS = new Permissions([
['/customers', 'post', 'res:customer', 'scopes:create'],
['/customers(*)', 'get', 'res:customer', 'scopes:view'],
['/campaigns', 'post', 'res:campaign', 'scopes:create'],
['/campaigns(*)', 'get', 'res:campaign', 'scopes:view'],
['/reports', 'post', 'res:report', 'scopes:create'],
['/reports(*)', 'get', 'res:report', 'scopes:view']
]).notProtect(
'/favicon.ico', // just to not log requests
'/login(*)',
'/accessDenied',
'/adminClient',
'/adminApi(*)',
/**
* It is protected because of we need an access token. Better to move it to the protected area.
*/
'/permissions',
'/checkPermission'
);
let app = Express();
// hogan-express configuration to render html
app.set('view engine', 'html');
app.engine('html', hogan);
let keyCloak = new KeyCloakService(PERMISSIONS);
let adminClient = new AdminClient({
realm: 'CAMPAIGN_REALM',
serverUrl: 'http://localhost:8080',
resource: 'CAMPAIGN_CLIENT',
adminLogin: 'admin',
adminPassword: 'admin'
});
configureMiddleware();
configureRoutes();
const server = app.listen(3000, function () {
const port = server.address().port;
console.log('App listening at port %s', port);
});
function configureMiddleware() {
app.use(Express.static(path.join(__dirname, 'static')));
// for a Keycloak token
app.use(cookieParser());
// protection middleware is configured for all links
const logoutUrl = '/logout';
app.use(keyCloak.middleware(logoutUrl));
}
function configureRoutes() {
let router = Express.Router();
app.use('/', router);
// example urls to check protection
app.use('/campaigns', showUrl);
app.use('/customers', showUrl);
app.use('/upload', showUrl);
app.use('/optimizer', showUrl);
app.use('/reports', showUrl);
app.use('/targets', showUrl);
applicationRoutes();
app.get('*', (req, res) => res.sendFile(path.join(__dirname, '/static/index.html')));
}
// this routes are used by this application
function applicationRoutes() {
app.get('/login', login);
app.get('/adminClient', (req, res) => renderAdminClient(res, 'we will have result here'));
app.get('/adminApi', (req, res) => {
let render = renderAdminClient.bind(null, res);
adminClient[req.query.api]()
.then(render)
.catch(render);
});
//get all permissions
app.get('/permissions', (req, res) => {
keyCloak.getAllPermissions(req)
.then(json => res.json(json))
.catch(error => res.end('error ' + error));
});
// check a specified permission
app.get('/checkPermission', (req, res) => {
keyCloak.checkPermission(req, 'res:customer', 'scopes:create')
.then(() => res.end('permission granted'))
.catch(error => res.end('error ' + error));
});
}
function login(req, res) {
keyCloak.loginUser(req.query.login, req.query.password, req, res).then(grant => {
// console.log(grant.__raw);
res.render('loginSuccess', {
userLogin: req.query.login
});
}).catch(error => {
// TODO put login failed code here (we can return 401 code)
console.error(error);
res.end('Login error: ' + error);
});
}
function renderAdminClient(res, result) {
res.render('adminClient', {
result: JSON.stringify(result, null, 4)
});
}
function showUrl(req, res) {
res.end('<a href="javascript: window.history.back()">back</a> Access acquired to ' + req.originalUrl);
}