feat(well-known): more robust config enpoints

OADA · Feb 13, 2024 · 859101d · 859101d
1 parent a923942
commit 859101d
Show file tree

Hide file tree

Showing 10 changed files with 288 additions and 166 deletions.
diff --git a/oada/.eslintrc.yaml b/oada/.eslintrc.yaml
@@ -42,7 +42,7 @@ parserOptions:
   project: './**/tsconfig.*'
 
 overrides:
-  - files: '*.ts'
+  - files: '*.{c,m,}ts'
     extends:
       - plugin:github/typescript
       - plugin:import/typescript

diff --git a/oada/libs/lib-config/package.json b/oada/libs/lib-config/package.json
@@ -38,7 +38,7 @@
     "convict-format-with-moment": "^6.2.0",
     "convict-format-with-validator": "^6.2.0",
     "debug": "^4.3.4",
-    "dotenv": "^16.4.1",
+    "dotenv": "^16.4.4",
     "json5": "^2.2.3",
     "tslib": "2.6.2",
     "yaml": "^2.3.4"

diff --git a/oada/oada.config.mjs b/oada/oada.config.mjs
@@ -181,6 +181,5 @@ export default {
         },
       ],
     },
-    'openid-configuration': {},
   },
 };
diff --git a/oada/package.json b/oada/package.json
@@ -13,14 +13,14 @@
     "g:pino-pretty": "pino-pretty"
   },
   "devDependencies": {
-    "@commitlint/cli": "^18.6.0",
-    "@commitlint/config-conventional": "^18.6.0",
+    "@commitlint/cli": "^18.6.1",
+    "@commitlint/config-conventional": "^18.6.1",
     "@tsconfig/node20": "^20.1.2",
     "@types/eslint": "^8.56.2",
     "@types/mocha": "^10.0.6",
     "@types/node": "^20.11.17",
-    "@typescript-eslint/eslint-plugin": "^6.21.0",
-    "@typescript-eslint/parser": "^6.21.0",
+    "@typescript-eslint/eslint-plugin": "^7.0.1",
+    "@typescript-eslint/parser": "^7.0.1",
     "@yarnpkg/sdks": "^3.1.0",
     "browserslist": "^4.22.3",
     "c8": "^9.1.0",
@@ -48,7 +48,7 @@
     "eslint-plugin-promise": "^6.1.1",
     "eslint-plugin-regexp": "^2.2.0",
     "eslint-plugin-security": "^2.1.0",
-    "eslint-plugin-sonarjs": "^0.23.0",
+    "eslint-plugin-sonarjs": "^0.24.0",
     "eslint-plugin-unicorn": "^51.0.1",
     "get-port": "^7.0.0",
     "prettier": "^3.2.5",

diff --git a/oada/services/auth/package.json b/oada/services/auth/package.json
@@ -76,11 +76,11 @@
     "debug": "^4.3.4",
     "ejs": "^3.1.9",
     "es-main": "^1.3.0",
-    "fastify": "^4.26.0",
+    "fastify": "^4.26.1",
     "fastify-graceful-shutdown": "^3.5.1",
     "fastify-healthcheck": "^4.4.0",
     "ioredis": "^5.3.2",
-    "jose": "^5.2.1",
+    "jose": "^5.2.2",
     "minimist": "^1.2.8",
     "oauth2orize": "^1.12.0",
     "oauth2orize-openid": "^0.4.1",

diff --git a/oada/services/http-handler/package.json b/oada/services/http-handler/package.json
@@ -58,7 +58,7 @@
     "debug": "^4.3.4",
     "es-main": "^1.3.0",
     "eventemitter3": "^5.0.1",
-    "fastify": "4.26.0",
+    "fastify": "4.26.1",
     "fastify-graceful-shutdown": "^3.5.1",
     "fastify-healthcheck": "^4.4.0",
     "fastify-jwt-jwks": "^1.1.4",

diff --git a/oada/services/well-known/package.json b/oada/services/well-known/package.json
@@ -43,7 +43,7 @@
     "allow-methods": "^6.1.0",
     "cors": "^2.8.5",
     "debug": "^4.3.4",
-    "fastify": "^4.26.0",
+    "fastify": "^4.26.1",
     "got": "^14.2.0",
     "openid-client": "^5.6.4",
     "tslib": "2.6.2"

diff --git a/oada/services/well-known/src/config.ts b/oada/services/well-known/src/config.ts
@@ -91,14 +91,6 @@ export const { config, schema } = await libConfig({
         ],
       },
     },
-    'openid-configuration': {
-      format: Object,
-      default: {},
-    },
-    'oauth-authorization-server': {
-      format: Object,
-      default: {},
-    },
   },
 });
 
@@ -107,6 +99,7 @@ const server = config.get('wellKnown.server');
 if (!config.get('wellKnown.oada-configuration.oada_base_uri')) {
   config.set(
     'wellKnown.server.oada-configuration.oada_base_uri',
+    // eslint-disable-next-line sonarjs/no-nested-template-literals
     `${server.mode}//${server.domain}${server.port ? `:${server.port}` : ''}${
       server.path_prefix ?? ''
     }`,

diff --git a/oada/services/well-known/src/index.ts b/oada/services/well-known/src/index.ts
@@ -51,9 +51,9 @@ export async function discoverConfiguration(issuer: string | URL) {
       const { metadata } = await Issuer.discover(`https://${issuer}`);
       return metadata;
     }
-  } catch (error: unknown) {
+  } catch {
     fastify.log.error({ issuer }, 'Failed OIDC discovery for issuer');
-    throw error;
+    return {};
   }
 }
 
@@ -103,14 +103,6 @@ const wellKnownOptions = {
       ...config.get('wellKnown.oada-configuration'),
       ...configuration,
     },
-    'openid-configuration': {
-      ...config.get('wellKnown.openid-configuration'),
-      ...configuration,
-    },
-    'oauth-authorization-server': {
-      ...config.get('wellKnown.oauth-authorization-server'),
-      ...configuration,
-    },
   },
 };
 
@@ -120,6 +112,19 @@ const subservices = new Set(
     .map((s) => (typeof s === 'string' ? s : join(s.base, s.addPrefix ?? ''))),
 );
 
+// Redirect other OIDC config endpoints to oada-configuration endpoint
+await fastify.register(
+  async (app) => {
+    app.all('/openid-configuration', async (_request, reply) =>
+      reply.redirect(301, '/oada-configuration'),
+    );
+    app.all('/oauth-authorization-server', async (_request, reply) =>
+      reply.redirect(301, '/oada-configuration'),
+    );
+  },
+  { prefix: '/.well-known/' },
+);
+
 await fastify.register(
   async (app) => {
     app.addHook('preSerialization', async (request, _reply, payload) => {
-Original file line number
+Diff line change
@@ Expand Up / @@ -181,6 +181,5 @@ export default { @@
             },
           ],
         },
-        'openid-configuration': {},
       },
     };