Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add error mapping list feature to oidc login method #1387

Merged
merged 32 commits into from
Jul 28, 2023
Merged

Add error mapping list feature to oidc login method #1387

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
32 commits
Select commit Hold shift + click to select a range
9619527
feat: Updated TS version, utilised base configuration. Refactored to …
shilob May 2, 2023
3596bac
feat: Sails Core types - updated TS version and base configuration. A…
shilob May 2, 2023
aa10af1
feat: NG15 migration - updated NG common lib and report app to use sh…
shilob May 2, 2023
07d440c
Merge branch 'develop' into feature/ng15-forms
shilob May 3, 2023
db8bacd
chore: Core improved to remove use of external library to check paths…
shilob May 3, 2023
7468303
Refactored i18next backend to use supported library, used common dto…
shilob May 3, 2023
95937c0
fixed: Added missing libraries required for CircleCI build, updated C…
shilob May 3, 2023
dc09685
fixed: CodeCov tsconfig updated to match main tsconfig
shilob May 3, 2023
239f98d
Initial skeleton for supporting dynamic rendering of form fields as w…
shilob May 18, 2023
2258a86
Updated code to handle missing components, renamed resolver service n…
shilob Jun 22, 2023
bf7579c
Merged develop branch, incurring the following changes:
shilob Jun 28, 2023
33edb91
Fixed build script to compile custom form component library placehold…
shilob Jun 28, 2023
7e31289
Fixed incorrect parent directory path in CI build
shilob Jun 28, 2023
84dd837
Merge branch 'develop' into feature/ng15-forms
shilob Jun 28, 2023
5371804
Fixes for ES6 compatability
shilob Jun 28, 2023
9dd4582
Fixed lodash template parse test. Skipped form app from test harness.
shilob Jun 28, 2023
cd38c5e
Fixed date parse test in lodash template service
shilob Jun 28, 2023
5bc906e
CI: Restored production only npm install at the root
shilob Jun 29, 2023
c5591d6
Add error mapping list feature to oidc login method
alejandro-bulgaris-qcif Jul 4, 2023
d26401c
Add regex groups option matched with interpolation in error message
alejandro-bulgaris-qcif Jul 4, 2023
f52937f
Fix handling of regex groups iterator and defensive coding for proble…
alejandro-bulgaris-qcif Jul 5, 2023
d9d249d
Merge branch 'develop' into feature/oidcErrorMapping
alejandro-bulgaris-qcif Jul 5, 2023
8a475f0
Fix typos in 500 error page
alejandro-bulgaris-qcif Jul 5, 2023
6980200
Handle interpolation object in error pages
alejandro-bulgaris-qcif Jul 5, 2023
e1970b1
Merge branch 'feature/ng15-forms' into feature/oidcErrorMapping
Jul 10, 2023
aa5d7ae
Merge branch 'develop' into feature/ng15-forms
Jul 10, 2023
99ece4c
Merge branch 'feature/ng15-forms' into feature/oidcErrorMapping
Jul 10, 2023
4a5ee22
Reinstated the correct i18next-fs-backend dependency
Jul 10, 2023
cd9388b
Merge branch 'feature/ng15-forms' into feature/oidcErrorMapping
Jul 10, 2023
2d9bdf3
Merge branch 'develop' into feature/oidcErrorMapping
Jul 10, 2023
2ced84e
Simplify error mapping config and use regex groups with names instead…
alejandro-bulgaris-qcif Jul 28, 2023
3e1d275
Merge branch 'develop' into feature/oidcErrorMapping
alejandro-bulgaris-qcif Jul 28, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 5 additions & 1 deletion assets/locales/en/translation.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -695,6 +695,7 @@
"error-header": "Application Error",
"error-auth": "Apologies, we've encountered an issue with your user credentials. Please contact the application administrator.",
"error-403-heading": "Forbidden",
"error-500-heading": "Forbidden",
"error-please-login": "Please login",
"@ckan-record-published-prefix": "Record published at ",
"@ckan-record-submitting-label": "Submitting to CKAN",
Expand Down Expand Up @@ -748,5 +749,8 @@
"invalid-format": "Submission format is invalid",
"server-error": "Server error",
"unknown-error": "Unknown error",
"local-auth-login": "Login"
"local-auth-login": "Login",
"oidc-default-unknown-error": "Login unsuccessful contact your system administrator",
"oidc-user-doesnt-exist-in-tenant": "User account from identity provider does not exist in tenant. The account needs to be added as an external user in the tenant first.",
"oidc-user-doesnt-exist-in-tenant-detail": "For email {{-email}} and url {{-url}} and tenant {{-name}}"
}
129 changes: 120 additions & 9 deletions typescript/api/controllers/UserController.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -263,6 +263,7 @@ export module Controllers {
if (!_.isEmpty(req.param('id'))) {
passportIdentifier = `oidc-${req.param('id')}`
}
let that = this;
sails.config.passport.authenticate(passportIdentifier, function (err, user, info) {
sails.log.verbose("At openIdConnectAuth Controller, verify...");
sails.log.verbose("Error:");
Expand All @@ -272,10 +273,8 @@ export module Controllers {
sails.log.verbose("User:");
sails.log.verbose(user);



if (!_.isEmpty(err) || _.isUndefined(user) || _.isEmpty(user) || user == false) {
sails.log.error(`OpenId Connect Login failed!`)
sails.log.error(`OpenId Connect Login failed!`);
// means the provider has authenticated the user, but has been rejected, redirect to catch-all
if (!_.isEmpty(info) && !_.isString(info) && _.isObject(info)) {
info = JSON.stringify(info);
Expand All @@ -285,10 +284,12 @@ export module Controllers {
}
}

// check if the issue is some obscure session destruction bug
if (_.startsWith(err, "Error: did not find expected authorization request details in session")) {
// letting the user try again seems to 'refresh' the session
req.session['data'] = `oidc-login-session-destroyed`;
let oidcConfig = _.get(sails.config, 'auth.default.oidc');
let errorMessage = _.get(err, 'message');
let errorMessageDecoded = that.decodeErrorMappings(oidcConfig, errorMessage);
sails.log.verbose('After decodeErrorMappings - errorMessageDecoded: ' + JSON.stringify(errorMessageDecoded));
if(!_.isEmpty(errorMessageDecoded)) {
req.session['data'] = errorMessageDecoded;
return res.serverError();
}

Expand All @@ -302,7 +303,7 @@ export module Controllers {
if (_.isEmpty(req.session.data)) {
req.session['data'] = {
"message": 'error-auth',
"detailedMessager": `${err}${info}`
"detailedMessage": `${err}${info}`
};
}

Expand Down Expand Up @@ -334,6 +335,116 @@ export module Controllers {
sails.config.passport.authenticate(passportIdentifier)(req, res);
}

private decodeErrorMappings(options, errorMessage) {

sails.log.verbose('decodeErrorMappings - errorMessage: ' + errorMessage);
sails.log.verbose('decodeErrorMappings - options: ' + JSON.stringify(options));
let errorMessageDecoded = 'oidc-default-unknown-error';
let errorMappingList = _.get(options, 'errorMappings', []);
let errorMessageDecodedAsObject = {};

if(!_.isUndefined(errorMessage) && !_.isNull(errorMessage)) {

sails.log.verbose('decodeErrorMappings - errorMappingList: ' + JSON.stringify(errorMappingList));
for(let errorMappingDetails of errorMappingList) {

let matchRegex = false;
let matchString = false;
let matchRegexWithGroups = _.get(errorMappingDetails, 'matchRegexWithGroups', false);
let fieldLanguageCode = _.get(errorMappingDetails, 'altErrorRedboxCodeMessage');
let fieldLanguageCode2 = _.get(errorMappingDetails, 'altErrorRedboxCodeDetails', '');
let asObject = _.get(errorMappingDetails, 'altErrorAsObject', false);
let regexPattern = _.get(errorMappingDetails, 'errorDescPattern');

if(!_.isUndefined(regexPattern) && _.isRegExp(regexPattern)) {
matchRegex = true;
matchString = false;
} else if(!_.isUndefined(regexPattern) && !_.isRegExp(regexPattern) && _.isString(regexPattern) && !_.isEmpty(regexPattern)) {
matchRegex = false;
matchString = true;
} else {
errorMessageDecoded = fieldLanguageCode;
break;
}

if (matchRegex) {
sails.log.verbose('decodeErrorMappings - regexPattern ' + regexPattern);
if(this.validateRegex(errorMessage, regexPattern)) {
if(asObject) {
errorMessageDecodedAsObject = {
message: fieldLanguageCode,
detailedMessage: fieldLanguageCode2
}
break;
} else if(matchRegexWithGroups && _.isRegExp(regexPattern)) {
let matchRegexGroupsDecoded = this.validateRegexWithGroups(errorMessage, regexPattern);
if(!_.isEmpty(matchRegexGroupsDecoded)) {
sails.log.verbose('decodeErrorMappings - interpolationObj ' + JSON.stringify(matchRegexGroupsDecoded));
sails.log.verbose('decodeErrorMappings - detailedMessage ' + fieldLanguageCode2);
errorMessageDecodedAsObject = {
message: fieldLanguageCode,
detailedMessage: fieldLanguageCode2,
interpolation: true,
interpolationObj: matchRegexGroupsDecoded
}
break;
}
} else {
errorMessageDecoded = fieldLanguageCode;
break;
}
}

} else if (matchString) {
let errorRefDesc = _.get(errorMappingDetails, 'errorDescPattern');
if(errorMessage.includes(errorRefDesc)){
if(asObject) {
errorMessageDecodedAsObject = {
message: fieldLanguageCode,
detailedMessage: fieldLanguageCode2
}
} else {
errorMessageDecoded = fieldLanguageCode;
}
break;
}
}

}
}

if(!_.isEmpty(errorMessageDecodedAsObject)) {
return errorMessageDecodedAsObject;
} else {
return errorMessageDecoded;
}
}

private validateRegex(errorMessage, regexPattern) {
if(_.isRegExp(regexPattern)) {
let re = new RegExp(regexPattern);
sails.log.verbose('decodeErrorMappings errorMessage.toString() ' + errorMessage.toString());
let reTestResult = re.test(errorMessage.toString());
sails.log.verbose('decodeErrorMappings reTestResult ' + reTestResult);
return reTestResult;
} else {
return false;
}
}

private validateRegexWithGroups(errorMessage, regexPattern) {
// let decodedGroups = _.clone(groups);
let re = new RegExp(regexPattern);
const matches = re.exec(errorMessage);

let interpolationMap = {}
let groups = _.get(matches, 'groups');
if(!_.isUndefined(groups)) {
interpolationMap = groups;
}

return interpolationMap;
}

public aafLogin(req, res) {
sails.config.passport.authenticate('aaf-jwt', function (err, user, info) {
Expand All @@ -353,7 +464,7 @@ export module Controllers {
if (_.isEmpty(req.session.data)) {
req.session['data'] = {
"message": 'error-auth',
"detailedMessager": `${err}${info}`
"detailedMessage": `${err}${info}`
};
}
return res.serverError();
Expand Down
6 changes: 5 additions & 1 deletion views/403.ejs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,11 @@
<%= TranslationService.t(data.message) %>
</p>
<p>
<%= TranslationService.t(data.detailedMessage) %>
<% if( req.session.data.interpolation == true) { %>
<%= TranslationService.tInter(req.session.data.detailedMessage, req.session.data.interpolationObj) %>
<% } else { %>
<%= TranslationService.t(req.session.data.detailedMessage) %>
<% } %>

<% } else { %>
<%= TranslationService.t(data) %>
Expand Down
8 changes: 6 additions & 2 deletions views/500.ejs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@
<div class="col-xs-8">
<div class="panel panel-danger">
<div class="panel-heading">
<h3 class="panel-title"><%= TranslationService.t('error-403-heading') %></h3>
<h3 class="panel-title"><%= TranslationService.t('error-500-heading') %></h3>
</div>
<div class="panel-body">
<p>
Expand All @@ -46,7 +46,11 @@
<%= TranslationService.t(req.session.data.message) %>
</p>
<p>
<%= TranslationService.t(req.session.data.detailedMessager) %>
<% if( req.session.data.interpolation == true) { %>
<%= TranslationService.tInter(req.session.data.detailedMessage, req.session.data.interpolationObj) %>
<% } else { %>
<%= TranslationService.t(req.session.data.detailedMessage) %>
<% } %>

<% } else { %>
<%= TranslationService.t(req.session.data) %>
Expand Down