Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Change session system #13

Merged
merged 9 commits into from
May 3, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions .env
Original file line number Diff line number Diff line change
Expand Up @@ -11,3 +11,4 @@ LOGIN_HINT: ""
MCP_ID_TOKEN_SIGNED_RESPONSE_ALG: RS256
MCP_USERINFO_SIGNED_RESPONSE_ALG: ""
ACR_VALUES: ""
SESSION_SECRET: CeciEstUnFauxSecret
4 changes: 3 additions & 1 deletion .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,9 @@ name: CI

on:
push:
pull_request:
branches:
- "**"
- "!master"
workflow_dispatch:

jobs:
Expand Down
15 changes: 15 additions & 0 deletions agentconnect.env
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
HOST: http://localhost:3000
PORT: 3000
SITE_TITLE: "Bonjour monde !"
STYLESHEET_URL: https://unpkg.com/bamboo.css
CALLBACK_URL: /login-callback
MCP_CLIENT_ID: client_id_localhost:3000
MCP_CLIENT_SECRET: client_secret_localhost:3000
MCP_PROVIDER: https://fca.integ01.dev-agentconnect.fr/api/v2
MCP_SCOPES: "openid given_name usual_name email phone uid siren siret idp_id idp_acr"
LOGIN_HINT: ""
MCP_ID_TOKEN_SIGNED_RESPONSE_ALG: RS256
MCP_USERINFO_SIGNED_RESPONSE_ALG: RS256
ACR_VALUES: eidas1
SESSION_SECRET: CeciEstUnFauxSecret
SHOW_AGENTCONNECT_BUTTON: true
8 changes: 4 additions & 4 deletions e2e/features/connexion.feature
Original file line number Diff line number Diff line change
@@ -1,15 +1,15 @@
#language: fr
Fonctionnalité: Connexion de [email protected]
Scénario: Connexion d'un utilisateur

Scénario: Connexion d'un utilisateur
Etant donné que je navigue sur la page
Alors je vois "Bonjour monde !"
Quand je clique sur le bouton MonComptePro

Quand je me connecte en tant que [email protected] sur moncomptepro
Et je vois "Votre organisation de rattachement" sur moncomptepro
Et je click sur "Continuer" sur moncomptepro
Et je clique sur "Continuer" sur moncomptepro

Alors je suis redirigé sur "/"
Et je vois "Information utilisateur"
Et je vois "Information utilisateur"
Et je vois "[email protected]"
2 changes: 1 addition & 1 deletion e2e/features/connexion.ts
Original file line number Diff line number Diff line change
Expand Up @@ -28,7 +28,7 @@ When("je vois {string} sur moncomptepro", (_text: string) => {
});
});

When("je click sur {string} sur moncomptepro", (_text: string) => {
When("je clique sur {string} sur moncomptepro", (_text: string) => {
cy.origin(Cypress.env("MCP_PROVIDER"), { args: _text }, (text) => {
cy.contains(text).click();
});
Expand Down
19 changes: 10 additions & 9 deletions index.js
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
import "dotenv/config";
import express from "express";
import { Issuer } from "openid-client";
import cookieSession from "cookie-session";
import session from "express-session";
import morgan from "morgan";
import * as crypto from "crypto";

Expand All @@ -13,10 +13,11 @@ const app = express();

app.set("view engine", "ejs");
app.use(
cookieSession({
session({
name: "mcp_session",
keys: ["key1", "key2"],
})
secret: process.env.SESSION_SECRET,
rolling: true,
}),
);
app.use(morgan("combined"));

Expand Down Expand Up @@ -86,14 +87,14 @@ app.post(
"/select-organization",
getAuthorizationControllerFactory({
prompt: "select_organization",
})
}),
);

app.post(
"/update-userinfo",
getAuthorizationControllerFactory({
prompt: "update_userinfo",
})
}),
);

app.post(
Expand All @@ -103,7 +104,7 @@ app.post(
prompt: "login",
// alternatively, you can use the 'max_age: 0'
// if so, claims parameter is not necessary as auth_time will be returned
})
}),
);

app.get(process.env.CALLBACK_URL, async (req, res, next) => {
Expand All @@ -120,7 +121,7 @@ app.get(process.env.CALLBACK_URL, async (req, res, next) => {
req.session.userinfo = await client.userinfo(tokenSet.access_token);
req.session.idtoken = tokenSet.claims();
req.session.id_token_hint = tokenSet.id_token;

req.session.oauth2token = tokenSet;
res.redirect("/");
} catch (e) {
next(e);
Expand All @@ -130,7 +131,7 @@ app.get(process.env.CALLBACK_URL, async (req, res, next) => {
app.post("/logout", async (req, res, next) => {
try {
const id_token_hint = req.session.id_token_hint;
req.session = null;
req.session.destroy();
const client = await getMcpClient();
const redirectUrl = client.endSessionUrl({
post_logout_redirect_uri: `${origin}/`,
Expand Down
Loading