Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update npm dependencies, Node, GitHub Actions; swap out keycloak-connect for jsonwebtoken #95

Merged
merged 2 commits into from
Sep 25, 2024
Merged

Update npm dependencies, Node, GitHub Actions; swap out keycloak-connect for jsonwebtoken #95

merged 2 commits into from
Sep 25, 2024

Conversation

norrisng-bc
Copy link
Contributor

Description

  • Update Node to latest LTS
  • Update npm dependencies
    • Swap out keycloak-connect for jsonwebtoken (it's since been deprecated)
  • Update GitHub Actions

https://apps.nrs.gov.bc.ca/int/jira/browse/SHOWCASE-3623

Types of changes

Bug fix (non-breaking change which fixes an issue)

Checklist

  • I have read the CONTRIBUTING doc
  • I have checked that unit tests pass locally with my changes
  • I have added tests that prove my fix is effective or that my feature works
  • I have added necessary documentation (if appropriate)

Further comments

N/A

@github-actions GitHub Actions
Copy link

github-actions bot commented Sep 24, 2024
edited
Loading

Coverage Report (Application)

Totals Coverage
Statements: 10.67% ( 27 / 253 )
Methods: 10% ( 3 / 30 )
Lines: 13.33% ( 20 / 150 )
Branches: 5.48% ( 4 / 73 )

@github-actions GitHub Actions
Copy link

Coverage Report (Frontend)

Totals Coverage
Statements: 32.71% ( 35 / 107 )
Methods: 33.33% ( 9 / 27 )
Lines: 40.38% ( 21 / 52 )
Branches: 17.86% ( 5 / 28 )

codeclimate[bot]
codeclimate bot reviewed Sep 24, 2024
View reviewed changes
app/src/middleware/authentication.js
/**
* Performs JWT verification.
*/
authenticate: (req, res, next) => {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Function authenticate has a Cognitive Complexity of 16 (exceeds 5 allowed). Consider refactoring.

app/src/middleware/authentication.js
/**
* Performs JWT verification.
*/
authenticate: (req, res, next) => {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Function authenticate has 40 lines of code (exceeds 25 allowed). Consider refactoring.

@codeclimate CodeClimate
Copy link

codeclimate bot commented Sep 24, 2024
edited
Loading

Code Climate has analyzed commit 0352b94 and detected 2 issues on this pull request.

Here's the issue category breakdown:

Category Count
Complexity 2

The test coverage on the diff in this pull request is 0.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 20.2% (-1.6% change).

View more on Code Climate.

@norrisng-bc
Swap out keycloak-connect for jsonwebtoken
0352b94 
keycloak-connect has since been deprecated
@norrisng-bc norrisng-bc force-pushed the chore/dependency-updates branch from a446f8d to 0352b94 Compare September 24, 2024 18:27
codeclimate[bot]
codeclimate bot reviewed Sep 24, 2024
View reviewed changes
app/src/middleware/authentication.js
/**
* Performs JWT verification.
*/
authenticate: (req, res, next) => {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Function authenticate has a Cognitive Complexity of 15 (exceeds 5 allowed). Consider refactoring.

app/src/middleware/authentication.js
/**
* Performs JWT verification.
*/
authenticate: (req, res, next) => {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Function authenticate has 39 lines of code (exceeds 25 allowed). Consider refactoring.

TimCsaky
TimCsaky approved these changes Sep 25, 2024
View reviewed changes
Copy link
Contributor

@TimCsaky TimCsaky left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

all looks fine to me.
The helm chart/github actions doesnt create a separate config-map and environment variables for the pr deployment.
I did just manually add FRONTEND_KC_PUBLICKEY in openshift (dev) so if the pr is updated it should work now.
But when it's merged to master it should work fine anyway.

app/src/cdogsService/routes.js
healthCheck(req, res, next);
});

routes.post('/template/render', keycloak.protect(protector), (req, res, next) => {
Copy link
Contributor

@TimCsaky TimCsaky Sep 25, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this keycloak-protect() function we were using before was only verifying the jwt was from the realm in server.keycloak properties, and not verifying 'audience'.

But with the new authenticate() function we are instead verifying the jwt came from the realm and has audience matching attributes of frontend.keyclaok.
But I think the new pattern is correct.

@TimCsaky TimCsaky merged commit 01c38e9 into master Sep 25, 2024
16 of 17 checks passed
@norrisng-bc norrisng-bc mentioned this pull request Oct 8, 2024
Merged
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@codeclimate codeclimate[bot] codeclimate[bot] left review comments

@TimCsaky TimCsaky TimCsaky approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@norrisng-bc @TimCsaky