Skip to content

Commit

Permalink
Feature/issue#1 (#2)
Browse files Browse the repository at this point in the history 
* #1 - Upgrade packages from dependabot security alerts

* #1 - Handle decoded id token from cognito

* #1 -Upgrade react and vite and auth packages

* #1 - Publish ui to handle cognito, use id_token.
  • Loading branch information
@patkyn
patkyn authored Oct 29, 2024
1 parent fa8fdc8 commit 95707dc
Show file tree
Hide file tree
Showing 8 changed files with 61 additions and 53 deletions.
2 changes: 1 addition & 1 deletion publishing-service/app/routers/licences.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ class LicenseInfo(Enum):

def get_licence(licenceUrl) -> Union[LicenseInfo, None]:
for licence in LicenseInfo:
if licenceUrl in licence.value['url']:
if licenceUrl.replace("http://", "https://") in licence.value['url']:
return licence
return None

Expand Down
15 changes: 11 additions & 4 deletions publishing-service/app/util/auth.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,12 @@ def get_user(request: Request) -> User:
:param request:
:return:
"""
def get_any(dic, keys, default=""):
for k in keys:
if k in dic:
return dic[k]
return default

auth_header = request.headers.get("Authorization")

if not auth_header:
Expand All @@ -36,10 +42,11 @@ def get_user(request: Request) -> User:
verify_signature=False,
options={'verify_signature': False})

userid = decoded_token['userid']
user_email = decoded_token['email']
user_display_name = decoded_token['name']
roles = decoded_token['role']
userid = get_any(decoded_token, ['userid', 'custom:userid'])
user_email = get_any(decoded_token, ['email'])
user_name = [get_any(decoded_token, ['name', 'given_name']), get_any(decoded_token, ['family_name'])]
user_display_name = " ".join(x for x in user_name if x)
roles = get_any(decoded_token, ['role', 'ala:role'])
is_admin = 'ROLE_ADMIN' in roles
is_publisher = 'ROLE_DATA_PUBLISHER' in roles
return User(userid, user_email, user_display_name, is_admin, is_publisher)
Expand Down
20 changes: 10 additions & 10 deletions publishing-service/requirements.txt
View file
Original file line number Diff line number Diff line change
@@ -1,33 +1,33 @@
uvicorn==0.24.0.post1
fastapi==0.104.1
requests~=2.31.0
uvicorn==0.32.0
fastapi==0.115.4
requests~=2.32.0
botocore~=1.32.6
pandas~=1.3.3
geopandas~=0.10.2
pandas~=1.4.4
geopandas~=0.14.4
matplotlib~=3.7.4
jsonpickle~=2.0.0
pydantic~=2.5.2
python-multipart==0.0.6
python-multipart~=0.0.7
PyJWT~=2.8.0
pytest~=6.2.5
h11~=0.14.0
pip~=23.3.1
toml~=0.10.2
wheel~=0.38.4
cryptography~=38.0.4
cryptography~=43.0.1
py~=1.11.0
lxml~=4.9.3
tornado~=6.3.3
tornado~=6.4.1
anyio~=3.7.1
sniffio~=1.3.0
starlette~=0.27.0
starlette~=0.40.0
click~=8.1.7
mypy~=0.910
decorator~=5.1.1
PyYAML~=6.0
itsdangerous~=2.1.2
Jinja2~=3.1.2
setuptools~=67.0.0
setuptools~=70.0.0
future~=0.18.3
boto3~=1.29.6
awscli~=1.30.6
Expand Down
54 changes: 27 additions & 27 deletions publishing-ui/package.json
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
{
"name": "lists-ui-vite",
"name": "publish-ui-vite",
"private": true,
"version": "0.0.0",
"type": "module",
Expand All @@ -10,8 +10,8 @@
"preview": "vite preview"
},
"dependencies": {
"@apollo/client": "^3.8.3",
"@emotion/react": "^11.11.1",
"@apollo/client": "^3.11.8",
"@emotion/react": "^11.13.3",
"@mantine/core": "^6.0.21",
"@mantine/dropzone": "^6.0.21",
"@mantine/form": "^6.0.21",
Expand All @@ -21,33 +21,33 @@
"@mantine/prism": "^6.0.21",
"@mantine/spotlight": "^6.0.21",
"@mapbox/geojson-extent": "^1.0.1",
"@tabler/icons": "^2.33.0",
"@tabler/icons-react": "^2.34.0",
"@types/geojson": "^7946.0.11",
"@types/mapbox-gl": "^2.7.14",
"apexcharts": "^3.44.0",
"axios": "^1.6.1",
"graphql": "^16.8.0",
"mapbox-gl": "^2.15.0",
"oidc-client-ts": "^2.2.5",
"react": "^18.2.0",
"@tabler/icons": "^3.20.0",
"@tabler/icons-react": "^3.20.0",
"@types/geojson": "^7946.0.14",
"@types/mapbox-gl": "^3.4.0",
"apexcharts": "^3.54.1",
"axios": "^1.7.7",
"graphql": "^16.9.0",
"mapbox-gl": "^3.7.0",
"oidc-client-ts": "^3.1.0",
"react": "^18.3.1",
"react-apexcharts": "^1.4.1",
"react-dom": "^18.2.0",
"react-intl": "^6.4.4",
"react-oidc-context": "^2.3.0",
"react-router-dom": "^6.15.0",
"react-dom": "^18.3.1",
"react-intl": "^6.8.1",
"react-oidc-context": "^3.2.0",
"react-router-dom": "^6.27.0",
"wkt": "^0.1.1"
},
"devDependencies": {
"@types/react": "^18.2.15",
"@types/react-dom": "^18.2.7",
"@typescript-eslint/eslint-plugin": "^6.0.0",
"@typescript-eslint/parser": "^6.0.0",
"@vitejs/plugin-react": "^4.0.3",
"eslint": "^8.45.0",
"eslint-plugin-react-hooks": "^4.6.0",
"eslint-plugin-react-refresh": "^0.4.3",
"typescript": "^5.0.2",
"vite": "^4.4.5"
"@types/react": "^18.3.12",
"@types/react-dom": "^18.3.1",
"@typescript-eslint/eslint-plugin": "^8.11.0",
"@typescript-eslint/parser": "^8.11.0",
"@vitejs/plugin-react": "^4.3.3",
"eslint": "^9.13.0",
"eslint-plugin-react-hooks": "^5.0.0",
"eslint-plugin-react-refresh": "^0.4.13",
"typescript": "^5.6.3",
"vite": "^5.4.10"
}
}
7 changes: 3 additions & 4 deletions publishing-ui/src/main.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ import messages_en from "./translations/en.json";
import {IntlProvider} from "react-intl";
import {setContext} from "@apollo/client/link/context";
import {Notifications} from "@mantine/notifications";
import { AuthProvider } from "react-oidc-context";
import { hasAuthParams, AuthProvider } from "react-oidc-context";
import {User, WebStorageStateStore} from "oidc-client-ts";

const httpLink = createHttpLink({
Expand All @@ -22,7 +22,7 @@ const authLink = setContext((_, { headers }) => {
if (oidcStorage) {
const user = User.fromStorageString(oidcStorage);
if (!user.expired){
const token = user?.access_token;
const token = user?.id_token || user?.access_token;
return {
headers: {
...headers,
Expand Down Expand Up @@ -59,8 +59,7 @@ const oidcConfig = {
post_logout_redirect_uri: import.meta.env.VITE_OIDC_REDIRECT_URL,
userStore: new WebStorageStateStore({ store: window.localStorage }),
onSigninCallback: () => {
const { search } = window.location;
if (search.includes('code=') && search.includes('state=')) {
if (hasAuthParams(window.location)) {
const params = new URLSearchParams(window.location.search);
params.delete('code');
params.delete('state');
Expand Down
2 changes: 1 addition & 1 deletion publishing-ui/src/views/API.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ export default function API() {
if (oidcStorage) {
const user = User.fromStorageString(oidcStorage);
if (!user.expired) {
setToken(user?.access_token);
setToken(user?.id_token || user?.access_token);
}
}
}, []);
Expand Down
6 changes: 5 additions & 1 deletion publishing-ui/src/views/Events.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,11 @@ export default function Events() {
})
.then(data => {
setLoading(false);
setData(data);
if (data.valid) {
setData(data);
} else {
console.log('Error loading events: %s %s', data.error, data.message)
}
})
.catch(error => {
setLoading(false);
Expand Down
8 changes: 3 additions & 5 deletions publishing-ui/src/views/Publish.tsx
View file
Original file line number Diff line number Diff line change
Expand Up @@ -157,8 +157,8 @@ export default function Publish() {
const user = User.fromStorageString(oidcStorage);
let token = null;
if (!user.expired) {
token = user?.access_token;
const roles = (user?.profile?.role || []) as string[];
token = user?.id_token || user?.access_token;
const roles = (user?.profile?.role || user?.profile && user?.profile['ala:role'] || []) as string[];
const isAdmin = roles.includes(import.meta.env.VITE_ROLE_ADMIN);
const isPublisher = roles.includes(import.meta.env.VITE_ROLE_PUBLISHER);
if (!isAdmin && !isPublisher){
Expand Down Expand Up @@ -275,7 +275,7 @@ export default function Publish() {
const user = User.fromStorageString(oidcStorage);
let token = null;
if (!user.expired) {
token = user?.access_token;
token = user?.id_token || user?.access_token;
axios.post(import.meta.env.VITE_APP_PUBLISH_URL + "/validate", formData, {
onUploadProgress: (progressEvent) => {
const { loaded, total } = progressEvent;
Expand Down Expand Up @@ -380,8 +380,6 @@ export default function Publish() {
</Stepper.Step>
<Stepper.Step label="Published" description="Dataset available online">
</Stepper.Step>
<Stepper.Completed>
</Stepper.Completed>
</Stepper>

{ uploading && <Group position="center" spacing="xl" style={{ minHeight: rem(120), pointerEvents: 'none', border: '1px dashed #ced4da' }}>
Expand Down

0 comments on commit 95707dc

Please sign in to comment.