ENG-2960 Read ssoProvider from config host, not p0-prod (#135)

Reads the ssoProvider for login from the host specified in the config, instead of defaulting to p0-prod.

src/commands/login.ts

@@ -14,8 +14,8 @@ import {
   IDENTITY_FILE_PATH,
 } from "../drivers/auth";
 import { saveConfig } from "../drivers/config";
-import { bootstrapConfig } from "../drivers/env";
-import { fsShutdownGuard, publicDoc } from "../drivers/firestore";
+import { fsShutdownGuard, initializeFirebase } from "../drivers/firestore";
+import { doc } from "../drivers/firestore";
 import { print2 } from "../drivers/stdio";
 import { pluginLoginMap } from "../plugins/login";
 import { TokenResponse } from "../types/oidc";
@@ -34,13 +34,13 @@ export const login = async (
   args: { org: string },
   options?: { skipAuthenticate?: boolean }
 ) => {
-  const orgDoc = await getDoc<RawOrgData, object>(
-    publicDoc(`orgs/${args.org}`)
-  );
+  await saveConfig(args.org);
+  await initializeFirebase();
+
+  const orgDoc = await getDoc<RawOrgData, object>(doc(`orgs/${args.org}`));
   const orgData = orgDoc.data();
-  if (!orgData) throw "Could not find organization";
 
-  await saveConfig(orgData.config ?? bootstrapConfig);
+  if (!orgData) throw "Could not find organization";
 
   const orgWithSlug: OrgData = { ...orgData, slug: args.org };
 

src/drivers/config.ts

@@ -8,9 +8,12 @@ This file is part of @p0security/cli
 
 You should have received a copy of the GNU General Public License along with @p0security/cli. If not, see <https://www.gnu.org/licenses/>.
 **/
-import { Config } from "../types/org";
+import { Config, RawOrgData } from "../types/org";
 import { P0_PATH } from "../util";
+import { bootstrapConfig } from "./env";
+import { bootstrapDoc } from "./firestore";
 import { print2 } from "./stdio";
+import { getDoc } from "firebase/firestore";
 import fs from "fs/promises";
 import path from "path";
 
@@ -22,11 +25,19 @@ export function getTenantConfig(): Config {
   return tenantConfig;
 }
 
-export async function saveConfig(config: Config) {
+export async function saveConfig(orgId: string) {
+  const orgDoc = await getDoc<RawOrgData, object>(
+    bootstrapDoc(`orgs/${orgId}`)
+  );
+  const orgData = orgDoc.data();
+  const config = orgData?.config ?? bootstrapConfig;
+
   print2(`Saving config to ${CONFIG_FILE_PATH}.`);
+
   const dir = path.dirname(CONFIG_FILE_PATH);
   await fs.mkdir(dir, { recursive: true });
   await fs.writeFile(CONFIG_FILE_PATH, JSON.stringify(config), { mode: "600" });
+
   tenantConfig = config;
 }
 

src/drivers/firestore.ts

@@ -35,10 +35,12 @@ const bootstrapFirestore = getFirestore(bootstrapApp);
 let app: FirebaseApp;
 let firestore: Firestore;
 
-async function initializeFirebase() {
-  const tenantConfig = await loadConfig();
-  app = initializeApp(tenantConfig.fs, "authFirebase");
-  firestore = getFirestore(app);
+export async function initializeFirebase() {
+  if (!firestore) {
+    const tenantConfig = await loadConfig();
+    app = initializeApp(tenantConfig.fs, "authFirebase");
+    firestore = getFirestore(app);
+  }
 }
 
 export async function authenticateToFirebase(
@@ -85,7 +87,7 @@ export const doc = <T>(path: string) => {
   return fsDoc(firestore, path) as DocumentReference<T>;
 };
 
-export const publicDoc = <T>(path: string) => {
+export const bootstrapDoc = <T>(path: string) => {
   return fsDoc(bootstrapFirestore, path) as DocumentReference<T>;
 };