From f6cf3a0af5a35bb999cae441222235edba9964f6 Mon Sep 17 00:00:00 2001 From: "riho.takagi" Date: Fri, 6 Dec 2024 17:07:40 -0500 Subject: [PATCH 1/3] Changed to not cache tokens in cookies --- booking-app/app/api/nyu/auth/token/route.ts | 66 ------------------- .../app/api/nyu/identity/[uniqueId]/route.ts | 24 ++----- booking-app/lib/server/nyuApiAuth.ts | 64 +++++++++++------- 3 files changed, 45 insertions(+), 109 deletions(-) delete mode 100644 booking-app/app/api/nyu/auth/token/route.ts diff --git a/booking-app/app/api/nyu/auth/token/route.ts b/booking-app/app/api/nyu/auth/token/route.ts deleted file mode 100644 index e4affebf..00000000 --- a/booking-app/app/api/nyu/auth/token/route.ts +++ /dev/null @@ -1,66 +0,0 @@ -import { TokenResponse } from "@/components/src/types"; -import { NYUTokenManager } from "@/lib/server/nyuTokenCache"; -import { Buffer } from "buffer"; -import { NextResponse } from "next/server"; - -const NYU_AUTH_URL = "https://auth.nyu.edu/oauth2/token"; - -function getBasicAuthHeader(): string { - const clientId = process.env.NYU_API_CLIENT_ID; - const clientSecret = process.env.NYU_API_CLIENT_SECRET; - - if (!clientId || !clientSecret) { - throw new Error("NYU credentials not configured"); - } - - const credentials = `${clientId}:${clientSecret}`; - return `Basic ${Buffer.from(credentials).toString("base64")}`; -} - -export async function GET() { - try { - const tokenManager = NYUTokenManager.getInstance(); - let tokenCache = await tokenManager.getToken(); - if (!tokenCache) { - const username = process.env.NYU_API_USER_NAME; - const password = process.env.NYU_API_PASSWORD; - - const params = new URLSearchParams({ - grant_type: "password", - username, - password, - scope: "openid", - }); - - const response = await fetch(NYU_AUTH_URL, { - method: "POST", - headers: { - Authorization: getBasicAuthHeader(), - "Content-Type": "application/x-www-form-urlencoded", - }, - body: params.toString(), - // @ts-ignore - rejectUnauthorized: false, - }); - - const tokenResponse: TokenResponse = await response.json(); - - tokenManager.setToken( - tokenResponse.access_token, - tokenResponse.expires_in, - tokenResponse.token_type, - ); - tokenCache = await tokenManager.getToken()!; - } - return NextResponse.json({ - isAuthenticated: true, - expiresAt: new Date(tokenCache.expires_at).toISOString(), - }); - } catch (error) { - console.error("NYU Auth error:", error); - return NextResponse.json( - { error: "Internal server error" }, - { status: 500 }, - ); - } -} diff --git a/booking-app/app/api/nyu/identity/[uniqueId]/route.ts b/booking-app/app/api/nyu/identity/[uniqueId]/route.ts index 0310c281..c5513975 100644 --- a/booking-app/app/api/nyu/identity/[uniqueId]/route.ts +++ b/booking-app/app/api/nyu/identity/[uniqueId]/route.ts @@ -1,5 +1,4 @@ -import { ensureNYUToken } from "@/lib/server/nyuApiAuth"; -import { NYUTokenManager } from "@/lib/server/nyuTokenCache"; +import { getNYUToken } from "@/lib/server/nyuApiAuth"; import { NextRequest, NextResponse } from "next/server"; const NYU_API_BASE = "https://api.nyu.edu/identity-v2-sys"; @@ -9,16 +8,15 @@ export async function GET( { params }: { params: { uniqueId: string } }, ) { try { - const authResult = await ensureNYUToken(); - if (!authResult.isAuthenticated || !authResult.token) { + const token = await getNYUToken(); + if (!token) { return NextResponse.json( - { error: authResult.error || "Authentication required" }, + { error: "Authentication failed" }, { status: 401 }, ); } const apiAccessId = process.env.NYU_API_ACCESS_ID; - if (!apiAccessId) { return NextResponse.json( { error: "API access ID not configured" }, @@ -33,24 +31,13 @@ export async function GET( const response = await fetch(url.toString(), { headers: { - Authorization: `Bearer ${authResult.token}`, + Authorization: `Bearer ${token}`, Accept: "application/json", }, }); console.log("response", response); if (!response.ok) { - const errorText = await response.text(); - console.error("NYU Identity API Error:", { - status: response.status, - body: errorText, - uniqueId: params.uniqueId, - }); - - if (response.status === 401) { - NYUTokenManager.getInstance().clearToken(); - } - return NextResponse.json( { error: `NYU API call failed: ${response.status}` }, { status: response.status }, @@ -58,7 +45,6 @@ export async function GET( } const userData = await response.json(); - return NextResponse.json(userData); } catch (error) { console.error("Identity API error:", error); diff --git a/booking-app/lib/server/nyuApiAuth.ts b/booking-app/lib/server/nyuApiAuth.ts index e21abe41..c7172b24 100644 --- a/booking-app/lib/server/nyuApiAuth.ts +++ b/booking-app/lib/server/nyuApiAuth.ts @@ -1,32 +1,48 @@ -import { AuthResult } from "@/components/src/types"; -import { NYUTokenManager } from "./nyuTokenCache"; +const NYU_AUTH_URL = "https://auth.nyu.edu/oauth2/token"; -export async function ensureNYUToken(): Promise { +export async function getNYUToken(): Promise { try { - const tokenManager = NYUTokenManager.getInstance(); - const tokenCache = await tokenManager.getToken(); + const clientId = process.env.NYU_API_CLIENT_ID; + const clientSecret = process.env.NYU_API_CLIENT_SECRET; + const username = process.env.NYU_API_USER_NAME; + const password = process.env.NYU_API_PASSWORD; - if (!tokenCache) { - return { - isAuthenticated: false, - token: "", - expiresAt: "", - error: "Failed to get token", - }; + if (!clientId || !clientSecret || !username || !password) { + throw new Error("NYU credentials not configured"); } - return { - isAuthenticated: true, - token: tokenCache.access_token, - expiresAt: new Date(tokenCache.expires_at).toISOString(), - }; + const basicAuth = Buffer.from(`${clientId}:${clientSecret}`).toString( + "base64" + ); + + const params = new URLSearchParams({ + grant_type: "password", + username, + password, + scope: "openid", + }); + + const response = await fetch(NYU_AUTH_URL, { + method: "POST", + headers: { + Authorization: `Basic ${basicAuth}`, + "Content-Type": "application/x-www-form-urlencoded", + }, + cache: "no-store", + next: { revalidate: 0 }, + body: params.toString(), + }); + + if (!response.ok) { + console.log("Error response", response); + throw new Error(`Token fetch failed: ${response.status}`); + } + + const data = await response.json(); + console.log("token", data.access_token); + return data.access_token; } catch (error) { - console.error("NYU Auth error:", error); - return { - isAuthenticated: false, - token: "", - expiresAt: "", - error: error instanceof Error ? error.message : "Internal error", - }; + console.error("Failed to get NYU token:", error); + return null; } } From df0d333451d343d6d085509499971b94791352b5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Dec 2024 01:10:45 +0000 Subject: [PATCH 2/3] Bump nanoid in /booking-app in the npm_and_yarn group across 1 directory Bumps the npm_and_yarn group with 1 update in the /booking-app directory: [nanoid](https://github.com/ai/nanoid). Updates `nanoid` from 3.3.7 to 3.3.8 - [Release notes](https://github.com/ai/nanoid/releases) - [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md) - [Commits](https://github.com/ai/nanoid/compare/3.3.7...3.3.8) --- updated-dependencies: - dependency-name: nanoid dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] --- booking-app/package-lock.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/booking-app/package-lock.json b/booking-app/package-lock.json index 42c65212..19b93b82 100644 --- a/booking-app/package-lock.json +++ b/booking-app/package-lock.json @@ -8680,9 +8680,9 @@ } }, "node_modules/nanoid": { - "version": "3.3.7", - "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.7.tgz", - "integrity": "sha512-eSRppjcPIatRIMC1U6UngP8XFcz8MQWGQdt1MTBQ7NaAmvXDfvNxbvWV3x2y6CdEUciCSsDHDQZbhYaB8QEo2g==", + "version": "3.3.8", + "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.8.tgz", + "integrity": "sha512-WNLf5Sd8oZxOm+TzppcYk8gVOgP+l58xNy58D0nbUnOxOWRWvlcCV4kUF7ltmI6PsrLl/BgKEyS4mqsGChFN0w==", "funding": [ { "type": "github", From daf772043be0e7a82cf9904e249c93fed6cbd77d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Dec 2024 20:13:55 +0000 Subject: [PATCH 3/3] Bump cross-spawn Bumps the npm_and_yarn group with 1 update in the /booking-app directory: [cross-spawn](https://github.com/moxystudio/node-cross-spawn). Updates `cross-spawn` from 7.0.3 to 7.0.6 - [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md) - [Commits](https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.6) --- updated-dependencies: - dependency-name: cross-spawn dependency-type: indirect dependency-group: npm_and_yarn ... Signed-off-by: dependabot[bot] --- booking-app/package-lock.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/booking-app/package-lock.json b/booking-app/package-lock.json index 19b93b82..f8632572 100644 --- a/booking-app/package-lock.json +++ b/booking-app/package-lock.json @@ -5358,9 +5358,9 @@ "devOptional": true }, "node_modules/cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", + "version": "7.0.6", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", + "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", "dependencies": { "path-key": "^3.1.0", "shebang-command": "^2.0.0",