From 362f0fbab523738c9d6fae185411f00a84c2ccb7 Mon Sep 17 00:00:00 2001 From: Walnuts Date: Mon, 6 Nov 2023 15:14:51 +0900 Subject: [PATCH 1/9] Update go.work to include back-end dependencies --- go.work | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/go.work b/go.work index ceafdf9..ceaca62 100644 --- a/go.work +++ b/go.work @@ -1,3 +1,6 @@ go 1.21.3 -use ./back +use ( + "./back/**" + ./back +) From 64240ed9b7832d86af2fb9072dc9f9fdaefb1250 Mon Sep 17 00:00:00 2001 From: Walnuts Date: Mon, 6 Nov 2023 17:11:26 +0900 Subject: [PATCH 2/9] Add refresh token functionality to NextAuth options --- .../src/app/api/auth/[...nextauth]/options.ts | 48 +++++++++++++++++-- front/src/app/next-auth.d.ts | 2 + 2 files changed, 46 insertions(+), 4 deletions(-) diff --git a/front/src/app/api/auth/[...nextauth]/options.ts b/front/src/app/api/auth/[...nextauth]/options.ts index 93fa3c6..19c94b9 100644 --- a/front/src/app/api/auth/[...nextauth]/options.ts +++ b/front/src/app/api/auth/[...nextauth]/options.ts @@ -8,6 +8,7 @@ export const authOptions: NextAuthOptions = { clientId: process.env.ZITADEL_CLIENT_ID as string, clientSecret: process.env.ZITADEL_CLIENT_SECRET as string, issuer: process.env.ZITADEL_URL, + authorization: { params: { scope: "openid email profile offline_access" } }, }), ], callbacks: { @@ -23,22 +24,35 @@ export const authOptions: NextAuthOptions = { account?: any; profile?: any; isNewUser?: boolean; + session?: any; }) => { if (user) { - token.user = user; - const u = user as any; - token.role = u.role; + token.role = user.role; } if (account) { - token.accessToken = account.access_token; + token.refreshToken = account.refresh_token; token.idToken = account.id_token; + token.expiresAt = account.expires_at; } + else if (new Date() > new Date(token.expiresAt as number * 1000)) { + try { + const { id_token, refresh_token, expires_at } = await refreshIDToken(token.refreshToken as string); + token.idToken = id_token; + token.refreshToken = refresh_token; + token.expiresAt = expires_at; + } catch (e) { + console.error(e); + return { ...token, error: "RefreshAccessTokenError" as const } + } + } + //console.debug(token); return token; }, session: ({ session, token }: { token: JWT; session?: any }) => { session.user.role = token.role; session.user.idToken = token.idToken; session.user.sub = token.sub; + //console.debug(session); return session; }, }, @@ -46,3 +60,29 @@ export const authOptions: NextAuthOptions = { signIn: '/signin', }, }; + + +const refreshIDToken = async (refreshToken: string) => { + const response = await fetch(`${process.env.ZITADEL_URL}/oauth/v2/token`, { + method: "POST", + headers: { + "Content-Type": "application/x-www-form-urlencoded", + }, + body: new URLSearchParams({ + grant_type: "refresh_token", + client_id: process.env.ZITADEL_CLIENT_ID as string, + client_secret: process.env.ZITADEL_CLIENT_SECRET as string, + refresh_token: refreshToken, + }), + }); + const data = await response.json(); + if (!response.ok) { + throw new Error(data.error_description || "Unknown error"); + } + + return { + id_token: data.id_token, + refresh_token: data.refresh_token, + expires_at: data.expires_at, + } +} \ No newline at end of file diff --git a/front/src/app/next-auth.d.ts b/front/src/app/next-auth.d.ts index 8ac8ebe..0334a89 100644 --- a/front/src/app/next-auth.d.ts +++ b/front/src/app/next-auth.d.ts @@ -3,6 +3,8 @@ import { DefaultSession } from "next-auth"; declare module "next-auth" { interface Session { user: { + refreshToken?: string; + exiresAt?: Date idToken?: string; sub?: string; } & DefaultSession["user"]; From f7a8f6f800c2723c8745c7bba355a08a8a1bd9bc Mon Sep 17 00:00:00 2001 From: Walnuts Date: Mon, 6 Nov 2023 17:31:47 +0900 Subject: [PATCH 3/9] Add console log statements for debugging and error handling --- front/src/app/api/auth/[...nextauth]/options.ts | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/front/src/app/api/auth/[...nextauth]/options.ts b/front/src/app/api/auth/[...nextauth]/options.ts index 19c94b9..0963e2c 100644 --- a/front/src/app/api/auth/[...nextauth]/options.ts +++ b/front/src/app/api/auth/[...nextauth]/options.ts @@ -26,6 +26,7 @@ export const authOptions: NextAuthOptions = { isNewUser?: boolean; session?: any; }) => { + //console.log("JWT Callback token", token); if (user) { token.role = user.role; } @@ -40,6 +41,7 @@ export const authOptions: NextAuthOptions = { token.idToken = id_token; token.refreshToken = refresh_token; token.expiresAt = expires_at; + console.log("Refreshed token"); } catch (e) { console.error(e); return { ...token, error: "RefreshAccessTokenError" as const } @@ -76,8 +78,9 @@ const refreshIDToken = async (refreshToken: string) => { }), }); const data = await response.json(); + //console.log("Data:", data); if (!response.ok) { - throw new Error(data.error_description || "Unknown error"); + throw new Error(data.error_description || data.error || "Unknown error"); } return { From e466ed0c92401e5d042d3d43033a2bf803a5cf36 Mon Sep 17 00:00:00 2001 From: Walnuts Date: Mon, 6 Nov 2023 17:33:55 +0900 Subject: [PATCH 4/9] Refactor GitHub Actions workflows for backend and frontend --- .github/workflows/back-test.yaml | 2 +- .github/workflows/docker-back.yaml | 6 +++--- .github/workflows/docker-front.yaml | 6 +++--- .github/workflows/front-test.yaml | 2 +- .github/workflows/lint.yaml | 2 +- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/back-test.yaml b/.github/workflows/back-test.yaml index 1bbcf05..19fc6d6 100644 --- a/.github/workflows/back-test.yaml +++ b/.github/workflows/back-test.yaml @@ -6,7 +6,7 @@ permissions: contents: read jobs: - test: + backend-tests: name: Test runs-on: ubuntu-latest steps: diff --git a/.github/workflows/docker-back.yaml b/.github/workflows/docker-back.yaml index 3ae07e0..93ff49b 100644 --- a/.github/workflows/docker-back.yaml +++ b/.github/workflows/docker-back.yaml @@ -8,7 +8,7 @@ on: workflow_dispatch: jobs: - ImageBuild: + BackImageBuild: name: Build openchokin/back Custom Docker Image runs-on: ubuntu-latest steps: @@ -62,7 +62,7 @@ jobs: SucceessNotification: if: ${{ success() }} name: Send Success Message - needs: [ImageBuild] + needs: [BackImageBuild] runs-on: ubuntu-latest steps: - name: Send Message to Slack @@ -80,7 +80,7 @@ jobs: FailureAlert: if: ${{ failure() }} name: Notify failure - needs: [ImageBuild] + needs: [BackImageBuild] runs-on: ubuntu-latest steps: - name: Send Failure Alert to Slack diff --git a/.github/workflows/docker-front.yaml b/.github/workflows/docker-front.yaml index 939291a..2076c66 100644 --- a/.github/workflows/docker-front.yaml +++ b/.github/workflows/docker-front.yaml @@ -8,7 +8,7 @@ on: workflow_dispatch: jobs: - ImageBuild: + FrontImageBuild: name: Build openchokin/front Docker Image runs-on: ubuntu-latest steps: @@ -53,7 +53,7 @@ jobs: SucceessNotification: if: ${{ success() }} name: Send Success Message - needs: [ImageBuild] + needs: [FrontImageBuild] runs-on: ubuntu-latest steps: - name: Send Message to Slack @@ -71,7 +71,7 @@ jobs: FailureAlert: if: ${{ failure() }} name: Notify failure - needs: [ImageBuild] + needs: [FrontImageBuild] runs-on: ubuntu-latest steps: - name: Send Failure Alert to Slack diff --git a/.github/workflows/front-test.yaml b/.github/workflows/front-test.yaml index fc585ed..02310cb 100644 --- a/.github/workflows/front-test.yaml +++ b/.github/workflows/front-test.yaml @@ -3,7 +3,7 @@ on: pull_request: workflow_dispatch: jobs: - build: + frontend-buildtests: runs-on: ubuntu-latest steps: - name: checkout diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index 98972f4..9946773 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -3,7 +3,7 @@ on: pull_request: workflow_dispatch: jobs: - build: + frontend-lint: runs-on: ubuntu-latest steps: - name: checkout From 6f4b09069f8763196986ffdd0a08c41cc30a29d0 Mon Sep 17 00:00:00 2001 From: Walnuts Date: Mon, 6 Nov 2023 17:36:14 +0900 Subject: [PATCH 5/9] Update GitHub workflows for push events --- .github/workflows/back-test.yaml | 3 ++- .github/workflows/front-test.yaml | 2 +- .github/workflows/lint.yaml | 2 +- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/back-test.yaml b/.github/workflows/back-test.yaml index 19fc6d6..cd9b3d0 100644 --- a/.github/workflows/back-test.yaml +++ b/.github/workflows/back-test.yaml @@ -1,6 +1,6 @@ name: Backend Tests on: - pull_request: + push: workflow_dispatch: permissions: contents: read @@ -31,6 +31,7 @@ jobs: - name: Upload coverage to Codecov uses: codecov/codecov-action@v3 + if: github.ref == 'refs/heads/main' with: token: ${{ secrets.CODECOV_TOKEN }} files: cover.out diff --git a/.github/workflows/front-test.yaml b/.github/workflows/front-test.yaml index 02310cb..a9fd6b9 100644 --- a/.github/workflows/front-test.yaml +++ b/.github/workflows/front-test.yaml @@ -1,7 +1,7 @@ name: Frontend Tests on: - pull_request: workflow_dispatch: + push: jobs: frontend-buildtests: runs-on: ubuntu-latest diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index 9946773..9644037 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -1,7 +1,7 @@ name: Lint on: - pull_request: workflow_dispatch: + push: jobs: frontend-lint: runs-on: ubuntu-latest From b24d87d76b5d1381ed3a2fa5f9e2094944f21987 Mon Sep 17 00:00:00 2001 From: Walnuts Date: Mon, 6 Nov 2023 17:38:03 +0900 Subject: [PATCH 6/9] Remove name from backend-tests job in back-test.yaml --- .github/workflows/back-test.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/back-test.yaml b/.github/workflows/back-test.yaml index cd9b3d0..6f697b0 100644 --- a/.github/workflows/back-test.yaml +++ b/.github/workflows/back-test.yaml @@ -7,7 +7,6 @@ permissions: jobs: backend-tests: - name: Test runs-on: ubuntu-latest steps: - name: Check out code From 90095a5e924f775c061614beaf6b4f3311565d7b Mon Sep 17 00:00:00 2001 From: Walnuts Date: Mon, 6 Nov 2023 17:40:33 +0900 Subject: [PATCH 7/9] Remove unnecessary import statement. --- go.work | 1 - 1 file changed, 1 deletion(-) diff --git a/go.work b/go.work index ceaca62..07ffd30 100644 --- a/go.work +++ b/go.work @@ -1,6 +1,5 @@ go 1.21.3 use ( - "./back/**" ./back ) From 23e14559ed88bb69c91d1728878fdfc947c277a7 Mon Sep 17 00:00:00 2001 From: Walnuts Date: Mon, 6 Nov 2023 17:41:05 +0900 Subject: [PATCH 8/9] Simplify import statement in go.work file. --- go.work | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/go.work b/go.work index 07ffd30..ceafdf9 100644 --- a/go.work +++ b/go.work @@ -1,5 +1,3 @@ go 1.21.3 -use ( - ./back -) +use ./back From 12ee6c6f5b35ceb383787323e21931446f3f9c94 Mon Sep 17 00:00:00 2001 From: Walnuts Date: Mon, 6 Nov 2023 17:42:23 +0900 Subject: [PATCH 9/9] Change GitHub Actions triggers to only run on pull requests. --- .github/workflows/back-test.yaml | 2 +- .github/workflows/front-test.yaml | 2 +- .github/workflows/lint.yaml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/back-test.yaml b/.github/workflows/back-test.yaml index 6f697b0..b911de9 100644 --- a/.github/workflows/back-test.yaml +++ b/.github/workflows/back-test.yaml @@ -1,6 +1,6 @@ name: Backend Tests on: - push: + pull_request: workflow_dispatch: permissions: contents: read diff --git a/.github/workflows/front-test.yaml b/.github/workflows/front-test.yaml index a9fd6b9..4ec0876 100644 --- a/.github/workflows/front-test.yaml +++ b/.github/workflows/front-test.yaml @@ -1,7 +1,7 @@ name: Frontend Tests on: workflow_dispatch: - push: + pull_request: jobs: frontend-buildtests: runs-on: ubuntu-latest diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index 9644037..753d0f4 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -1,7 +1,7 @@ name: Lint on: workflow_dispatch: - push: + pull_request: jobs: frontend-lint: runs-on: ubuntu-latest