From 03d5e3ba9a5383452e41f003f493b3c40d83c7e6 Mon Sep 17 00:00:00 2001
From: ikethecoder <ikethecoder@canzea.com>
Date: Mon, 15 Nov 2021 03:40:28 -0800
Subject: [PATCH] upd fix

---
 src/api-proxy-ds.js | 43 ++++++++++++++++++++++++++++++++++++++++++
 src/jest.config.js  |  2 +-
 src/server.ts       | 46 +++++++++++++++++++++++++++------------------
 3 files changed, 72 insertions(+), 19 deletions(-)
 create mode 100644 src/api-proxy-ds.js

diff --git a/src/api-proxy-ds.js b/src/api-proxy-ds.js
new file mode 100644
index 000000000..8f1763f70
--- /dev/null
+++ b/src/api-proxy-ds.js
@@ -0,0 +1,43 @@
+const express = require('express');
+const pathModule = require('path');
+
+const { createProxyMiddleware } = require('http-proxy-middleware');
+
+class ApiDSProxyApp {
+  constructor({ url }) {
+    this._url = url;
+  }
+
+  prepareMiddleware({ keystone }) {
+    const app = express();
+
+    const apiProxy = createProxyMiddleware({
+      target: this._url,
+      changeOrigin: true,
+      pathRewrite: { '^/int/api/': '/ds/api/' },
+      onProxyReq: (proxyReq, req) => {
+        proxyReq.removeHeader('cookie');
+        proxyReq.setHeader('Accept', 'application/json');
+        proxyReq.setHeader(
+          'Authorization',
+          `Bearer ${req.header('x-forwarded-access-token')}`
+        );
+      },
+      onError: (err, req, res, target) => {
+        console.log('CAUGHT ERROR!');
+        console.log(err);
+        res.writeHead(400, {
+          'Content-Type': 'text/plain',
+        });
+        res.end('error reaching api');
+      },
+    });
+    app.all(/^\/int\/api\//, apiProxy);
+
+    return app;
+  }
+}
+
+module.exports = {
+  ApiDSProxyApp,
+};
diff --git a/src/jest.config.js b/src/jest.config.js
index 55d805ef2..23cc5cad6 100644
--- a/src/jest.config.js
+++ b/src/jest.config.js
@@ -2,7 +2,7 @@ module.exports = {
   verbose: true,
   testEnvironment: 'node',
   testMatch: ['**/?(*.)+(test.{ts,js,jsx})'],
-  collectCoverageFrom: ['services/**/*.js'],
+  collectCoverageFrom: ['services/**/*.js', 'services/**/*.ts'],
   coveragePathIgnorePatterns: ['.*/__mocks__/.*', '.*/@types/.*'],
   coverageDirectory: '__coverage__',
   coverageReporters: ['lcov', 'text-summary'],
diff --git a/src/server.ts b/src/server.ts
index 2957c0754..2721cf14b 100644
--- a/src/server.ts
+++ b/src/server.ts
@@ -18,6 +18,7 @@ const { ApiProxyApp } = require('./api-proxy');
 const { ApiGraphqlWhitelistApp } = require('./api-graphql-whitelist');
 const { ApiHealthApp } = require('./api-health');
 const { ApiOpenapiApp } = require('./api-openapi');
+const { ApiDSProxyApp } = require('./api-proxy-ds');
 
 var Keycloak = require('keycloak-connect');
 
@@ -216,9 +217,13 @@ const authStrategy =
             req: any,
             res: any
           ) => {
-            console.log('Token = ' + token);
-            console.log('Redirecting to /');
-            res.redirect(302, '/');
+            const redirect = req.query?.f ? req.query.f : '/';
+            // Doing a 302 redirect does not set the cookie properly because it is SameSite 'Strict'
+            // and the Origin of the request was from an IdP
+            res.header('Content-Type', 'text/html');
+            res.send(
+              `<html><head><meta http-equiv="refresh" content="0;URL='${redirect}'"></head></html>`
+            );
           },
         },
         hooks: {
@@ -268,6 +273,7 @@ const apps = [
       return true;
     },
   }),
+  new ApiDSProxyApp({ url: process.env.SSR_API_ROOT }),
   new ApiProxyApp({ gwaApiUrl: process.env.GWA_API_URL }),
   new NextApp({ dir: 'nextapp' }),
 ];
@@ -282,26 +288,30 @@ const configureExpress = (app: any) => {
   //     console.log(req.path)
   //     req.path == "/" ? res.redirect('/home') : next()
   // })
-  app.get('/feed/:entity/:refKey/:refKeyValue', (req: any, res: any) =>
-    getFeedWorker(keystone, req, res).catch((err: any) => {
+  app.get('/feed/:entity/:refKey/:refKeyValue', (req: any, res: any) => {
+    const context = keystone.createContext({ skipAccessControl: true });
+    getFeedWorker(context, req, res).catch((err: any) => {
       console.log(err);
       res.status(400).json({ result: 'error', error: '' + err });
-    })
-  );
-  app.put('/feed/:entity', (req: any, res: any) =>
-    putFeedWorker(keystone, req, res).catch((err: any) => {
+    });
+  });
+  app.put('/feed/:entity', (req: any, res: any) => {
+    const context = keystone.createContext({ skipAccessControl: true });
+    putFeedWorker(context, req, res).catch((err: any) => {
       console.log(err);
       res.status(400).json({ result: 'error', error: '' + err });
-    })
-  );
-  app.put('/feed/:entity/:id', (req: any, res: any) =>
-    putFeedWorker(keystone, req, res).catch((err: any) =>
+    });
+  });
+  app.put('/feed/:entity/:id', (req: any, res: any) => {
+    const context = keystone.createContext({ skipAccessControl: true });
+    putFeedWorker(context, req, res).catch((err: any) =>
       res.status(400).json({ result: 'error', error: '' + err })
-    )
-  );
-  app.delete('/feed/:entity/:id', (req: any, res: any) =>
-    deleteFeedWorker(keystone, req, res)
-  );
+    );
+  });
+  app.delete('/feed/:entity/:id', (req: any, res: any) => {
+    const context = keystone.createContext({ skipAccessControl: true });
+    deleteFeedWorker(context, req, res);
+  });
 
   app.put('/migration/import', async (req: any, res: any) => {
     const { MigrationFromV1 } = require('./batch/migrationV1');