Skip to content

Commit 79be07f

Browse files
eisbilireisbilir
authored
Merge pull request #325 from topcoder-platform/dev
Dev
2 parents 0d22a13 + e1624a7 commit 79be07f

20 files changed

+1098
-310
lines changed

build.sh

Lines changed: 14 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -12,13 +12,26 @@ SIGNUPFILENAME="./web-assets/js/signup.js"
1212
perl -pi -e "s/\{\{DOMAIN\}\}/$DOMAIN/g" $SIGNUPFILENAME
1313
perl -pi -e "s/\{\{AUTH0DOMAIN\}\}/$AUTH0DOMAIN/g" $SIGNUPFILENAME
1414

15-
CHECKEMAIL="./web-assets/static-pages/check_email.html"
15+
CHECKEMAIL="./web-assets/js/check_email.js"
1616
perl -pi -e "s/\{\{DOMAIN\}\}/$DOMAIN/g" $CHECKEMAIL
17+
perl -pi -e "s/\{\{AUTH0DOMAIN\}\}/$AUTH0DOMAIN/g" $CHECKEMAIL
1718

1819
OTPFILENAME="./web-assets/js/otp.js"
1920
perl -pi -e "s/\{\{DOMAIN\}\}/$DOMAIN/g" $OTPFILENAME
2021
perl -pi -e "s/\{\{AUTH0DOMAIN\}\}/$AUTH0DOMAIN/g" $OTPFILENAME
2122

23+
OTPPAGEFILE="./web-assets/static-pages/otp.html"
24+
perl -pi -e "s/\{\{GTM\}\}/$GTM/g" $OTPPAGEFILE
25+
26+
DICECALLBACK="./web-assets/static-pages/dice-verify-callback.html"
27+
perl -pi -e "s/\{\{DOMAIN\}\}/$DOMAIN/g" $DICECALLBACK
28+
perl -pi -e "s/\{\{DICE_AUTH\}\}/$DICE_AUTH/g" $DICECALLBACK
29+
perl -pi -e "s/\{\{CA_SUB_1\}\}/$CA_SUB_1/g" $DICECALLBACK
30+
31+
DICEVERIFIER="./web-assets/static-pages/dice-verifier.html"
32+
perl -pi -e "s/\{\{DOMAIN\}\}/$DOMAIN/g" $DICEVERIFIER
33+
perl -pi -e "s/\{\{DICE_AUTH\}\}/$DICE_AUTH/g" $DICEVERIFIER
34+
2235
mkdir dist
2336
cp -rv ./web-assets/css/* ./dist/
2437
cp -rv ./web-assets/js/* ./dist/

web-assets/auth0/dev-tenant/rules/DICE DID.js

Lines changed: 22 additions & 52 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
function (user, context, callback) {
1+
function DICE(user, context, callback) {
22
if (context.clientID === configuration.CLIENT_ACCOUNTS_LOGIN) {
33
console.log("rule:DICE DID:enter");
44

@@ -22,27 +22,13 @@ function (user, context, callback) {
2222
console.log("rule:DICE DID:User was redirected to the /continue endpoint");
2323
if (context.request.query.diceVerificationStatus === 'false') {
2424
return callback('Login Error: Credentials verification is failed.<br>Please contact with support <a href="mailto:[email protected]">[email protected]</a>.<br> Back to application ', user, context);
25-
} else if (context.request.query.otp) {
26-
request.post({
27-
url: 'https://api.' + configuration.DOMAIN + '/v3/users/checkOtp',
28-
json: {
29-
"param": {
30-
"userId": user.userId,
31-
"otp": context.request.query.otp
32-
}
33-
}
34-
}, function (error, response, body) {
35-
if (error) return callback(error, user, context);
36-
if (response.statusCode !== 200) {
37-
return callback('Login Error: Whoops! Something went wrong.', user, context);
38-
}
39-
if (body.result.content.verified === true) {
40-
return callback(null, user, context);
41-
} else {
42-
return callback('Login Error: wrong OTP', user, context);
43-
}
44-
});
45-
} else {
25+
} else if (context.request.query.otherMethods || _.isEmpty(user.multifactor)) {
26+
context.multifactor = {
27+
provider: 'any',
28+
allowRememberBrowser: false
29+
};
30+
return callback(null, user, context);
31+
} else if (context.request.query.code) {
4632
const jwt_decode = require('jwt-decode');
4733
request.post({
4834
url: 'https://tc-vcauth-uat.diceid.com/vc/connect/token',
@@ -65,44 +51,24 @@ function (user, context, callback) {
6551
console.log("rule:DICE DID:credentials approved");
6652
return callback(null, user, context);
6753
});
54+
} else {
55+
return callback('Login Error: Whoops! Something went wrong.', user, context);
6856
}
6957
} else {
7058
const maxRetry = 2;
71-
const useOtp = function () {
72-
request.post({
73-
url: 'https://api.' + configuration.DOMAIN + '/v3/users/sendOtp',
74-
json: {
75-
"param": {
76-
"userId": user.userId
77-
}
78-
}
79-
}, function (error, response, body) {
80-
if (error) return callback(error, user, context);
81-
if (response.statusCode !== 200) {
82-
return callback('Login Error: Whoops! Something went wrong.', user, context);
83-
}
84-
console.log("rule:DICE DID: redirecting to OTP page");
85-
const hostName = _.get(context, "request.hostname", null);
86-
const otpCompletetUrl = "https://" + hostName + "/continue";
87-
const retUrl = _.get(context, "request.query.returnUrl", null);
88-
const otpRedirectUrl = configuration.CUSTOM_PAGES_BASE_URL +
89-
"/otp.html?formAction=" + otpCompletetUrl +
90-
"&returnUrl=" + retUrl;
91-
context.redirect = {
92-
url: otpRedirectUrl
93-
};
94-
return callback(null, user, context);
95-
});
96-
};
9759
const checkDiceHealth = function (attempt) {
9860
console.log("rule:DICE DID:checking dice health, attempt:" + attempt);
9961
request.get({
10062
url: 'https://tc-vcauth-uat.diceid.com/.well-known/openid-configuration'
10163
}, function (error, response, body) {
10264
if (error || response.statusCode !== 200) {
10365
if (attempt >= maxRetry) {
104-
console.log("rule:DICE DID:dice services down, using otp flow...");
105-
useOtp();
66+
console.log("rule:DICE DID:dice services down, using other factors...");
67+
context.multifactor = {
68+
provider: 'any',
69+
allowRememberBrowser: false
70+
};
71+
return callback(null, user, context);
10672
} else {
10773
checkDiceHealth(attempt + 1);
10874
}
@@ -116,8 +82,12 @@ function (user, context, callback) {
11682
});
11783
};
11884
if (!global.ENABLE_2FA) {
119-
console.log("rule:DICE DID:dice switch disabled, using otp flow...");
120-
useOtp();
85+
console.log("rule:DICE DID:dice switch disabled, using other factors...");
86+
context.multifactor = {
87+
provider: 'any',
88+
allowRememberBrowser: false
89+
};
90+
return callback(null, user, context);
12191
} else {
12292
checkDiceHealth(1);
12393
}

web-assets/auth0/dev-tenant/rules/custom.js

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,6 @@ function (user, context, callback) {
3939
user.mfa_verified = res.result.content.mfaVerified;
4040
// TODO need to double sure about multiple result or no result
4141
let userId = res.result.content.id;
42-
user.userId = userId;
4342
let handle = res.result.content.handle;
4443
let roles = res.result.content.roles.map(function (role) {
4544
return role.roleName;

web-assets/auth0/prod-tenant/rules/DICE DID.js

Lines changed: 22 additions & 52 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
function (user, context, callback) {
1+
function DICE(user, context, callback) {
22
if (context.clientID === configuration.CLIENT_ACCOUNTS_LOGIN) {
33
console.log("rule:DICE DID:enter");
44
if (context.redirect) {
@@ -20,27 +20,13 @@ function (user, context, callback) {
2020
console.log("rule:DICE DID:User was redirected to the /continue endpoint");
2121
if (context.request.query.diceVerificationStatus === 'false') {
2222
return callback('Login Error: Credentials verification is failed.<br>Please contact with support <a href="mailto:[email protected]">[email protected]</a>.<br> Back to application ', user, context);
23-
} else if (context.request.query.otp) {
24-
request.post({
25-
url: 'https://api.' + configuration.DOMAIN + '/v3/users/checkOtp',
26-
json: {
27-
"param": {
28-
"userId": user.userId,
29-
"otp": context.request.query.otp
30-
}
31-
}
32-
}, function (error, response, body) {
33-
if (error) return callback(error, user, context);
34-
if (response.statusCode !== 200) {
35-
return callback('Login Error: Whoops! Something went wrong.', user, context);
36-
}
37-
if (body.result.content.verified === true) {
38-
return callback(null, user, context);
39-
} else {
40-
return callback('Login Error: wrong OTP', user, context);
41-
}
42-
});
43-
} else {
23+
} else if (context.request.query.otherMethods || _.isEmpty(user.multifactor)) {
24+
context.multifactor = {
25+
provider: 'any',
26+
allowRememberBrowser: false
27+
};
28+
return callback(null, user, context);
29+
} else if (context.request.query.code) {
4430
const jwt_decode = require('jwt-decode');
4531
request.post({
4632
url: 'https://tc-vcauth.diceid.com/vc/connect/token',
@@ -63,44 +49,24 @@ function (user, context, callback) {
6349
console.log("rule:DICE DID:credentials approved");
6450
return callback(null, user, context);
6551
});
52+
} else {
53+
return callback('Login Error: Whoops! Something went wrong.', user, context);
6654
}
6755
} else {
6856
const maxRetry = 2;
69-
const useOtp = function () {
70-
request.post({
71-
url: 'https://api.' + configuration.DOMAIN + '/v3/users/sendOtp',
72-
json: {
73-
"param": {
74-
"userId": user.userId
75-
}
76-
}
77-
}, function (error, response, body) {
78-
if (error) return callback(error, user, context);
79-
if (response.statusCode !== 200) {
80-
return callback('Login Error: Whoops! Something went wrong.', user, context);
81-
}
82-
console.log("rule:DICE DID: redirecting to OTP page");
83-
const hostName = _.get(context, "request.hostname", null);
84-
const otpCompletetUrl = "https://" + hostName + "/continue";
85-
const retUrl = _.get(context, "request.query.returnUrl", null);
86-
const otpRedirectUrl = configuration.CUSTOM_PAGES_BASE_URL +
87-
"/otp.html?formAction=" + otpCompletetUrl +
88-
"&returnUrl=" + retUrl;
89-
context.redirect = {
90-
url: otpRedirectUrl
91-
};
92-
return callback(null, user, context);
93-
});
94-
};
9557
const checkDiceHealth = function (attempt) {
9658
console.log("rule:DICE DID:checking dice health, attempt:" + attempt);
9759
request.get({
9860
url: 'https://tc-vcauth.diceid.com/.well-known/openid-configuration'
9961
}, function (error, response, body) {
10062
if (error || response.statusCode !== 200) {
10163
if (attempt >= maxRetry) {
102-
console.log("rule:DICE DID:dice services down, using otp flow...");
103-
useOtp();
64+
console.log("rule:DICE DID:dice services down, using other factors...");
65+
context.multifactor = {
66+
provider: 'any',
67+
allowRememberBrowser: false
68+
};
69+
return callback(null, user, context);
10470
} else {
10571
checkDiceHealth(attempt + 1);
10672
}
@@ -114,8 +80,12 @@ function (user, context, callback) {
11480
});
11581
};
11682
if (!global.ENABLE_2FA) {
117-
console.log("rule:DICE DID:dice switch disabled, using otp flow...");
118-
useOtp();
83+
console.log("rule:DICE DID:dice switch disabled, using other factors...");
84+
context.multifactor = {
85+
provider: 'any',
86+
allowRememberBrowser: false
87+
};
88+
return callback(null, user, context);
11989
} else {
12090
checkDiceHealth(1);
12191
}

web-assets/auth0/prod-tenant/rules/New-Account-App-Custom-Claims.js

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,6 @@ function (user, context, callback) {
3636
user.mfa_verified = res.result.content.mfaVerified;
3737
// TODO need to double sure about multiple result or no result
3838
let userId = res.result.content.id;
39-
user.userId = userId;
4039
let handle = res.result.content.handle;
4140
let roles = res.result.content.roles.map(function (role) {
4241
return role.roleName;

0 commit comments

Comments
 (0)