fix token parsing errors

Author: skadefro

OpenFlow/src/Config.ts

@@ -46,6 +46,10 @@ export class Config {
         Config.tls_passphrase = Config.getEnv("tls_passphrase", "");
 
         Config.api_credential_cache_seconds = parseInt(Config.getEnv("api_credential_cache_seconds", "60000"));
+        Config.api_credential_cache_seconds = parseInt(Config.getEnv("api_credential_cache_seconds", "60000"));
+        Config.oauth_token_cache_seconds = parseInt(Config.getEnv("oauth_token_cache_seconds", "60000"));
+        Config.oauth_access_token_lifetime = parseInt(Config.getEnv("oauth_access_token_lifetime", "604800"));
+        Config.oauth_refresh_token_lifetime = parseInt(Config.getEnv("oauth_refresh_token_lifetime", "604800"));
         Config.api_rate_limit = Config.parseBoolean(Config.getEnv("api_rate_limit", "true"));
         Config.api_rate_limit_points = parseInt(Config.getEnv("api_rate_limit_points", "60"));
         Config.api_rate_limit_duration = parseInt(Config.getEnv("api_rate_limit_duration", "1"));
@@ -132,6 +136,8 @@ export class Config {
 
     public static api_credential_cache_seconds: number = parseInt(Config.getEnv("api_credential_cache_seconds", "60000"));
     public static oauth_token_cache_seconds: number = parseInt(Config.getEnv("oauth_token_cache_seconds", "60000"));
+    public static oauth_access_token_lifetime: number = parseInt(Config.getEnv("oauth_access_token_lifetime", "604800"));
+    public static oauth_refresh_token_lifetime: number = parseInt(Config.getEnv("oauth_refresh_token_lifetime", "604800"));
     public static api_rate_limit: boolean = Config.parseBoolean(Config.getEnv("api_rate_limit", "true"));
     public static api_rate_limit_points: number = parseInt(Config.getEnv("api_rate_limit_points", "60"));
     public static api_rate_limit_duration: number = parseInt(Config.getEnv("api_rate_limit_duration", "1"));

OpenFlow/src/OAuthProvider.ts

@@ -24,7 +24,8 @@ export class OAuthProvider {
             instance.oauthServer = new OAuthServer({
                 model: instance,
                 grants: ['authorization_code', 'refresh_token'],
-                accessTokenLifetime: 60 * 60 * 24, // 24 hours, or 1 day
+                accessTokenLifetime: (60 * 60 * 24) * 7, // 7 days * 24 hours, or 1 day
+                refreshTokenLifetime: (60 * 60 * 24) * 7, // 7 days * 24 hours, or 1 day
                 allowEmptyState: true,
                 allowExtendedTokenAttributes: true
             });
@@ -160,7 +161,7 @@ export class OAuthProvider {
     }
 
     public async saveToken(token, client, user) {
-        this._logger.info("[OAuth] saveToken " + token);
+        this._logger.info("[OAuth] saveToken for " + user.name + " in " + client.clientId);
         const result: any = {
             name: "Token for " + user.name,
             accessToken: token.accessToken,
@@ -185,8 +186,14 @@ export class OAuthProvider {
         delete codeobject._id;
         codeobject._type = 'code';
         codeobject.code = code;
+        codeobject.id = user._id;
+        codeobject.username = user.username;
+        codeobject.email = user.email;
+        if (NoderedUtil.IsNullEmpty(codeobject.email)) codeobject.email = user.username;
+        codeobject.fullname = user.name;
         codeobject.redirect_uri = redirect_uri;
         codeobject.client_id = client.clientId
+        codeobject.name = "Code " + code + " for " + user.name
         this.codes[code] = codeobject;
         await Config.db.InsertOne(codeobject, "oauthtokens", 1, false, Crypt.rootToken());
         this._logger.info("[OAuth] saveAuthorizationCode " + code + " saved");
@@ -220,7 +227,7 @@ export class OAuthProvider {
 
     public async getAuthorizationCode(code) {
         this._logger.info("[OAuth] getAuthorizationCode " + code);
-        let user: TokenUser = this.codes[code];
+        let user: any = this.codes[code];
         if (user == null) {
             let users = await Config.db.query<Base>({ _type: "code", "code": code }, null, 10, 0, null, "oauthtokens", Crypt.rootToken());
             user = users.length ? users[0] as any : null;
@@ -246,22 +253,22 @@ export class OAuthProvider {
         const redirect_uri = (user as any).redirect_uri;
         const expiresAt = new Date();
         expiresAt.setMonth(expiresAt.getMonth() + 1);
-        user = TokenUser.From(user);
+        var tuser = TokenUser.From(user);
         let client = this.getClientById(client_id);
         if (NoderedUtil.IsNullUndefinded(client)) return null;
 
         let role = client.defaultrole;
         const keys: string[] = Object.keys(client.rolemappings);
         for (let i = 0; i < keys.length; i++) {
-            if (user.HasRoleName(keys[i])) role = client.rolemappings[keys[i]];
+            if (tuser.HasRoleName(keys[i])) role = client.rolemappings[keys[i]];
         }
         const result = {
             code: code,
             client: this.clients[0],
             user: {
-                id: user._id,
-                _id: user._id,
-                name: user.name,
+                id: user.id,
+                _id: user.id,
+                name: user.fullname,
                 username: user.username,
                 email: user.username,
                 role: role
@@ -271,16 +278,25 @@ export class OAuthProvider {
         }
         return result;
     }
-    revokeAuthorizationCode(code) {
+    public async revokeAuthorizationCode(code) {
+        if (typeof code !== "string") { code = code.code; }
         this._logger.info("[OAuth] revokeAuthorizationCode " + code);
         delete this.codes[code];
-        Config.db.DeleteMany({ _type: "code", "code": code }, null, "oauthtokens", Crypt.rootToken());
+        const refreshTokenExpiresAt = new Date((new Date).getTime() + (1000 * Config.oauth_refresh_token_lifetime)).toISOString();
+        const accessTokenExpiresAt = new Date((new Date).getTime() + (1000 * Config.oauth_access_token_lifetime)).toISOString();
+        await Config.db.DeleteMany({
+            "$or":
+                [
+                    { _type: "code", "code": code },
+                    { _type: "token", "refreshTokenExpiresAt": refreshTokenExpiresAt },
+                    { _type: "token", "accessTokenExpiresAt": accessTokenExpiresAt }
+                ]
+        }, null, "oauthtokens", Crypt.rootToken());
         return true;
         // const user: TokenUser = this.codes[code];
         // if (user != null) delete this.codes[code];
         // return code;
     }
-
     public static tokenCache: CachedToken[] = [];
     private static async getCachedAccessToken(accessToken: string): Promise<any> {
         await semaphore.down();
@@ -292,7 +308,7 @@ export class OAuthProvider {
             if (seconds > Config.oauth_token_cache_seconds) {
                 this.tokenCache.splice(i, 1);
             } else if (res.token.accessToken == accessToken) {
-                console.log("Return token from cache, using accessToken " + accessToken);
+                // console.log("Return token from cache, using accessToken " + accessToken);
                 semaphore.up();
                 return res.token;
             }
@@ -310,7 +326,7 @@ export class OAuthProvider {
             if (seconds > Config.oauth_token_cache_seconds) {
                 this.tokenCache.splice(i, 1);
             } else if (res.token.refreshToken == refreshToken) {
-                console.log("Return token from cache, using refreshToken " + refreshToken);
+                // console.log("Return token from cache, using refreshToken " + refreshToken);
                 semaphore.up();
                 return res.token;
             }
@@ -320,7 +336,7 @@ export class OAuthProvider {
     }
     private static async addToken(token: any) {
         await semaphore.down();
-        console.log("Adding token to cache");
+        // console.log("Adding token to cache");
         var cuser: CachedToken = new CachedToken(token);
         this.tokenCache.push(cuser);
         semaphore.up();

OpenFlow/src/index.ts

@@ -246,6 +246,26 @@ try {
 
 }
 
+
+
+const originalStdoutWrite = process.stdout.write.bind(process.stdout);
+const originalStderrWrite = process.stderr.write.bind(process.stderr);
+(process.stdout.write as any) = (chunk: string, encoding?: string, callback?: (err?: Error | null) => void): boolean => {
+    if (chunk.indexOf("Failed locating user with") > -1) {
+        console.log("bump");
+    }
+    return originalStdoutWrite(chunk, encoding, callback);
+};
+(process.stderr.write as any) = (chunk: string, encoding?: string, callback?: (err?: Error | null) => void): boolean => {
+    if (chunk.indexOf("Failed locating user with") > -1) {
+        console.log("bump");
+    }
+    return originalStderrWrite(chunk, encoding, callback);
+};
+
+// write(buffer: Buffer | Uint8Array | string, cb?: (err?: Error | null) => void): boolean;
+// write(str: string, encoding?: string, cb?: (err?: Error | null) => void): boolean;
+
 // https://medium.com/kubernetes-tutorials/monitoring-your-kubernetes-deployments-with-prometheus-5665eda54045
 (async function (): Promise<void> {
     try {

OpenFlowNodeRED/package.json

@@ -1,6 +1,6 @@
 {
   "name": "openflow-nodered",
-  "version": "1.1.103",
+  "version": "1.1.105",
   "description": "Simple wrapper around NodeRed, RabbitMQ and MongoDB to support a more scaleable NodeRed implementation.\r Also the \"backend\" for [OpenRPA](https://github.com/skadefro/OpenRPA)",
   "main": "index.js",
   "scripts": {

VERSION

@@ -1 +1 @@
-1.1.103
+1.1.105

docker-compose-toolbox.yml

@@ -45,7 +45,7 @@ services:
       - "traefik.http.routers.web.rule=Host(`toolbox.openrpa.dk`)"
       - "traefik.http.routers.web.entrypoints=web"
       - "traefik.frontend.passHostHeader=true"
-    image: "cloudhack/openflow:1.1.103"
+    image: "cloudhack/openflow:1.1.105"
     container_name: "web"
     environment:
       - update_acl_based_on_groups=true
@@ -82,7 +82,7 @@ services:
       - "traefik.http.routers.nodered.rule=Host(`nodered1.toolbox.openrpa.dk`)"
       - "traefik.http.routers.nodered.entrypoints=web"
       - "traefik.http.services.nodered.loadbalancer.server.port=1880"
-    image: "cloudhack/openflownodered:1.1.103"
+    image: "cloudhack/openflownodered:1.1.105"
     container_name: "nodered"
     environment:
       #      - nodered_id=1

docker-compose-traefik-letsencrypt.yml

@@ -69,7 +69,7 @@ services:
       - "traefik.http.routers.web.entrypoints=web,websecure"
       - "traefik.frontend.passHostHeader=true"
       - "traefik.http.routers.web.tls.certresolver=myresolver"
-    image: "cloudhack/openflow:1.1.103"
+    image: "cloudhack/openflow:1.1.105"
     container_name: "web"
     environment:
       - update_acl_based_on_groups=true
@@ -107,7 +107,7 @@ services:
       - "traefik.http.routers.nodered.entrypoints=web,websecure"
       - "traefik.http.services.nodered.loadbalancer.server.port=1880"
       - "traefik.http.routers.nodered.tls.certresolver=myresolver"
-    image: "cloudhack/openflownodered:1.1.103"
+    image: "cloudhack/openflownodered:1.1.105"
     container_name: "nodered"
     environment:
       #      - nodered_id=1

docker-compose-traefik.yml

@@ -45,7 +45,7 @@ services:
       - "traefik.http.routers.web.rule=Host(`localhost.openrpa.dk`)"
       - "traefik.http.routers.web.entrypoints=web"
       - "traefik.frontend.passHostHeader=true"
-    image: "cloudhack/openflow:1.1.103"
+    image: "cloudhack/openflow:1.1.105"
     container_name: "web"
     environment:
       - update_acl_based_on_groups=true
@@ -82,7 +82,7 @@ services:
       - "traefik.http.routers.nodered.rule=Host(`nodered1.localhost.openrpa.dk`)"
       - "traefik.http.routers.nodered.entrypoints=web"
       - "traefik.http.services.nodered.loadbalancer.server.port=1880"
-    image: "cloudhack/openflownodered:1.1.103"
+    image: "cloudhack/openflownodered:1.1.105"
     container_name: "nodered"
     environment:
       #      - nodered_id=1

docker-compose.yml

@@ -18,7 +18,7 @@ services:
       - "5672:5672"
       - "15672:15672"
   web:
-    image: "cloudhack/openflow:1.1.103"
+    image: "cloudhack/openflow:1.1.105"
     environment:
       - update_acl_based_on_groups=true
       - multi_tenant=false
@@ -52,7 +52,7 @@ services:
       - "80:80"
       - "5858:5858"
   nodered:
-    image: "cloudhack/openflownodered:1.1.103"
+    image: "cloudhack/openflownodered:1.1.105"
     environment:
       #      - nodered_id=1
       - nodered_sa=nodered1

package.json

@@ -1,6 +1,6 @@
 {
   "name": "openiap",
-  "version": "1.1.103",
+  "version": "1.1.105",
   "description": "Simple wrapper around NodeRed, RabbitMQ and MongoDB to support a more scaleable NodeRed implementation.\r Also the \"backend\" for [OpenRPA](https://github.com/skadefro/OpenRPA)",
   "main": "index.js",
   "scripts": {