Chuck Driesler
b195df37d6
* feat(workspaces): add workspace sso feature flag * feat(workspaceSso): wip validate sso * feat(workspaces): validate and add sso provider to the workspace with user sso sessions * feat(workspaces): validate and add sso provider to the workspace with user sso sessions * WIP * fix(sso): restructure to handle all branches at end of flow * fix(sso): add and validate emails used for sso * fix(sso): park progress * chore(workspaces): review sso login/valdate * fix(sso): adjust validate url * chore(sso): auth header puzzle * fix(sso): happy-path config * chore(gql): gqlgen * fix(sso): almost almost * fix(sso): auth endpoint * a lil more terse * fix(sso): light at the end of the tunnel * fix(sso): improve catch block error messages * fix(sso): session lifespan => validUntil * fix(sso): I think we've got it * feat(sso): limited workspace values for public sso login * fix(sso): use factory functions * fix(sso): til decrypt is single-use * fix(sso): correct usage of access codes * fix(sso): use finalize middleware in all routes * chore(sso): cheeky tweak * fix(sso): move some types around * fix(sso): stencil final shape I'm sleepy * fix(sso): more factories more factories * fix(sso): on to final boss of factories * fix(sso): needs a haircut but she works * fix(sso): init rest w function, not side-effects * fix(sso): /authn => /sso * chore(sso): errors * chore(sso): test test test * chore(sso): test all the corners * feat(sso): list workspace sso memberships * chore(sso): tests, expose in rest * fix(sso): sketch active user auth * fix(sso): expose search via gql * fix(sso): active user session information * chore(sso): sso session test utils * chore(sso): test sso session repo/services * chore(sso): gqlgen * fix(sso): simplify gql resolver structure * chore(sso): gqlgen --------- Co-authored-by: Gergő Jedlicska <gergo@jedlicska.com> Co-authored-by: Mike Tasset <mike.tasset@gmail.com>
54 lines
1.9 KiB
TypeScript
54 lines
1.9 KiB
TypeScript
import { moduleLogger } from '@/logging/logging'
|
|
import { getFeatureFlags } from '@/modules/shared/helpers/envHelper'
|
|
import { registerOrUpdateScopeFactory } from '@/modules/shared/repositories/scopes'
|
|
import db from '@/db/knex'
|
|
import { Optional, SpeckleModule } from '@/modules/shared/helpers/typeHelper'
|
|
import { workspaceRoles } from '@/modules/workspaces/roles'
|
|
import { workspaceScopes } from '@/modules/workspaces/scopes'
|
|
import { registerOrUpdateRole } from '@/modules/shared/repositories/roles'
|
|
import { initializeEventListenersFactory } from '@/modules/workspaces/events/eventListener'
|
|
import { validateModuleLicense } from '@/modules/gatekeeper/services/validateLicense'
|
|
import { getSsoRouter } from '@/modules/workspaces/rest/sso'
|
|
|
|
const { FF_WORKSPACES_MODULE_ENABLED, FF_WORKSPACES_SSO_ENABLED } = getFeatureFlags()
|
|
|
|
let quitListeners: Optional<() => void> = undefined
|
|
|
|
const initScopes = async () => {
|
|
const registerFunc = registerOrUpdateScopeFactory({ db })
|
|
await Promise.all(workspaceScopes.map((scope) => registerFunc({ scope })))
|
|
}
|
|
|
|
const initRoles = async () => {
|
|
const registerFunc = registerOrUpdateRole({ db })
|
|
await Promise.all(workspaceRoles.map((role) => registerFunc({ role })))
|
|
}
|
|
|
|
const workspacesModule: SpeckleModule = {
|
|
async init(app, isInitial) {
|
|
if (!FF_WORKSPACES_MODULE_ENABLED) return
|
|
const isWorkspaceLicenseValid = await validateModuleLicense({
|
|
requiredModules: ['workspaces']
|
|
})
|
|
|
|
if (!isWorkspaceLicenseValid)
|
|
throw new Error(
|
|
'The workspaces module needs a valid license to run, contact Speckle to get one.'
|
|
)
|
|
moduleLogger.info('⚒️ Init workspaces module')
|
|
|
|
if (FF_WORKSPACES_SSO_ENABLED) app.use(getSsoRouter())
|
|
|
|
if (isInitial) {
|
|
quitListeners = initializeEventListenersFactory({ db })()
|
|
}
|
|
await Promise.all([initScopes(), initRoles()])
|
|
},
|
|
shutdown() {
|
|
if (!FF_WORKSPACES_MODULE_ENABLED) return
|
|
quitListeners?.()
|
|
}
|
|
}
|
|
|
|
export = workspacesModule
|