feat: Remove /interaction/:uid from IDP URLs

2024-10-03 14:55:10 +00:00 · 2021-05-21 16:05:31 +02:00 · 2021-05-21 16:05:31 +02:00 · df33b6dc47
commit df33b6dc47
parent 7faad0aef0
12 changed files with 23 additions and 27 deletions
--- a/config/identity/handler/interaction/handlers/forgot-password.json
+++ b/config/identity/handler/interaction/handlers/forgot-password.json
@ -5,7 +5,7 @@
      "comment": "Handles all functionality on the forgot password page",
      "@id": "urn:solid-server:auth:password:ForgotPasswordInteractionHandler",
      "@type": "IdpRouteController",
-      "pathName": "^/idp/interaction/[-_A-Za-z0-9]+/forgotpassword/?$",
+      "pathName": "^/idp/forgotpassword/?$",
      "postHandler": {
        "@type": "ForgotPasswordHandler",
        "args_messageRenderHandler": { "@id": "urn:solid-server:auth:password:EmailSentRenderHandler" },
--- a/config/identity/handler/interaction/handlers/initial.json
+++ b/config/identity/handler/interaction/handlers/initial.json
@ -6,7 +6,7 @@
      "@id": "urn:solid-server:auth:password:InitialInteractionHandler",
      "@type": "RouterHandler",
      "allowedMethods": [ "GET" ],
-      "allowedPathNames": [ "^/idp/interaction/[-_A-Za-z0-9]+/?$" ],
+      "allowedPathNames": [ "^/idp/?$" ],
      "handler": {
        "@type": "InitialInteractionHandler",
        "renderHandlerMap": [
--- a/config/identity/handler/interaction/handlers/login.json
+++ b/config/identity/handler/interaction/handlers/login.json
@ -5,7 +5,7 @@
      "comment": "Handles all functionality on the Login Page",
      "@id": "urn:solid-server:auth:password:LoginInteractionHandler",
      "@type": "IdpRouteController",
-      "pathName": "^/idp/interaction/[-_A-Za-z0-9]+/login/?$",
+      "pathName": "^/idp/login/?$",
      "postHandler": {
        "@type": "LoginHandler",
        "args_accountStore": { "@id": "urn:solid-server:auth:password:AccountStore" },
--- a/config/identity/handler/interaction/handlers/registration.json
+++ b/config/identity/handler/interaction/handlers/registration.json
@ -5,7 +5,7 @@
      "comment": "Handles all functionality on the register page",
      "@id": "urn:solid-server:auth:password:RegistrationInteractionHandler",
      "@type": "IdpRouteController",
-      "pathName": "^/idp/interaction/[-_A-Za-z0-9]+/register/?$",
+      "pathName": "^/idp/register/?$",
      "postHandler": {
        "@type": "RegistrationHandler",
        "args_ownershipValidator": {
--- a/config/identity/handler/interaction/handlers/session.json
+++ b/config/identity/handler/interaction/handlers/session.json
@ -6,7 +6,7 @@
      "@id": "urn:solid-server:auth:password:SessionInteractionHandler",
      "@type": "RouterHandler",
      "allowedMethods": [ "POST" ],
-      "allowedPathNames": [ "^/idp/interaction/[-_A-Za-z0-9]+/confirm/?$" ],
+      "allowedPathNames": [ "^/idp/confirm/?$" ],
      "handler": {
        "@type": "SessionHttpHandler",
        "interactionCompleter": { "@id": "urn:solid-server:auth:password:InteractionCompleter" }
--- a/src/identity/interaction/email-password/AccountInteractionPolicy.ts
+++ b/src/identity/interaction/email-password/AccountInteractionPolicy.ts
@ -1,12 +1,12 @@
 import type { KoaContextWithOIDC } from 'oidc-provider';
 import { interactionPolicy } from 'oidc-provider';
-import urljoin from 'url-join';
+import { ensureTrailingSlash } from '../../../util/PathUtil';
 import type {
  InteractionPolicy,
 } from '../InteractionPolicy';
 /**
- * Interaction policy that maps URLs to `${idpPath}/interaction/${context uid}`.
+ * Interaction policy that redirects to `idpPath`.
 * Uses the `select_account` interaction policy.
 */
 export class AccountInteractionPolicy implements InteractionPolicy {
@ -24,14 +24,10 @@ export class AccountInteractionPolicy implements InteractionPolicy {
    });
    interactions.add(selectAccount, 0);
    this.policy = interactions;
    this.url = this.createUrlFunction(idpPath);
  }
-  /**
+    // When oidc-provider cannot fulfill the authorization request for any of the possible reasons
-   * Helper function to create the function that will be put in `url`.
+    // (missing user session, requested ACR not fulfilled, prompt requested, ...)
-   * Needs to be done like this since the `this` reference is lost when passing this value along.
+    // it will resolve the interactions.url helper function and redirect the User-Agent to that url.
-   */
+    this.url = (): string => ensureTrailingSlash(idpPath);
  private createUrlFunction(idpPath: string): (ctx: KoaContextWithOIDC) => string {
    return (ctx: KoaContextWithOIDC): string => urljoin(idpPath, 'interaction', ctx.oidc.uid);
  }
 }
--- a/templates/idp/email-password-interaction/confirm.ejs
+++ b/templates/idp/email-password-interaction/confirm.ejs
@ -12,7 +12,7 @@
          <h1 class="title--white">Authorize</h1>
          <div class="login-panel">
            <div class="panel-body">
-              <form autocomplete="off" action="<%= details.pathPrefix %>/idp/interaction/<%= details.uid %>/confirm" method="post">
+              <form autocomplete="off" action="<%= details.pathPrefix %>/idp/confirm" method="post">
                <button autofocus type="submit" name="submit" class="ids-link-filled">Continue</button>
                <hr />
--- a/templates/idp/email-password-interaction/emailSent.ejs
+++ b/templates/idp/email-password-interaction/emailSent.ejs
@ -12,7 +12,7 @@
          <h1 class="title--white">Email Sent</h1>
          <div class="login-panel">
            <div class="panel-body">
-              <form autocomplete="off" action="/idp/interaction/<%= details.uid %>/forgotpassword" method="post">
+              <form autocomplete="off" action="/idp/forgotpassword" method="post">
                <div class="input-wrap">
                  <p>If your account exists, an email has been sent with a link to reset your password.</p>
@ -24,7 +24,7 @@
                <input type="hidden" name="email" value="<%= prefilled.email %>" />
-                <a href="/idp/interaction/<%= details.uid %>/login" class="ids-link-filled">Back to Log In</a>
+                <a href="/idp/login" class="ids-link-filled">Back to Log In</a>
                <hr />
                <div class="space-between">
--- a/templates/idp/email-password-interaction/forgotPassword.ejs
+++ b/templates/idp/email-password-interaction/forgotPassword.ejs
@ -12,7 +12,7 @@
          <h1 class="title--white">Forgot Password</h1>
          <div class="login-panel">
            <div class="panel-body">
-              <form autocomplete="off" action="<%= details.pathPrefix %>/idp/interaction/<%= details.uid %>/forgotpassword" method="post">
+              <form autocomplete="off" action="<%= details.pathPrefix %>/idp/forgotpassword" method="post">
                <%if (errorMessage) { %>
                  <div class="input-wrap">
@ -32,7 +32,7 @@
                <hr />
                <div class="space-between">
-                  <a href="<%= details.pathPrefix %>/idp/interaction/<%= details.uid %>/login" class="link">Log In</a>
+                  <a href="<%= details.pathPrefix %>/idp/login" class="link">Log In</a>
                </div>
              </form>
            </div>
--- a/templates/idp/email-password-interaction/login.ejs
+++ b/templates/idp/email-password-interaction/login.ejs
@ -12,7 +12,7 @@
          <h1 class="title--white">Sign In</h1>
          <div class="login-panel">
            <div class="panel-body">
-              <form autocomplete="off" action="<%= details.pathPrefix %>/idp/interaction/<%= details.uid %>/login" method="post">
+              <form autocomplete="off" action="<%= details.pathPrefix %>/idp/login" method="post">
                <%if (errorMessage) { %>
                  <div class="input-wrap">
@ -41,8 +41,8 @@
                <hr />
                <div class="space-between">
-                  <a href="/idp/interaction/<%= details.uid %>/register" class="link">Register</a>
+                  <a href="/idp/register" class="link">Register</a>
-                  <a href="/idp/interaction/<%= details.uid %>/forgotpassword" class="link">Forgot Password</a>
+                  <a href="/idp/forgotpassword" class="link">Forgot Password</a>
                </div>
              </form>
            </div>
--- a/templates/idp/email-password-interaction/register.ejs
+++ b/templates/idp/email-password-interaction/register.ejs
@ -12,7 +12,7 @@
          <h1 class="title--white">Register</h1>
          <div class="login-panel">
            <div class="panel-body">
-              <form autocomplete="off" action="<%= details.pathPrefix %>/idp/interaction/<%= details.uid %>/register" method="post">
+              <form autocomplete="off" action="<%= details.pathPrefix %>/idp/register" method="post">
                <%if (errorMessage) { %>
                  <div class="input-wrap">
@ -50,7 +50,7 @@
                <hr />
                <div class="space-between">
-                  <a href="<%= details.pathPrefix %>/idp/interaction/<%= details.uid %>/login" class="link">Sign In</a>
+                  <a href="<%= details.pathPrefix %>/idp/login" class="link">Sign In</a>
                </div>
              </form>
            </div>
--- a/test/unit/identity/interaction/email-password/AccountInteractionPolicy.test.ts
+++ b/test/unit/identity/interaction/email-password/AccountInteractionPolicy.test.ts
@ -14,7 +14,7 @@ describe('An AccountInteractionPolicy', (): void => {
    expect(interactionPolicy.policy[0].name).toBe('select_account');
  });
-  it('creates URLs by prepending /idp/interaction/.', async(): Promise<void> => {
+  it('sets the default url to /idp/.', async(): Promise<void> => {
-    expect(interactionPolicy.url({ oidc: { uid: 'valid-uid' }} as any)).toBe('/idp/interaction/valid-uid');
+    expect(interactionPolicy.url({ oidc: { uid: 'valid-uid' }} as any)).toBe('/idp/');
  });
 });