-
Notifications
You must be signed in to change notification settings - Fork 2
/
config.ts
121 lines (111 loc) · 3.58 KB
/
config.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
import type { Algorithm } from 'jsonwebtoken';
class BrowserTestJWTConfig {
static jwtSignAlgorithm: Algorithm = 'HS256';
/**
* WARNING: Be careful and try not to leak the JWT signing key!
* Sign the JWT in server or locally and never share it to the browser end.
* The shared key should be 256 bits.
*/
private static _jwtSigningSecret: string | null = null;
/**
* Kukkuu API's OpenID Connect (OIDC) client ID.
*
* Used to identify the Kukkuu API when interacting with the OIDC service.
*
* @example
* // In your environment:
* REACT_APP_OIDC_KUKKUU_API_CLIENT_ID='kukkuu-api-dev'
*/
static get oidcApiClientId() {
return this.getEnvOrError(
'REACT_APP_OIDC_KUKKUU_API_CLIENT_ID',
'Kukkuu API OIDC client ID'
);
}
/**
* The base URL (authority) of the OIDC authentication service.
*
* This is the root URL where the OIDC server is hosted.
*
* @example
* // In your environment:
* REACT_APP_OIDC_AUTHORITY='https://tunnistus.test.hel.ninja/auth/realms/helsinki-tunnistus/'
*/
static get oidcAuthority() {
return this.getEnvOrError('REACT_APP_OIDC_AUTHORITY', 'OIDC Authority');
}
/**
* This UI application's OpenID Connect (OIDC) client ID.
*
* Used to identify this specific UI application when interacting with the OIDC service.
*
* @example
* // In your environment:
* REACT_APP_OIDC_CLIENT_ID='kukkuu-admin-ui-dev'
*/
static get oidcClientId() {
return this.getEnvOrError('REACT_APP_OIDC_CLIENT_ID', 'OIDC Client ID');
}
/**
* The URL for retrieving OIDC configuration details.
*
* This endpoint provides information about the OIDC service, including endpoints and supported capabilities.
*
* It is automatically constructed based on the `oidcAuthority`.
*/
static get oidcConfigurationEndpoint() {
return `${this.oidcAuthority}.well-known/openid-configuration`;
}
/**
* The GraphQL endpoint for the Kukkuu API.
*
* This is the URL used to interact with the Kukkuu API using GraphQL queries and mutations.
*
* @example
* // In your environment:
* REACT_APP_API_URI='https://kukkuu.api.test.hel.ninja/graphql'
*/
static get kukkuuApiGraphqlEndpoint() {
return this.getEnvOrError('REACT_APP_API_URI', 'Kukkuu API URI');
}
/**
* The AD group that gives the user group
* and it's browser testing permissions for the user.
*/
static get browserTestADGroup(): string {
return this.getEnvOrError(
'BROWSER_TESTS_JWT_AD_GROUP',
'Kukkuu API AD Group for browser testing'
);
}
/**
* Retrieves the JWT signing secret, fetching it from the environment only once.
*/
static get jwtSigningSecret(): string {
if (!this._jwtSigningSecret) {
this._jwtSigningSecret = this.getEnvOrError(
'BROWSER_TESTS_JWT_SIGN_SECRET',
'Shared test JWT signing secret'
);
}
return this._jwtSigningSecret;
}
/**
* Retrieves an environment variable's value or throws an error if not found.
*
* @param {string} variableName - The name of the environment variable.
* @param {string} friendlyName - A human-readable name for error messages.
* @throws {Error} If the environment variable is not defined.
* @returns {string} The value of the environment variable.
*/
static getEnvOrError(variableName: string, friendlyName: string): string {
const value = process.env[variableName];
if (!value) {
throw new Error(
`Environment variable "${friendlyName}" (${variableName}) not found`
);
}
return value;
}
}
export default BrowserTestJWTConfig;