remove bunch of logs; add token only if idp type is sso

Author: dantovska

redisinsight/api/src/modules/auth/window-auth/middleware/window.auth.middleware.ts

@@ -13,6 +13,13 @@ export class WindowAuthMiddleware implements NestMiddleware {
 
   async use(req: Request, res: Response, next: NextFunction): Promise<any> {
     const { windowId } = WindowAuthMiddleware.getWindowIdFromReq(req);
+
+    const isAuthorized = await this.windowAuthService.isAuthorized(windowId);
+
+    if (!isAuthorized) {
+      this.throwError(req, ERROR_MESSAGES.UNDEFINED_WINDOW_ID);
+    }
+
     next();
     return;
   }

redisinsight/api/src/modules/cloud/auth/cloud-auth.service.ts

@@ -155,8 +155,6 @@ export class CloudAuthService {
         },
       );
 
-      this.logger.error('exchangeCode:data', data);
-
       return data;
     } catch (e) {
       this.logger.error('Unable to exchange code', e);
@@ -222,7 +220,15 @@ export class CloudAuthService {
 
     const tokens = await this.exchangeCode(authRequest, query.code);
 
-    this.logger.error('callback:tokens', tokens);
+    const sessionData = {
+      accessToken: tokens.access_token,
+      refreshToken: tokens.refresh_token,
+      idpType: authRequest.idpType,
+    };
+
+    if (authRequest.idpType === 'sso') {
+      sessionData['idToken'] = tokens.id_token;
+    }
 
     await this.sessionService.updateSessionData(
       authRequest.sessionMetadata.sessionId,
@@ -346,7 +352,17 @@ export class CloudAuthService {
         },
       );
 
-      this.logger.error('renewTokens:data', data);
+      const sessionData = {
+        accessToken: data.access_token,
+        refreshToken: data.refresh_token,
+        idpType,
+        csrf: null,
+        apiSessionId: null,
+      };
+
+      if (idpType === 'sso') {
+        sessionData['idToken'] = data.id_token;
+      }
 
       await this.sessionService.updateSessionData(sessionMetadata.sessionId, {
         accessToken: data.access_token,

redisinsight/api/src/modules/cloud/common/providers/cloud.api.provider.ts

@@ -74,10 +74,6 @@ export class CloudApiProvider {
       headers['x-csrf-token'] = credentials.csrf;
     }
 
-    if (credentials?.idToken) {
-      headers['SM-Id-Token'] = credentials.idToken;
-    }
-
     return {
       headers,
     };

redisinsight/api/src/modules/cloud/session/cloud-session.service.ts

@@ -21,12 +21,17 @@ export class CloudSessionService {
         if (cloudSessionData?.data) {
           const { data } = cloudSessionData;
 
-          return {
+          const sessionData = {
             ...cloud,
             refreshToken: data.refreshToken,
-            idToken: data.idToken,
             idpType: data.idpType,
           };
+
+          if (data.idpType === 'sso') {
+            sessionData['idToken'] = data.idToken;
+          }
+
+          return sessionData;
         }
       } catch (e) {
         // ignore
@@ -54,12 +59,17 @@ export class CloudSessionService {
 
     if (cloudSession && cloud?.refreshToken && cloud?.idpType) {
       try {
+        const data = {
+          refreshToken: cloud.refreshToken,
+          idpType: cloud.idpType,
+        };
+
+        if (cloud.idpType === 'sso') {
+          data['idToken'] = cloud.idToken;
+        }
+
         this.cloudSessionRepository.save({
-          data: {
-            refreshToken: cloud.refreshToken,
-            idToken: cloud.idToken,
-            idpType: cloud.idpType,
-          },
+          data,
         });
       } catch (e) {
         // ignore

redisinsight/api/src/modules/cloud/user/cloud-user.api.service.ts

@@ -75,8 +75,6 @@ export class CloudUserApiService {
         sessionMetadata.sessionId,
       );
 
-      this.logger.error('session', session);
-
       if (!isValidToken(session?.accessToken)) {
         if (!session?.refreshToken) {
           this.logger.error('Refresh token is undefined');

redisinsight/api/src/modules/cloud/user/providers/cloud-user.api.provider.ts

@@ -41,14 +41,19 @@ export class CloudUserApiProvider extends CloudApiProvider {
     utm?: CloudRequestUtm,
   ): Promise<string> {
     try {
+      const requestHeaders = CloudApiProvider.getHeaders(credentials);
+      if (credentials?.idpType === 'sso') {
+        requestHeaders.headers['SM-Id-Token'] = credentials.idToken;
+      }
+
       const { headers } = await this.api.post(
         'login',
         {
           ...CloudApiProvider.generateUtmBody(utm),
           auth_mode: credentials?.idpType,
         },
         {
-          ...CloudApiProvider.getHeaders(credentials),
+          ...requestHeaders,
         },
       );