feat/auth silent

.docker/nginx/conf.d/default.conf

@@ -4,6 +4,9 @@ server {
     server_name         localhost;
     absolute_redirect   off;
 
+    gzip on;
+    gzip_types text/css application/javascript image/svg+xml text/plain;
+
     root /usr/share/nginx/html;
 
 
@@ -16,4 +19,4 @@ server {
     location /index.html {
         add_header Cache-Control "no-cache";
     }
-}
+}

.docker/scripts/run-nginx.sh

@@ -1,3 +1,9 @@
 #!/bin/sh
 echo "Starting NGINX"
+envsubst '
+  ${CONFIGURATION}
+  ${AUTH_CONFIG}
+  ${FEATURE_FLAGS}
+  ' </usr/share/nginx/html/index.html >/usr/share/nginx/html/tmp.html
+mv /usr/share/nginx/html/tmp.html /usr/share/nginx/html/index.html
 nginx -g 'daemon off;'

.docker/scripts/startup.sh

@@ -1,3 +1,2 @@
 #!/bin/sh
-python3 /etc/scripts/env-replace.py
 sh /etc/scripts/run-nginx.sh

.gitignore

@@ -55,3 +55,8 @@ typings/
 #VS Code folder
 .vscode/
 .vs/slnx.sqlite
+/.vs/procosys-js-frontend/CopilotIndices/17.12.53.23981
+/.vs/procosys-js-frontend/FileContentIndex
+/.vs/ProjectSettings.json
+/.vs/slnx.sqlite
+/.vs/slnx.sqlite-journal

Dockerfile.prod → Dockerfile

@@ -5,15 +5,6 @@ COPY package*.json ./
 COPY . .
 RUN yarn install
 
-ENV VITE_AUTH_CLIENT="50b15344-28c9-45b5-9616-41da16fc9dcc"
-ENV VITE_AUTHORITY="https://login.microsoftonline.com/3aa4a235-b6e2-48d5-9195-7fcf05b459b0"
-ENV VITE_CONFIG_SCOPE="api://756f2a23-f54d-4643-bb49-62c0db4802ae/Read"
-ENV VITE_BASE_URL_MAIN="https://pcs-main-prod.azurewebsites.net/api"
-ENV VITE_CONFIG_ENDPOINT="https://pcs-config-prod-func.azurewebsites.net/api/Frontend/Configuration?"
-ENV VITE_WEBAPI_SCOPE="api://47641c40-0135-459b-8ab4-459e68dc8d08/web_api"
-ENV VITE_APP_INSIGHTS="ed1e9f1c-5b68-44ca-afec-76ece1f08f80"
-ENV VITE_API_VERSION="&api-version=4.1"
-
 RUN yarn build --mode=production
 
 # production environment
@@ -33,4 +24,4 @@ USER 9999
 
 EXPOSE 5000
 
-CMD ["sh","/etc/scripts/startup.sh"]
+CMD ["sh","/etc/scripts/run-nginx.sh"]

README.md

@@ -40,6 +40,17 @@ $ docker build --force-rm -t pcs:latest -f .docker/Dockerfile .
 $ docker run -it -p 80:80 pcs:latest
 ```
 
+# How to deploy
+
+## Deploy to dev
+When you are ready to deploy your changes to dev/test create a PR and merge it into the development branch. This will trigger a build and deploy to the dev environment.
+
+## Deploy to test
+When you want your changes to test merge the develop branch into the test branch and your changes will be deployed to test.
+
+## Deploy to prod
+When you are ready to deploy to production merge the develop branch into the master branch and your changes will be deployed to production. You can **NOT** merge test to master because test has different styling than production.
+
 # Libraries
 
 ### Microsoft Authentication Library (MSAL)
@@ -92,4 +103,4 @@ https://webpack.js.org/
 ### Browserslist
 Used to define which browsers we support, as well as integrate with polyfill loading in CSS and Babel. 
 
-https://www.npmjs.com/package/browserslist
+https://www.npmjs.com/package/browserslist

index.html

@@ -0,0 +1,23 @@
+<!DOCTYPE html>
+<html lang="en">
+    <head>
+        <meta charset="UTF-8" />
+        <meta http-equiv="X-UA-Compatible" content="IE=edge" />
+        <meta name="viewport" content="width=device-width, height=device-height, initial-scale=1" />
+        <script type="module" src="/src/index.tsx"></script>
+        <base href="/" />
+        <title>ProCoSys</title>
+    </head>
+
+    <body>
+        <script>
+            var AUTH_CONFIG = '';
+            var CONFIGURATION = '';
+            var FEATURE_FLAGS = '';
+
+            window.AUTH_CONFIG = `${AUTH_CONFIG}`;
+            window.CONFIGURATION = `${CONFIGURATION}`;
+            window.FEATURE_FLAGS = `${FEATURE_FLAGS}`;
+        </script>
+    </body>
+</html>

radixconfig.yaml

@@ -18,29 +18,22 @@ spec:
       from: develop
   - name: test
     build:
-      from: test
+      from: feat/auth-silent
   - name: prod
     build:
       from: master
   components:
   - name: frontend
+    variables:
+      AUTH_CONFIG: ""
+      CONFIGURATION: ""
+      FEATURE_FLAGS: ""
+
     publicPort: http
     ports:
     - name: http
       port: 5000
     environmentConfig:
     - environment: dev
-      dockerfileName: Dockerfile.dev
-      variables:
-        configurationEndpoint: 'https://pcs-config-non-prod-func.azurewebsites.net/api/Frontend'
-        configurationScope: 'api://0708e202-b5ad-4d95-9735-a631c715d6a9/Read'
     - environment: test
-      dockerfileName: Dockerfile.test
-      variables:
-        configurationEndpoint: 'https://pcs-config-non-prod-func.azurewebsites.net/api/Frontend'
-        configurationScope: 'api://0708e202-b5ad-4d95-9735-a631c715d6a9/Read'
     - environment: prod
-      dockerfileName: Dockerfile.prod
-      variables:
-        configurationEndpoint: 'https://pcs-config-prod-func.azurewebsites.net/api/Frontend'
-        configurationScope: 'api://756f2a23-f54d-4643-bb49-62c0db4802ae/Read'

src/auth/AuthService.tsx

@@ -1,11 +1,9 @@
-import * as msal from '@azure/msal-browser';
 import {
     AccountInfo,
     AuthenticationResult,
     AuthError,
     Configuration,
     EndSessionRequest,
-    InteractionRequiredAuthError,
     LogLevel,
     PopupRequest,
     PublicClientApplication,
@@ -53,6 +51,7 @@ export default class AuthService implements IAuthService {
             auth: {
                 clientId: ProCoSysSettings.clientId,
                 authority: ProCoSysSettings.authority,
+                redirectUri: `${window.location.origin}/auth/Preservation`
             },
             cache: {
                 cacheLocation: 'sessionStorage', // This configures where your cache will be stored
@@ -94,7 +93,9 @@ export default class AuthService implements IAuthService {
         };
 
         this.silentLoginRequest = {
-            loginHint: this.getAccount()?.username,
+            loginHint:
+                new URL(window.location.href).searchParams.get('user_name') ??
+                this.getAccount()?.username,
         };
     }
 
@@ -132,13 +133,13 @@ export default class AuthService implements IAuthService {
     async loadAuthModule(): Promise<void> {
         await this.myMSALObj.initialize();
         // handle auth redired/do all initial setup for msal
-        await this.myMSALObj.handleRedirectPromise();
+        // await this.myMSALObj.handleRedirectPromise();
         const acc = this.getAccount();
-
+        //
         if (acc) {
             this.myMSALObj.setActiveAccount(acc);
         } else {
-            this.myMSALObj.loginRedirect();
+            await this.attemptSsoSilent();
         }
     }
 
@@ -162,23 +163,48 @@ export default class AuthService implements IAuthService {
      * Calls ssoSilent to attempt silent flow. If it fails due to interaction required error, it will prompt the user to login using popup.
      * @param request
      */
-    attemptSsoSilent(): void {
-        this.myMSALObj
-            .ssoSilent(this.silentLoginRequest)
-            .then(() => {
-                this.account = this.getAccount();
-                if (this.account) {
-                    this.myMSALObj.setActiveAccount(this.account);
-                } else {
-                    console.log('No account!');
-                }
-            })
-            .catch((error) => {
-                console.error('Silent Error: ' + error);
-                if (error instanceof InteractionRequiredAuthError) {
-                    this.login('loginPopup');
-                }
-            });
+    async attemptSsoSilent(): Promise<void> {
+        const goBackTo = `${window.location.origin}${window.location.pathname ?? ""}`;
+        const acc = this.getAccount();
+        if (acc) {
+            this.myMSALObj.setActiveAccount(acc);
+            return
+        }
+        //Fallback with loginhint
+        const hint =
+            new URL(window.location.href).searchParams.get('user_name') ??
+            this.getAccount()?.username;
+
+        if (hint) {
+            console.log('Attempting silent login');
+
+            const silentResult = await this.myMSALObj
+                .ssoSilent({
+                    scopes: ['openid', 'profile', 'User.Read'],
+                    loginHint:
+                        new URL(window.location.href).searchParams.get(
+                            'user_name'
+                        ) ?? this.getAccount()?.username,
+                })
+                .catch(async (error) => {
+                    await this.myMSALObj.clearCache();
+                    await this.login();
+                    window.location.href = goBackTo;
+                });
+            if (silentResult) {
+                this.myMSALObj.setActiveAccount(silentResult.account);
+                console.log(
+                    'User authenticated silently:',
+                    silentResult.account
+                );
+                window.location.href = goBackTo;
+            } else {
+                console.error('FAILED TO LOGIN USER THIS SHOULD NOT HAPPEN');
+            }
+        } else {
+            await this.login();
+            window.location.href = goBackTo;
+        }
     }
 
     /**

src/components/Select/index.tsx

@@ -32,6 +32,7 @@ export type SelectProps = {
     isVoided?: boolean;
     maxHeight?: string;
     title?: string;
+    style?: React.CSSProperties;
 };
 
 const KEYCODE_ENTER = 13;
@@ -48,6 +49,7 @@ const Select = ({
     isVoided = false,
     maxHeight,
     title,
+    style,
 }: SelectProps): JSX.Element => {
     const [isOpen, setIsOpen] = useState(false);
     const containerRef = useRef<HTMLDivElement>(null);
@@ -148,7 +150,7 @@ const Select = ({
     };
 
     return (
-        <Container ref={containerRef} maxHeight={maxHeight}>
+        <Container ref={containerRef} maxHeight={maxHeight} style={style}>
             <Label isVoided={isVoided}>{label}</Label>
             <DropdownButton
                 title={title}