New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@st-graphics/premium
Advanced tools
@st-graphics/premium - npm Package Compare versions
Comparing version 0.2.3 to 0.2.4
@@ -32,10 +32,12 @@ const inProduction = process.env.NODE_ENV === 'production' | ||
| const SERVICE_URL = inProduction | ||
| ? 'https://qk0cfs83hd.execute-api.ap-southeast-1.amazonaws.com/production' | ||
| : 'https://epc9c723qd.execute-api.ap-southeast-1.amazonaws.com/production' | ||
| // : 'https://2ikgchrot4.execute-api.ap-southeast-1.amazonaws.com/development' | ||
| // ? 'https://qk0cfs83hd.execute-api.ap-southeast-1.amazonaws.com/production' | ||
| // : 'https://epc9c723qd.execute-api.ap-southeast-1.amazonaws.com/production' | ||
| ? 'https://epc9c723qd.execute-api.ap-southeast-1.amazonaws.com/production' | ||
| : 'https://2ikgchrot4.execute-api.ap-southeast-1.amazonaws.com/development' | ||
| const BUCKET_URL = inProduction | ||
| ? 'https://graphics.straitstimes.com/s3-json/' | ||
| : 'https://graphics.straitstimes.com/s3-json-staging/' | ||
| // : 'https://st-graphics-dev-json.s3.ap-southeast-1.amazonaws.com/' | ||
| // ? 'https://graphics.straitstimes.com/s3-json/' | ||
| // : 'https://graphics.straitstimes.com/s3-json-staging/' | ||
| ? 'https://graphics.straitstimes.com/s3-json-staging/' | ||
| : 'https://st-graphics-dev-json.s3.ap-southeast-1.amazonaws.com/' | ||
@@ -62,3 +64,3 @@ function PremiumClient () {} | ||
| const query = { | ||
| logoutdest: SERVICE_URL + '/end-session' | ||
| logoutdest: getLocation() | ||
| } | ||
@@ -69,6 +71,3 @@ return LOGOUT_ENDPOINT + '?' + stringifyQuery(query) | ||
| PremiumClient.prototype.getSession = function () { | ||
| const query = { | ||
| redirectUrl: getLocation() | ||
| } | ||
| const url = SERVICE_URL + '/get-session?' + stringifyQuery(query) | ||
| const url = SERVICE_URL + '/get-session' | ||
| return fetch(url, {withCredentials: true}) | ||
@@ -80,4 +79,3 @@ } | ||
| const query = { | ||
| resourceKey: resourceKey, | ||
| redirectUrl: getLocation() | ||
| resourceKey: resourceKey | ||
| } | ||
@@ -84,0 +82,0 @@ const url = SERVICE_URL + '/content?' + stringifyQuery(query) |
| { | ||
| "name": "@st-graphics/premium", | ||
| "version": "0.2.3", | ||
| "version": "0.2.4", | ||
| "description": "ST Graphics Premium implementation", | ||
@@ -5,0 +5,0 @@ "main": "client/premium.js", |
| # st-graphics-premium | ||
|  | ||
|  | ||
| ## Deploy | ||
| ## Logic Flow | ||
| Make sure you have `awscli` installed | ||
| 1. Fetch JSON on page load | ||
| - `client/premium.js` > `.fetchContent()` | ||
| - Pass in un-prefixed JSON ID into query string as `resourceKey` | ||
| -  | ||
| 2. Hit `getPremiumContentUrl` lambda | ||
| - `SESSIONID` not present in cookie | ||
| - 403 | ||
| - Fallback to `client/premium.js` > `.fetchPublicContent()` | ||
| - Fetch public JSON directly from S3 | ||
| 3. Render login widget | ||
| ``` | ||
| pip install awscli --upgrade --user | ||
| aws configure | ||
| ``` | ||
| 1. Client initialize login flow | ||
| - Refer to: `client/premium.js` > `.getAuthorizationUrl()` | ||
| - returns url which will go into the `href` of login `<a>` | ||
| - `redirect_uri` in query string set to `/create-session` lambda endpoint | ||
| - `window.location` passed into `state` in query string | ||
| - eg. `https://ds-acc-auth.sphdigital.com/amserver/oauth2/authorize?response_type=code&client_id=st_graphics&state=eyJyZWRpcmVjdF91cmwiOiJodHRwOi8vc3QtdmlzdWFscy5jb20vaW5mb2dyYXBoaWNzL2hkYi1sZWFzZS0yMDE4L2luZGV4Lmh0bWwifQ%3D%3D&redirect_uri=https%3A%2F%2Fepc9c723qd.execute-api.ap-southeast-1.amazonaws.com%2Fproduction%2Fcreate-session&scope=uid%20aologinid%20aovisitorid%20aonickname%20aoregservice` | ||
| 2. After login is handled by LDAP, redirect to `/create-session` lambda endpoint | ||
| - Expects to receive OAuth2 authorization `code` and `state` | ||
| 3. New session creation | ||
| - Refer to: `functions/createSession/index.js` | ||
| - Exchange token - `functions/createSession/authenticate.js` > `exchangeToken` | ||
| - Fetch user info - `functions/createSession/authenticate.js` > `fetchUserInfo` | ||
| - Verify user is subscriber - `functions/createSession/authenticate.js` > `verifyUser` | ||
| - Store session in DynamoDB - `functions/createSession/Session.js` | ||
| - Obtain auth `request origin` (eg. https://graphics.straitstimes.com/interactives/2018/12/awesome-story) from `state` | ||
| - Redirect to request origin | ||
| - Return `SESSIONID` in cookie | ||
| - Any error (server, authentication etc) will be handled in a catch block and lambda exit by redirecting back to request origin. Therefore client will not see any error but login widget will continue to show. Go to Cloudwatch Log to check error | ||
| 4. Redirect back. Set-cookie `SESSIONID` | ||
| Execute deployment scripts: | ||
| 1. Fetch JSON again on redirect back | ||
| - Refer to: `client/premium.js` > `.fetchContent()` | ||
| - Hit `getPremiumContentUrl` lambda | ||
| - `SESSIONID` present in cookie | ||
| 2. Check session exist | ||
| - Refer to: `functions/getPremiumContentUrl/index.js` & `functions/getPremiumContentUrl/authenticate.js` | ||
| - Retrieve session from DynamoDB | ||
| - Renew credentials if necessary - `functions/getPremiumContentUrl/authenticate.js` > `renewCredential` | ||
| - Fetch user info - `functions/getPremiumContentUrl/authenticate.js` > `fetchUserInfo` | ||
| - Verify user is subscriber - `functions/getPremiumContentUrl/authenticate.js` > `verifyUser` | ||
| - Update session record in DynamoDB - `functions/getPremiumContentUrl/Session.js` | ||
| 3. Prepare signed URL to fetch premium JSON | ||
| - Obtain [signed URL to premium JSON from S3](./functions/getPremiumContentUrl/index.js#L50) | ||
| - 200 | ||
| `npm run deploy` |
No alert changes
Improved metrics
- Total package byte prevSize
- increased by374.74%
56409
- Number of package files
- increased by25%
5
- Number of lines in readme file
- increased by211.76%
53
Worsened metrics
- Lines of code
- decreased by-0.72%
276
No dependency changes