KB-12946 updated token and user read API for OIL India

Author: Karthikeyan R

package.json

@@ -25,6 +25,7 @@
     "@project-sunbird/form-service": "0.0.15",
     "@types/cors": "^2.8.6",
     "@types/ioredis": "^4.28.10",
+    "@types/jwt-decode": "^2.2.1",
     "@types/node-xlsx": "^0.15.0",
     "async": "^3.2.0",
     "axios": "^0.19.1",

src/publicApi_v8/oilAuth.ts

@@ -1,5 +1,7 @@
 import axios from 'axios'
 import express from 'express'
+import jwt_decode from 'jwt-decode'
+import querystring from 'querystring'
 import uuid from 'uuid'
 import { axiosRequestConfig } from '../configs/request.config'
 import { CONSTANTS } from '../utils/env'
@@ -66,12 +68,15 @@ oilAuth.get('/login/callback', async (req, res) => {
         const redirectUrl = 'https://' + req.hostname + CONSTANTS.OIL_AUTH_CALLBACK_URL
         const tokenResponse = await axios({
             ...axiosRequestConfig,
-            data: {
+            data: querystring.stringify({
                 client_id: CONSTANTS.OIL_CLIENT_ID,
                 client_secret: CONSTANTS.OIL_CLIENT_SECRET,
                 code: decodeURIComponent(req.query.code),
                 grant_type: 'authorization_code',
                 redirect_uri: redirectUrl,
+            }),
+            headers: {
+                'Content-Type': 'application/x-www-form-urlencoded',
             },
             method: 'POST',
             url: CONSTANTS.OIL_TOKEN_URL,
@@ -83,17 +88,21 @@ oilAuth.get('/login/callback', async (req, res) => {
         } else {
             logError('Failed to set OIL token in req session. Session not available...')
         }
+        // tslint:disable-next-line: no-any
+        const decodedToken: any = jwt_decode(tokenResponse.data.access_token)
+        const userOid = decodedToken.oid
+        logInfo('User OID: ' + userOid)
         const userDetailResponse = await axios({
             ...axiosRequestConfig,
             headers: {
-                Authorization: tokenResponse.data.access_token,
+                Authorization: `Bearer ${tokenResponse.data.access_token}`,
             },
             method: 'GET',
-            url: CONSTANTS.OIL_USER_DETAILS_URL,
+            url: `https://graph.microsoft.com/v1.0/users/${userOid}`,
         })
 
         logInfo('User information from OIL : ' + JSON.stringify(userDetailResponse.data))
-        const loginId = userDetailResponse.data.loginId
+        const loginId = userDetailResponse.data.mail
         if (!loginId) {
             const errorMessage = 'iGOT login failed. You must allow Email id on the consent form for Login. '
                 + 'Please logout from OIL and try iGOT Login with OIL again.'
@@ -103,15 +112,15 @@ oilAuth.get('/login/callback', async (req, res) => {
         }
 
         let result: { errMessage: string, rootOrgId: string, userExist: boolean, }
-        result = await fetchUserByEmailId(userDetailResponse.data.loginId)
-        logInfo('For OIL emailId ? ' + userDetailResponse.data.loginId + ', isUserExist ? ' + result.userExist
+        result = await fetchUserByEmailId(userDetailResponse.data.mail)
+        logInfo('For OIL emailId ? ' + userDetailResponse.data.mail + ', isUserExist ? ' + result.userExist
             + ', rootOrgId ? ' + result.rootOrgId + ', errorMessage ? ' + result.errMessage)
         let isFirstTimeUser = false
         if (result.errMessage === '') {
             let createResult: { errMessage: string, userCreated: boolean, userId: string }
             if (!result.userExist) {
-                logInfo('iGOT User does not exist for OIL email: ' + userDetailResponse.data.loginId)
-                const mobileNo = userDetailResponse.data.MobileNo
+                logInfo('iGOT User does not exist for OIL email: ' + userDetailResponse.data.mail)
+                const mobileNo = userDetailResponse.data.mobilePhone
 
                 if (!loginId || !mobileNo) {
                     const errorMessage = 'OIL user registration failed. You must allow Email id and Mobile number on the consent form. '
@@ -120,16 +129,16 @@ oilAuth.get('/login/callback', async (req, res) => {
                     res.redirect(`https://${host}/public/logout?error=` + encodeURIComponent(errorMessage))
                     return
                 }
-                createResult = await createUserWithMailId(userDetailResponse.data.loginId,
-                    userDetailResponse.data.FirstName, userDetailResponse.data.LastName, userDetailResponse.data.MobileNo)
+                createResult = await createUserWithMailId(userDetailResponse.data.mail,
+                    userDetailResponse.data.givenName, userDetailResponse.data.surname, userDetailResponse.data.mobilePhone)
                 if (createResult.errMessage !== '') {
                     result.errMessage = createResult.errMessage
                 }
                 isFirstTimeUser = true
-                logInfo('New user is created for OIL email id:' + userDetailResponse.data.loginId
+                logInfo('New user is created for OIL email id:' + userDetailResponse.data.mail
                     + ', new User id:' + createResult.userId)
             } else {
-                logInfo('User exists for OIL email id:' + userDetailResponse.data.loginId
+                logInfo('User exists for OIL email id:' + userDetailResponse.data.mail
                     + ', result.rootOrgId = ' + result.rootOrgId + ', XChannelId = ' + CONSTANTS.X_Channel_Id)
                 if (result.rootOrgId !== '' && result.rootOrgId === CONSTANTS.X_Channel_Id) {
                     isFirstTimeUser = true
@@ -139,21 +148,21 @@ oilAuth.get('/login/callback', async (req, res) => {
                 let keycloakResult: {
                     access_token: string, errMessage: string, keycloakSessionCreated: boolean, refresh_token: string
                 }
-                keycloakResult = await updateKeycloakSession(userDetailResponse.data.loginId, req, res)
+                keycloakResult = await updateKeycloakSession(userDetailResponse.data.mail, req, res)
                 if (keycloakResult.errMessage !== '') {
-                    logError('For OIL emailId:' + userDetailResponse.data.loginId
+                    logError('For OIL emailId:' + userDetailResponse.data.mail
                         + ', Received a keycloak error: ' + keycloakResult.errMessage)
                     result.errMessage = keycloakResult.errMessage
                 }
                 logInfo('OIL user session established in Keycloak: ' + JSON.stringify(keycloakResult))
             }
         }
         if (result.errMessage !== '') {
-            logError('For OIL emailId:' + userDetailResponse.data.loginId
+            logError('For OIL emailId:' + userDetailResponse.data.mail
                 + ', Received error from user search. Error Message: ' + result.errMessage)
             resRedirectUrl = `https://${host}/public/logout?error=` + encodeURIComponent(JSON.stringify(result.errMessage))
         } else {
-            logInfo('OIL login is successful for emailId:' + userDetailResponse.data.loginId)
+            logInfo('OIL login is successful for emailId:' + userDetailResponse.data.mail)
             if (isFirstTimeUser) {
                 resRedirectUrl = `https://${host}/public/welcome`
             }