diff --git a/src/client/modules/app/services/europa.ts b/src/client/modules/app/services/europa.ts new file mode 100644 index 00000000..00c255f6 --- /dev/null +++ b/src/client/modules/app/services/europa.ts @@ -0,0 +1,75 @@ +import { Runtime } from '../../lib/types'; + +// This line assumes kbase-ui is running on a direct subdomain on the Europa instance +// this subdomain relationship is _required_ for CORS security policy reasons +// i.e. legacy.ci-europa.kbase.us --> ci-europa.kbase.us +const europaTargetOrigin = window.location.origin.replace('legacy.', ''); + +// This variable is undefined by default but will be set if +// the iframe receives a 'europa.identify' message from a parent +// which specifies a parent domain which is not the one above. +// WHEN TRUTHY, token events will not propagate to the parent +// This enables development in localhost. +let insecureParent: string | undefined = undefined; + +const getMessageDomain = () => + insecureParent ? insecureParent : europaTargetOrigin; + +export const initEuropa = (runtime: Runtime) => { + runtime.receive('app', 'route-component', (payload) => { + if (window.parent) { + window.parent.postMessage( + { source: 'kbase-ui.app.route-component', payload }, + getMessageDomain() + ); + } + }); + runtime.receive('ui', 'setTitle', (payload) => { + if (window.parent) { + window.parent.postMessage( + { source: 'kbase-ui.ui.setTitle', payload }, + getMessageDomain() + ); + } + }); + runtime.receive('session', 'loggedin', () => { + if (window.parent && !insecureParent) { + window.parent.postMessage( + { + source: 'kbase-ui.session.loggedin', + payload: { + token: runtime.service('session').getAuthToken(), + }, + }, + europaTargetOrigin + ); + } + }); + runtime.receive('session', 'loggedout', () => { + if (window.parent && !insecureParent) { + window.parent.postMessage( + { + source: 'kbase-ui.session.loggedout', + payload: undefined, + }, + europaTargetOrigin + ); + } + }); + window.addEventListener('message', (message) => { + // only look at messages which come from the iframe parent + if (message.source !== window.parent || !message?.data?.source) return; + // Navigate events + if (message?.data?.source == 'europa.navigate') { + runtime.send('app', 'navigate', message.data.payload); + } + // Domain identify events + else if (message?.data?.source == 'europa.identify') { + if (message.data.payload !== europaTargetOrigin) { + // we could allow only specific domains here + // (i.e. localhost:3000) in the future + insecureParent = message.data.payload; + } + } + }); +}; diff --git a/src/client/modules/app/services/route.ts b/src/client/modules/app/services/route.ts index 4b5f7ae9..ab6bc83c 100644 --- a/src/client/modules/app/services/route.ts +++ b/src/client/modules/app/services/route.ts @@ -11,6 +11,7 @@ import { RoutingLocation, } from "./router"; import { Receiver, Runtime, Service, SimpleMap } from "../../lib/types"; +import { initEuropa } from "./europa"; type RouteHandler = RoutedRequest; @@ -71,6 +72,7 @@ export class RouteService extends Service { this.currentRouteHandler = null; this.receivers = []; this.eventListeners = []; + initEuropa(this.runtime); } doRoute() { diff --git a/src/client/modules/lib/kb_lib/Auth2Session.ts b/src/client/modules/lib/kb_lib/Auth2Session.ts index c0e1a2f2..f9d613a5 100644 --- a/src/client/modules/lib/kb_lib/Auth2Session.ts +++ b/src/client/modules/lib/kb_lib/Auth2Session.ts @@ -674,19 +674,6 @@ export class Auth2Session { new Cookie(this.cookieName, '').setPath('/') ); - // Also remove the domain level cookie in case it was in advertently - // created. This can be a cause for a corrupt token, since the old auth - // system tokens are invalid, and it could create domain level cookies. - // New auth code does not (other than the backup cookie.) - const domainParts = window.location.hostname.split('.'); - let domain; - for (let len = 2; len <= domainParts.length; len += 1) { - domain = domainParts.slice(-len).join('.'); - this.cookieManager.removeItem( - new Cookie(this.cookieName, '').setPath('/').setDomain(domain) - ); - } - if (this.extraCookies) { this.extraCookies.forEach((cookieConfig) => { this.cookieManager.removeItem( diff --git a/src/client/modules/pluginSupport/AutoPostForm.js b/src/client/modules/pluginSupport/AutoPostForm.js index 694c3dad..316522f4 100644 --- a/src/client/modules/pluginSupport/AutoPostForm.js +++ b/src/client/modules/pluginSupport/AutoPostForm.js @@ -41,6 +41,7 @@ define([ return html`
.-content { flex: 1 1 0px; display: flex; @@ -136,7 +140,7 @@ /* Navbar */ -/* +/* * Main Navigation Bar */ @@ -245,8 +249,8 @@ /* Body */ -/* Tweak navbar, sidebar and main content areas to fit together -The navbar and sidebar are fixed -- so out of flow and need absolute positioning +/* Tweak navbar, sidebar and main content areas to fit together +The navbar and sidebar are fixed -- so out of flow and need absolute positioning Although the sidebar is partially positioned with part of the navbar. The content area is normal flow and just needs to have a matching top margin. */