From 8babd6494f7c046206997837c77f33fd801dccb7 Mon Sep 17 00:00:00 2001 From: Ryan Slatten Date: Wed, 23 Oct 2024 10:59:15 -0400 Subject: [PATCH 1/4] initial commit --- plugins/arcgis/service/src/ArcGISConfig.ts | 5 ++- .../src/ArcGISIdentityManagerFactory.ts | 44 +++++++++++++------ plugins/arcgis/service/src/index.ts | 6 +-- .../projects/main/src/lib/arc.service.ts | 18 ++++---- 4 files changed, 48 insertions(+), 25 deletions(-) diff --git a/plugins/arcgis/service/src/ArcGISConfig.ts b/plugins/arcgis/service/src/ArcGISConfig.ts index 5451fcc27..5d3bb6977 100644 --- a/plugins/arcgis/service/src/ArcGISConfig.ts +++ b/plugins/arcgis/service/src/ArcGISConfig.ts @@ -106,11 +106,14 @@ export interface UsernamePasswordAuthConfig { * Contains OAuth authentication configuration. */ export interface OAuthAuthConfig { + type: AuthType.OAuth + /** * The Client Id for OAuth */ clientId: string + /** * The redirectUri for OAuth */ @@ -121,7 +124,7 @@ export interface OAuthAuthConfig { */ authToken?: string - /** + /** * The expiration date for the temporary token */ authTokenExpires?: number diff --git a/plugins/arcgis/service/src/ArcGISIdentityManagerFactory.ts b/plugins/arcgis/service/src/ArcGISIdentityManagerFactory.ts index e54b274bf..586610df7 100644 --- a/plugins/arcgis/service/src/ArcGISIdentityManagerFactory.ts +++ b/plugins/arcgis/service/src/ArcGISIdentityManagerFactory.ts @@ -1,13 +1,14 @@ import { ArcGISIdentityManager } from "@esri/arcgis-rest-request" import { ArcGISAuthConfig, AuthType, FeatureServiceConfig, OAuthAuthConfig, TokenAuthConfig, UsernamePasswordAuthConfig } from './ArcGISConfig' import { HttpClient } from "./HttpClient"; +import { ObservationProcessor } from "./ObservationProcessor"; interface ArcGISIdentityManagerFactory { - create(portal: string, server: string, config: ArcGISAuthConfig, httpClient?: HttpClient): Promise + create(portal: string, server: string, config: ArcGISAuthConfig, httpClient?: HttpClient, processor?: ObservationProcessor): Promise } const OAuthIdentityManagerFactory: ArcGISIdentityManagerFactory = { - async create(portal: string, server: string, auth: OAuthAuthConfig, httpClient: HttpClient): Promise { + async create(portal: string, server: string, auth: OAuthAuthConfig, httpClient: HttpClient, processor: ObservationProcessor): Promise { console.debug('Client ID provided for authentication') const { clientId, authToken, authTokenExpires, refreshToken, refreshTokenExpires } = auth @@ -22,14 +23,30 @@ const OAuthIdentityManagerFactory: ArcGISIdentityManagerFactory = { } else if (refreshToken && new Date(refreshTokenExpires || 0) > new Date()) { // TODO: find a way without using constructor nor httpClient const url = `${portal}/oauth2/token?client_id=${clientId}&refresh_token=${refreshToken}&grant_type=refresh_token` - const response = await httpClient.sendGet(url) - // TODO: error handling - return ArcGISIdentityManager.fromToken({ - clientId: clientId, - token: response.access_token, - portal: portal - }); - // TODO: update authToken to new token + try { + const response = await httpClient.sendGet(url) + // Update authToken to new token + const config = await processor.safeGetConfig(); + let service = config.featureServices.find(service => service.url === portal)?.auth as OAuthAuthConfig; + const date = new Date(); + date.setSeconds(date.getSeconds() + response.expires_in || 0); + service = { + ...service, + authToken: response.access_token, + authTokenExpires: date.getTime() + } + + await processor.putConfig(config) + return ArcGISIdentityManager.fromToken({ + clientId: clientId, + token: response.access_token, + tokenExpires: date, + portal: portal + }); + } catch (error) { + throw new Error('Error occurred when using refresh token') + } + } else { // TODO the config, we need to let the user know UI side they need to authenticate again throw new Error('Refresh token missing or expired') @@ -46,7 +63,7 @@ const TokenIdentityManagerFactory: ArcGISIdentityManagerFactory = { server: server, // TODO: what do we really want to do here? esri package seems to need this optional parameter. // Use authTokenExpires if defined, otherwise set to now plus a day - tokenExpires: auth.authTokenExpires ? new Date(auth.authTokenExpires) : new Date(Date.now() + 24 * 60 * 60 * 1000) + tokenExpires: auth.authTokenExpires ? new Date(auth.authTokenExpires) : new Date(Date.now() + 24 * 60 * 60 * 1000) }) return identityManager } @@ -68,7 +85,8 @@ const authConfigMap: { [key: string]: ArcGISIdentityManagerFactory } = { export function getIdentityManager( config: FeatureServiceConfig, - httpClient: HttpClient // TODO remove in favor of an open source lib like axios + httpClient: HttpClient, // TODO remove in favor of an open source lib like axios + processor: ObservationProcessor ): Promise { const auth = config.auth const authType = config.auth?.type @@ -79,7 +97,7 @@ export function getIdentityManager( if (!factory) { throw new Error(`No factory found for type ${authType}`) } - return factory.create(getPortalUrl(config.url), getServerUrl(config.url), auth, httpClient) + return factory.create(getPortalUrl(config.url), getServerUrl(config.url), auth, httpClient, processor) } diff --git a/plugins/arcgis/service/src/index.ts b/plugins/arcgis/service/src/index.ts index ce34fce3d..ad93a4716 100644 --- a/plugins/arcgis/service/src/index.ts +++ b/plugins/arcgis/service/src/index.ts @@ -120,7 +120,7 @@ const arcgisPluginHooks: InitPluginHook = { } await processor.putConfig(config) - + // TODO: This seems like a bad idea to send the access tokens to the front end. It has no use for them and could potentially be a security concern res.send(` @@ -181,7 +181,7 @@ const arcgisPluginHooks: InitPluginHook = { try { const httpClient = new HttpClient(console) // Create the IdentityManager instance to validate credentials - await getIdentityManager(service!, httpClient) + await getIdentityManager(service!, httpClient, processor) let existingService = config.featureServices.find(service => service.url === url) if (existingService) { existingService = { ...existingService } @@ -206,7 +206,7 @@ const arcgisPluginHooks: InitPluginHook = { const httpClient = new HttpClient(console) try { - const identityManager = await getIdentityManager(featureService, httpClient) + const identityManager = await getIdentityManager(featureService, httpClient, processor) const response = await request(url, { authentication: identityManager }) diff --git a/plugins/arcgis/web-app/projects/main/src/lib/arc.service.ts b/plugins/arcgis/web-app/projects/main/src/lib/arc.service.ts index adf4355a1..bd2b831d6 100644 --- a/plugins/arcgis/web-app/projects/main/src/lib/arc.service.ts +++ b/plugins/arcgis/web-app/projects/main/src/lib/arc.service.ts @@ -61,15 +61,17 @@ export class ArcService implements ArcServiceInterface { const oauthWindow = window.open(url, "_blank"); const listener = (event: any) => { - window.removeEventListener('message', listener, false); - - if (event.origin !== window.location.origin) { - subject.error('target origin mismatch') + if (event.data.url) { + window.removeEventListener('message', listener, false); + + if (event.origin !== window.location.origin) { + subject.error('target origin mismatch') + } + + subject.next(event.data) + + oauthWindow?.close(); } - - subject.next(event.data) - - oauthWindow?.close(); } window.addEventListener('message', listener, false); From 1db79bafffd64e73c5c462d263792e112712d3a1 Mon Sep 17 00:00:00 2001 From: Ryan Slatten Date: Thu, 31 Oct 2024 10:57:27 -0400 Subject: [PATCH 2/4] updates from pr comments --- .../src/ArcGISIdentityManagerFactory.ts | 15 +++++---- .../service/src/ObservationProcessor.ts | 32 +++++++++++++++++-- plugins/arcgis/service/src/index.ts | 15 ++++----- .../projects/main/src/lib/ArcGISConfig.ts | 10 ------ 4 files changed, 43 insertions(+), 29 deletions(-) diff --git a/plugins/arcgis/service/src/ArcGISIdentityManagerFactory.ts b/plugins/arcgis/service/src/ArcGISIdentityManagerFactory.ts index 586610df7..dafadec96 100644 --- a/plugins/arcgis/service/src/ArcGISIdentityManagerFactory.ts +++ b/plugins/arcgis/service/src/ArcGISIdentityManagerFactory.ts @@ -1,14 +1,13 @@ -import { ArcGISIdentityManager } from "@esri/arcgis-rest-request" +import { ArcGISIdentityManager, request } from "@esri/arcgis-rest-request" import { ArcGISAuthConfig, AuthType, FeatureServiceConfig, OAuthAuthConfig, TokenAuthConfig, UsernamePasswordAuthConfig } from './ArcGISConfig' -import { HttpClient } from "./HttpClient"; import { ObservationProcessor } from "./ObservationProcessor"; interface ArcGISIdentityManagerFactory { - create(portal: string, server: string, config: ArcGISAuthConfig, httpClient?: HttpClient, processor?: ObservationProcessor): Promise + create(portal: string, server: string, config: ArcGISAuthConfig, processor?: ObservationProcessor): Promise } const OAuthIdentityManagerFactory: ArcGISIdentityManagerFactory = { - async create(portal: string, server: string, auth: OAuthAuthConfig, httpClient: HttpClient, processor: ObservationProcessor): Promise { + async create(portal: string, server: string, auth: OAuthAuthConfig, processor: ObservationProcessor): Promise { console.debug('Client ID provided for authentication') const { clientId, authToken, authTokenExpires, refreshToken, refreshTokenExpires } = auth @@ -24,7 +23,10 @@ const OAuthIdentityManagerFactory: ArcGISIdentityManagerFactory = { // TODO: find a way without using constructor nor httpClient const url = `${portal}/oauth2/token?client_id=${clientId}&refresh_token=${refreshToken}&grant_type=refresh_token` try { - const response = await httpClient.sendGet(url) + const response = await request(url, { + httpMethod: 'GET' + }); + // Update authToken to new token const config = await processor.safeGetConfig(); let service = config.featureServices.find(service => service.url === portal)?.auth as OAuthAuthConfig; @@ -85,7 +87,6 @@ const authConfigMap: { [key: string]: ArcGISIdentityManagerFactory } = { export function getIdentityManager( config: FeatureServiceConfig, - httpClient: HttpClient, // TODO remove in favor of an open source lib like axios processor: ObservationProcessor ): Promise { const auth = config.auth @@ -97,7 +98,7 @@ export function getIdentityManager( if (!factory) { throw new Error(`No factory found for type ${authType}`) } - return factory.create(getPortalUrl(config.url), getServerUrl(config.url), auth, httpClient, processor) + return factory.create(getPortalUrl(config.url), getServerUrl(config.url), auth, processor) } diff --git a/plugins/arcgis/service/src/ObservationProcessor.ts b/plugins/arcgis/service/src/ObservationProcessor.ts index 7bf5ab172..a5b9a6e94 100644 --- a/plugins/arcgis/service/src/ObservationProcessor.ts +++ b/plugins/arcgis/service/src/ObservationProcessor.ts @@ -14,7 +14,7 @@ import { EventTransform } from './EventTransform'; import { GeometryChangedHandler } from './GeometryChangedHandler'; import { EventDeletionHandler } from './EventDeletionHandler'; import { EventLayerProcessorOrganizer } from './EventLayerProcessorOrganizer'; -import { FeatureServiceConfig, FeatureLayerConfig, AuthType } from "./ArcGISConfig" +import { FeatureServiceConfig, FeatureLayerConfig, AuthType, OAuthAuthConfig } from "./ArcGISConfig" import { PluginStateRepository } from '@ngageoint/mage.service/lib/plugins.api' import { FeatureServiceAdmin } from './FeatureServiceAdmin'; @@ -120,8 +120,13 @@ export class ObservationProcessor { * Gets the current configuration from the database. * @returns The current configuration from the database. */ - public async safeGetConfig(): Promise { - return await this._stateRepo.get().then(x => !!x ? x : this._stateRepo.put(defaultArcGISPluginConfig)) + public async safeGetConfig(showFeatureAuth?: boolean): Promise { + const state = await this._stateRepo.get(); + if (!state) return await this._stateRepo.put(defaultArcGISPluginConfig); + if (!showFeatureAuth) { + state.featureServices = state.featureServices.map((service) => this.sanitizeFeatureService(service, AuthType.OAuth)); + } + return state; } /** @@ -132,6 +137,14 @@ export class ObservationProcessor { return await this._stateRepo.put(newConfig); } + /** + * Updates the confguration in the state repo. + * @param newConfig The new config to put into the state repo. + */ + public async patchConfig(newConfig: ArcGISPluginConfig): Promise { + return await this._stateRepo.patch(newConfig); + } + /** * Gets the current configuration and updates the processor if needed * @returns The current configuration from the database. @@ -151,6 +164,19 @@ export class ObservationProcessor { return config } + private sanitizeFeatureService(config: FeatureServiceConfig, type: AuthType): FeatureServiceConfig { + if (type === AuthType.OAuth) { + const newAuth = Object.assign({}, config.auth) as OAuthAuthConfig; + delete newAuth.refreshToken; + delete newAuth.refreshTokenExpires; + return { + ...config, + auth: newAuth + } + } + return config; + } + /** * Starts the processor. */ diff --git a/plugins/arcgis/service/src/index.ts b/plugins/arcgis/service/src/index.ts index ad93a4716..206603485 100644 --- a/plugins/arcgis/service/src/index.ts +++ b/plugins/arcgis/service/src/index.ts @@ -7,7 +7,6 @@ import { SettingPermission } from '@ngageoint/mage.service/lib/entities/authoriz import { ArcGISPluginConfig } from './ArcGISPluginConfig' import { AuthType } from './ArcGISConfig' import { ObservationProcessor } from './ObservationProcessor' -import { HttpClient } from './HttpClient' import { ArcGISIdentityManager, request } from "@esri/arcgis-rest-request" import { FeatureServiceConfig } from './ArcGISConfig' import { URL } from "node:url" @@ -157,7 +156,7 @@ const arcgisPluginHooks: InitPluginHook = { console.info('Applying ArcGIS plugin config...') const arcConfig = req.body as ArcGISPluginConfig const configString = JSON.stringify(arcConfig) - processor.putConfig(arcConfig) + processor.patchConfig(arcConfig) res.sendStatus(200) }) @@ -179,17 +178,16 @@ const arcgisPluginHooks: InitPluginHook = { } try { - const httpClient = new HttpClient(console) // Create the IdentityManager instance to validate credentials - await getIdentityManager(service!, httpClient, processor) + await getIdentityManager(service!, processor) let existingService = config.featureServices.find(service => service.url === url) if (existingService) { existingService = { ...existingService } } else { config.featureServices.push(service) } - - await processor.putConfig(config) + console.log('values patch') + await processor.patchConfig(config) return res.send(service) } catch (err) { return res.send('Invalid credentials provided to communicate with feature service').status(400) @@ -203,10 +201,9 @@ const arcgisPluginHooks: InitPluginHook = { if (!featureService) { return res.status(400) } - - const httpClient = new HttpClient(console) + try { - const identityManager = await getIdentityManager(featureService, httpClient, processor) + const identityManager = await getIdentityManager(featureService, processor) const response = await request(url, { authentication: identityManager }) diff --git a/plugins/arcgis/web-app/projects/main/src/lib/ArcGISConfig.ts b/plugins/arcgis/web-app/projects/main/src/lib/ArcGISConfig.ts index 91ff97475..c59cb6b91 100644 --- a/plugins/arcgis/web-app/projects/main/src/lib/ArcGISConfig.ts +++ b/plugins/arcgis/web-app/projects/main/src/lib/ArcGISConfig.ts @@ -126,16 +126,6 @@ export interface OAuthAuthConfig { * The expiration date for the temporary token */ authTokenExpires?: string - - /** - * The Refresh token for OAuth - */ - refreshToken?: string - - /** - * The expiration date for the Refresh token - */ - refreshTokenExpires?: string } /** From c234cc98f13fd04d1f9f7bcf5d54166ca983f624 Mon Sep 17 00:00:00 2001 From: Ryan Slatten Date: Thu, 31 Oct 2024 11:07:25 -0400 Subject: [PATCH 3/4] fix missing statements --- .../arcgis/service/src/ArcGISIdentityManagerFactory.ts | 2 +- plugins/arcgis/service/src/ObservationProcessor.ts | 2 +- plugins/arcgis/service/src/index.ts | 10 +++++----- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/plugins/arcgis/service/src/ArcGISIdentityManagerFactory.ts b/plugins/arcgis/service/src/ArcGISIdentityManagerFactory.ts index dafadec96..98982be33 100644 --- a/plugins/arcgis/service/src/ArcGISIdentityManagerFactory.ts +++ b/plugins/arcgis/service/src/ArcGISIdentityManagerFactory.ts @@ -28,7 +28,7 @@ const OAuthIdentityManagerFactory: ArcGISIdentityManagerFactory = { }); // Update authToken to new token - const config = await processor.safeGetConfig(); + const config = await processor.safeGetConfig(true); let service = config.featureServices.find(service => service.url === portal)?.auth as OAuthAuthConfig; const date = new Date(); date.setSeconds(date.getSeconds() + response.expires_in || 0); diff --git a/plugins/arcgis/service/src/ObservationProcessor.ts b/plugins/arcgis/service/src/ObservationProcessor.ts index a5b9a6e94..4a98893af 100644 --- a/plugins/arcgis/service/src/ObservationProcessor.ts +++ b/plugins/arcgis/service/src/ObservationProcessor.ts @@ -164,7 +164,7 @@ export class ObservationProcessor { return config } - private sanitizeFeatureService(config: FeatureServiceConfig, type: AuthType): FeatureServiceConfig { + public sanitizeFeatureService(config: FeatureServiceConfig, type: AuthType): FeatureServiceConfig { if (type === AuthType.OAuth) { const newAuth = Object.assign({}, config.auth) as OAuthAuthConfig; delete newAuth.refreshToken; diff --git a/plugins/arcgis/service/src/index.ts b/plugins/arcgis/service/src/index.ts index 206603485..9476cc4a3 100644 --- a/plugins/arcgis/service/src/index.ts +++ b/plugins/arcgis/service/src/index.ts @@ -74,7 +74,7 @@ const arcgisPluginHooks: InitPluginHook = { return res.status(404).send('clientId is required') } - const config = await processor.safeGetConfig() + const config = await processor.safeGetConfig(true) ArcGISIdentityManager.authorize({ clientId, portal: getPortalUrl(url), @@ -95,7 +95,7 @@ const arcgisPluginHooks: InitPluginHook = { return res.sendStatus(500) } - const config = await processor.safeGetConfig() + const config = await processor.safeGetConfig(true) const creds = { clientId: state.clientId, redirectUri: `${config.baseUrl}/${pluginWebRoute}/oauth/authenticate`, @@ -161,7 +161,7 @@ const arcgisPluginHooks: InitPluginHook = { }) routes.post('/featureService/validate', async (req, res) => { - const config = await processor.safeGetConfig() + const config = await processor.safeGetConfig(true) const { url, auth = {} } = req.body const { token, username, password } = auth if (!URL.canParse(url)) { @@ -188,7 +188,7 @@ const arcgisPluginHooks: InitPluginHook = { } console.log('values patch') await processor.patchConfig(config) - return res.send(service) + return res.send(processor.sanitizeFeatureService(service, AuthType.OAuth)) } catch (err) { return res.send('Invalid credentials provided to communicate with feature service').status(400) } @@ -196,7 +196,7 @@ const arcgisPluginHooks: InitPluginHook = { routes.get('/featureService/layers', async (req, res, next) => { const url = req.query.featureServiceUrl as string - const config = await processor.safeGetConfig() + const config = await processor.safeGetConfig(true) const featureService = config.featureServices.find(featureService => featureService.url === url) if (!featureService) { return res.status(400) From 7c19885c3643daeb15079dc34795d74a50b42fc2 Mon Sep 17 00:00:00 2001 From: Ryan Slatten Date: Thu, 31 Oct 2024 14:32:00 -0400 Subject: [PATCH 4/4] move sanitize to web routes --- .../src/ArcGISIdentityManagerFactory.ts | 2 +- .../service/src/ObservationProcessor.ts | 20 ++------------ plugins/arcgis/service/src/index.ts | 27 ++++++++++++++----- 3 files changed, 23 insertions(+), 26 deletions(-) diff --git a/plugins/arcgis/service/src/ArcGISIdentityManagerFactory.ts b/plugins/arcgis/service/src/ArcGISIdentityManagerFactory.ts index 98982be33..dafadec96 100644 --- a/plugins/arcgis/service/src/ArcGISIdentityManagerFactory.ts +++ b/plugins/arcgis/service/src/ArcGISIdentityManagerFactory.ts @@ -28,7 +28,7 @@ const OAuthIdentityManagerFactory: ArcGISIdentityManagerFactory = { }); // Update authToken to new token - const config = await processor.safeGetConfig(true); + const config = await processor.safeGetConfig(); let service = config.featureServices.find(service => service.url === portal)?.auth as OAuthAuthConfig; const date = new Date(); date.setSeconds(date.getSeconds() + response.expires_in || 0); diff --git a/plugins/arcgis/service/src/ObservationProcessor.ts b/plugins/arcgis/service/src/ObservationProcessor.ts index 4a98893af..e6c526b64 100644 --- a/plugins/arcgis/service/src/ObservationProcessor.ts +++ b/plugins/arcgis/service/src/ObservationProcessor.ts @@ -120,13 +120,10 @@ export class ObservationProcessor { * Gets the current configuration from the database. * @returns The current configuration from the database. */ - public async safeGetConfig(showFeatureAuth?: boolean): Promise { + public async safeGetConfig(): Promise { const state = await this._stateRepo.get(); if (!state) return await this._stateRepo.put(defaultArcGISPluginConfig); - if (!showFeatureAuth) { - state.featureServices = state.featureServices.map((service) => this.sanitizeFeatureService(service, AuthType.OAuth)); - } - return state; + return await this._stateRepo.get().then((state) => state ? state : this._stateRepo.put(defaultArcGISPluginConfig)); } /** @@ -164,19 +161,6 @@ export class ObservationProcessor { return config } - public sanitizeFeatureService(config: FeatureServiceConfig, type: AuthType): FeatureServiceConfig { - if (type === AuthType.OAuth) { - const newAuth = Object.assign({}, config.auth) as OAuthAuthConfig; - delete newAuth.refreshToken; - delete newAuth.refreshTokenExpires; - return { - ...config, - auth: newAuth - } - } - return config; - } - /** * Starts the processor. */ diff --git a/plugins/arcgis/service/src/index.ts b/plugins/arcgis/service/src/index.ts index 9476cc4a3..c3d9e02f6 100644 --- a/plugins/arcgis/service/src/index.ts +++ b/plugins/arcgis/service/src/index.ts @@ -8,7 +8,7 @@ import { ArcGISPluginConfig } from './ArcGISPluginConfig' import { AuthType } from './ArcGISConfig' import { ObservationProcessor } from './ObservationProcessor' import { ArcGISIdentityManager, request } from "@esri/arcgis-rest-request" -import { FeatureServiceConfig } from './ArcGISConfig' +import { FeatureServiceConfig, OAuthAuthConfig } from './ArcGISConfig' import { URL } from "node:url" import express from 'express' import { getIdentityManager, getPortalUrl } from './ArcGISIdentityManagerFactory' @@ -37,6 +37,19 @@ const InjectedServices = { const pluginWebRoute = "plugins/@ngageoint/mage.arcgis.service" +const sanitizeFeatureService = (config: FeatureServiceConfig, type: AuthType): FeatureServiceConfig => { + if (type === AuthType.OAuth) { + const newAuth = Object.assign({}, config.auth) as OAuthAuthConfig; + delete newAuth.refreshToken; + delete newAuth.refreshTokenExpires; + return { + ...config, + auth: newAuth + } + } + return config; +} + /** * The MAGE ArcGIS Plugin finds new MAGE observations and if configured to send the observations * to an ArcGIS server, it will then transform the observation to an ArcGIS feature and @@ -74,7 +87,7 @@ const arcgisPluginHooks: InitPluginHook = { return res.status(404).send('clientId is required') } - const config = await processor.safeGetConfig(true) + const config = await processor.safeGetConfig() ArcGISIdentityManager.authorize({ clientId, portal: getPortalUrl(url), @@ -95,7 +108,7 @@ const arcgisPluginHooks: InitPluginHook = { return res.sendStatus(500) } - const config = await processor.safeGetConfig(true) + const config = await processor.safeGetConfig() const creds = { clientId: state.clientId, redirectUri: `${config.baseUrl}/${pluginWebRoute}/oauth/authenticate`, @@ -150,6 +163,7 @@ const arcgisPluginHooks: InitPluginHook = { .get(async (req, res, next) => { console.info('Getting ArcGIS plugin config...') const config = await processor.safeGetConfig() + config.featureServices = config.featureServices.map((service) => sanitizeFeatureService(service, AuthType.OAuth)); res.json(config) }) .put(async (req, res, next) => { @@ -161,7 +175,7 @@ const arcgisPluginHooks: InitPluginHook = { }) routes.post('/featureService/validate', async (req, res) => { - const config = await processor.safeGetConfig(true) + const config = await processor.safeGetConfig() const { url, auth = {} } = req.body const { token, username, password } = auth if (!URL.canParse(url)) { @@ -186,9 +200,8 @@ const arcgisPluginHooks: InitPluginHook = { } else { config.featureServices.push(service) } - console.log('values patch') await processor.patchConfig(config) - return res.send(processor.sanitizeFeatureService(service, AuthType.OAuth)) + return res.send(sanitizeFeatureService(service, AuthType.OAuth)) } catch (err) { return res.send('Invalid credentials provided to communicate with feature service').status(400) } @@ -196,7 +209,7 @@ const arcgisPluginHooks: InitPluginHook = { routes.get('/featureService/layers', async (req, res, next) => { const url = req.query.featureServiceUrl as string - const config = await processor.safeGetConfig(true) + const config = await processor.safeGetConfig() const featureService = config.featureServices.find(featureService => featureService.url === url) if (!featureService) { return res.status(400)