Part of #4793.
Context
#4793 introduces the OAuth authorization code flow (replacing the implicit flow) for the Azul refresh-token use case. Confirmed working for `dev` (#TBD ma-dev) and `anvildev`. This ticket covers the HCA prod (ma-prod) environment.
New OAuth client ID has been provisioned for the auth-code flow on HCA prod:
```
473200283737-h5e1l7neunbuesrtgjf8b12lb7o3jf1m.apps.googleusercontent.com
```
(Same Google Cloud project as the existing implicit-flow client `473200283737-4pt6e9lraf5jbb650f9kp7ethelv4a8l...`.)
Scope
Mirror the ma-dev migration in `site-config/hca-dcp/ma-prod/`:
- `authentication/constants.ts`
- Replace `GOOGLE_PROVIDER` constant with a `getGoogleProvider(dataSourceUrl)` factory matching ma-dev's shape.
- Set `flow: OAUTH_FLOW.AUTHORIZATION_CODE`.
- Derive `authorize: `${dataSourceUrl}/user/authorize``.
- Use the new prod client ID above.
- `authentication/authentication.ts`
- Convert `getAuthentication()` → `getAuthentication(dataSourceUrl)`.
- Pass `dataSourceUrl` through to `getGoogleProvider`.
- `config.ts`
Acceptance
- HCA prod (ma-prod) uses the auth-code flow with the new client ID.
- Sign-in / sign-out work against the prod Azul.
- Refresh-token flow verified end-to-end.
Closes part of #4793.
Part of #4793.
Context
#4793 introduces the OAuth authorization code flow (replacing the implicit flow) for the Azul refresh-token use case. Confirmed working for `dev` (#TBD ma-dev) and `anvildev`. This ticket covers the HCA prod (ma-prod) environment.
New OAuth client ID has been provisioned for the auth-code flow on HCA prod:
```
473200283737-h5e1l7neunbuesrtgjf8b12lb7o3jf1m.apps.googleusercontent.com
```
(Same Google Cloud project as the existing implicit-flow client `473200283737-4pt6e9lraf5jbb650f9kp7ethelv4a8l...`.)
Scope
Mirror the ma-dev migration in `site-config/hca-dcp/ma-prod/`:
Acceptance
Closes part of #4793.