fix: remove the auth redirect loop

EXAMPLE_setup_environment.sh

@@ -5,10 +5,6 @@
 # otherwise dev dependencies required by the build process will not install.
 export NODE_ENV=production
 
-# Set authentication mode
-# Either 'saml' or 'basic'
-export LOGIN_MODE=saml
-
 # The public prefix for the web application
 # Default - /talentmap/
 export PUBLIC_URL=/talentmap/

config/env.js

@@ -55,8 +55,8 @@ process.env.NODE_PATH = (process.env.NODE_PATH || '')
 // injected into the application via DefinePlugin in Webpack configuration.
 const REACT_APP = /^REACT_APP_/i;
 const ENV = NODE_ENV || 'development';
-const ABOUT_URL = (NODE_ENV === 'development') ? 'https://github.com/18F/State-TalentMAP' : `${process.env.PUBLIC_URL}about`;
-const LOGIN_MODE = process.env.LOGIN_MODE || 'basic';
+const PUBLIC_URL = process.env.PUBLIC_URL || '/talentmap/';
+const ABOUT_URL = `${process.env.PUBLIC_URL}about`;
 const API_URL = process.env.API_URL || 'http://localhost:8000/api/v1';
 
 function getClientEnvironment(publicUrl) {
@@ -70,7 +70,6 @@ function getClientEnvironment(publicUrl) {
     // images into the `src` and `import` them in code to get their paths.
     PUBLIC_URL: publicUrl,
     ABOUT_URL,
-    LOGIN_MODE,
     API_URL,
   };
 

deploy/deploy.sh

@@ -37,16 +37,24 @@ export STATIC_PATH=/var/www/html/
 # certs generated from the certs.sh script
 export CERT_FILE=/home/ec2-user/State-TalentMAP-dev/certs/talentmap-dev.crt
 export KEY_FILE=/home/ec2-user/State-TalentMAP-dev/certs/talentmap-dev.key
-export LOGIN_MODE=basic
+# use mock saml
+export USE_MOCK_SAML=1
+# SSO login/out routes
+export SSO_LOGIN_URL=https://dev.talentmap.metaphasedev.com/talentmap/login.html
+export SSO_LOGOUT_URL=https://dev.talentmap.metaphasedev.com/talentmap/login.html
+
+export ENTITY_ID=https://dev.talentmap.metaphasedev.com/talentmap/
 
 # change to dev BEFORE install
 export NODE_ENV=dev
 
+# install dependencies
 yarn install
 
 # set back to production BEFORE build
 export NODE_ENV=production
 
+# build artifact
 yarn build
 
 # backup the html dir if present

service/talentmap.service

@@ -21,9 +21,6 @@ Environment=NODE_ENV=production
 # Port number for the Express web application
 Environment=PORT=3000
 
-# Set authentication mode
-Environment=LOGIN_MODE=saml
-
 # The public prefix for the web application
 Environment=PUBLIC_URL=/talentmap/
 
@@ -51,4 +48,4 @@ Environment=KEY_FILE=/path/to/key_file.key
 # identity provider config
 Environment=SSO_LOGIN_URL=http://localhost:5000/login
 Environment=SSO_LOGOUT_URL=http://localhost:5000/logout
-Environment=SSO_CERT_FILE=/path/to/cert_file.crt
+Environment=SSO_CERT_FILE=/path/to/cert_file.crt

src/api.js

@@ -1,5 +1,6 @@
 import axios from 'axios';
 import { fetchUserToken, hasValidToken, propOrDefault, redirectToLoginRedirect } from './utilities';
+import { logoutRequest } from './login/actions';
 
 export const config = {
   baseURL: process.env.API_URL || 'http://localhost:8000/api/v1',
@@ -22,7 +23,9 @@ api.interceptors.response.use(response => response, (error) => {
       // Due to timing of import store before history is created, importing store here causes
       // exports of api to be undefined. So this causes an error for `userProfile.js` when
       // attempting to login. Went with the eslint quick re-enable to get around this.
-      redirectToLoginRedirect();
+      /* eslint-disable global-require */
+      require('./store').store.dispatch(logoutRequest());
+      /* eslint-enable global-require */
       break;
     }
 

src/login/routes.js

@@ -5,4 +5,4 @@ export const LOGIN_REDIRECT = '/loginRedirect';
 
 // Express routes. Users should never access these directly within React.
 export const LOGIN_ROUTE = '/login';
-export const LOGOUT_ROUTE = process.env.LOGIN_MODE === 'saml' ? '/logout' : '/login';
+export const LOGOUT_ROUTE = '/logout';

src/login/sagas.test.js

@@ -12,8 +12,6 @@ const mocks = {
 xdescribe('login functions - basic auth', () => {
   beforeEach(() => {
     jest.resetModules();
-    delete process.env.LOGIN_MODE;
-    process.env.LOGIN_MODE = 'basic';
   });
 
   it('can log in and set the client (LocalStorage Auth)', () => {
@@ -81,8 +79,6 @@ xdescribe('login functions - basic auth', () => {
 describe('login for SAML', () => {
   beforeEach(() => {
     jest.resetModules();
-    delete process.env.LOGIN_MODE;
-    process.env.LOGIN_MODE = 'saml';
   });
 
   it('can set the client upon providing a valid token (SAML Auth)', () =>

src/saml2-config.js

@@ -15,7 +15,7 @@ const keyFile = process.env.KEY_FILE || path.join(__dirname, '../certs', 'talent
 
 // identity provider config
 const SSO_LOGIN_URL = process.env.SSO_LOGIN_URL || `${DEFAULT_URL}login.html`;
-const SSO_LOGOUT_URL = process.env.SSO_LOGOUT_URL || 'http://localhost:3000/talentmap/';
+const SSO_LOGOUT_URL = process.env.SSO_LOGOUT_URL || DEFAULT_URL;
 const ssoCertFile = process.env.SSO_CERT_FILE || path.join(__dirname, '../certs', 'talentmap-dev.crt');
 
 let privateKey = null;