(WIP) Microsoph Graph API OAuth

[sowiecki]

Functionality

Directly related to OAuth

• Retrieve OAuth access_token from Microsoft Graph API service

• Pass/associate access_token to client

• Use access_token to validate client before websocket handshake

• Restrict further websocket requests from unauthorized client (flush client)

• Force client refresh to obtain fresh token

• Implement Logout button

• Implement query param or other solution to limit oauth scopes when logged in on "public" device (e.g., unattended TV)

• Use refreshToken to fetch accessToken, and send that along with the rooms request.

• Implement solution for /api/reservations endpoint on server when using oauth.

• Fix "Logout" so that that it actually completely logs the user out.

• Implement optional auth.headlessAuthorization (rename?) solution of logging into the client on unattended devices (e.g., TV displays). Query param, maybe? ?headlessAuthorization=longSecretHash to log in with limited, read-only access. 🤷‍♂️

Tangential

• Update Kronos to use https://graph.microsoft.com/beta/users/me/calendar/getSchedule endpoint, so that occurrences are properly returned.

• Build pipeline (or convenience script) to local transpiling and pushing to EC2. Since free tier EC2 crashes and burns when attempting to compile on the instance. 🔥 🔥 🔥

• Update to use start.dateTime and end.dateTime rather than startTime and endTime. Remove legacy keys from Kronos.

Architecture

• Verify compatibility with rooms request middleware layer (or bypass altogether??) No longer relevant, I'm keeping in the middleware layer. It makes no sense to spawn a process for each user to calculate each room status. I could offload the whole process to the client, but that's way too much work, and not really necessary as the server would still need to run the process itself (headless, no less) to drive the room module devices.

• Verify backwards compatibility for tenants not using any oauth

Extra

• Refactor other server requests to use async/await syntax (similiar to fetchRefreshToken)

• Documentation and tests

Security

• Peer review

[sowiecki]

Without this, Webpack is spitting out logs about 100+ tiny bundles being completed. Verify that...that's ok. It seems awfully weird, but source maps and everything are working perfectly well. The bundle sizes (in Kb's) seem like they would add up to about the same size as the old, single 4Mb-ish bundle.

Might just be a weird quirk of using import() dynamic imports 🤷‍♂️

[sowiecki]

Entrypoint app = bundle.js bundle.js.map (prefetch: 0.bundle.js 0.bundle.js.map 2.bundle.js 2.bundle.js.map 3.bundle.js

Continues to 136.bundle.js.map! Or 99 if I remove /* webpackPrefetch: true */ from the new dynamic import in the root component.

Most chunks are anywhere from 1 to 30 KiB, with a very few in the 200-600 range.