fix(api): fix auth config

angular.json

@@ -227,7 +227,6 @@
       "root": "apps/api",
       "sourceRoot": "apps/api/src",
       "projectType": "application",
-      "prefix": "ngx",
       "schematics": {},
       "architect": {
         "build": {

apps/api-e2e/tsconfig.e2e.json

@@ -1,7 +1,7 @@
 {
   "extends": "../../tsconfig.json",
   "compilerOptions": {
-    "outDir": "../../dist/out-tsc/apps/api-e2e",
+    "outDir": "../../dist/apps/api-e2e",
     "module": "commonjs",
     "target": "es6",
     "types": ["jest", "node"]

apps/api/README.md

@@ -14,7 +14,6 @@ ORM               | [TypeORM](http://typeorm.io/)                   |
 File Upload       | [Multer](https://github.com/expressjs/multer)   |
 Validation        | [Class-Validator](https://github.com/typestack/class-validator)|
 Documentation     | [Open API(Swagger)](https://swagger.io)         |
-Configuration     | [Dotenv](https://github.com/motdotla/dotenv)    | 
 Authentication    | [Passport.js](http://www.passportjs.org)        |
 Testing           | [Jest](https://github.com/facebook/jest) & [SuperTest](https://github.com/visionmedia/supertest)|
 Code Style        | [Prettier](https://github.com/prettier/prettier) & [TS-Lint](https://palantir.github.io/tslint/)|
@@ -40,50 +39,28 @@ docker ps -a
 docker rm 82be5234c94a
 ```
 
-> make sure to delete **dist/apps/api**  before running any of the following commands.
-> other wish old .js **entity** classes my conflict and cause unexpected bugs.
-
 #### Run Dev Mode
 ```bash
 # start in watch mode
 ng serve api
 # to turn on logging for `request`
 NODE_DEBUG=request ng serve api
 DEBUG=typeorm:* ng serve api
-
-# start
-npm run api:start
-# if you want run with `development` config
-NODE_ENV=development npm run api:start
 ```
 
-#### Run HMR Mode
-> run both commands in two terminals 
-```bash
-# incremental rebuild (webpack)
-npm run api:webpack
-# incremental load (HMR)
-npm run api:start:hmr
-``` 
-
 #### Run Prod Mode
 > run both commands
 ```bash
 # build first
-npm run api:prestart:prod
+ng build api --prod
 # then run
 npm run api:start:prod
-# if you want run with `production` config
-NODE_ENV=production npm run api:start:prod
 ```
 
 ### Build
 > build for production env 
 ```bash
-# with TSC (recommended) 
-NODE_ENV=production npm run api:prestart:prod
-# with webpack
-npm run api:webpack -- -p
+npm run api:build
 ```
 
 ### Generate

apps/api/src/app.controller.spec.ts

@@ -9,7 +9,7 @@ describe('AppController', () => {
   beforeAll(async () => {
     app = await Test.createTestingModule({
       controllers: [AppController],
-      imports: [ConfigModule.forRoot()],
+      imports: [ConfigModule],
     }).compile();
   });
 

apps/api/src/auth/passport/jwt.strategy.ts

@@ -5,19 +5,20 @@ import { passportJwtSecret, SigningKeyNotFoundError } from '@xmlking/jwks-rsa';
 
 import { AuthService } from '../auth.service';
 import { JwtToken } from '../interfaces/jwt-token.interface';
+import { environment as env } from '@env-api/environment';
 
 @Injectable()
 export class JwtStrategy extends PassportStrategy(Strategy) {
   constructor(private readonly authService: AuthService) {
     super({
       jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
-      // secretOrKey: process.env.OIDC_PUBLIC_KEY,
+      // secretOrKey: env.auth.publicKey,
       secretOrKeyProvider: passportJwtSecret({
         cache: true,
         rateLimit: true,
         jwksRequestsPerMinute: 5,
         strictSsl: false,
-        jwksUri: `${process.env.OIDC_ISSUER_URL}/protocol/openid-connect/certs`,
+        jwksUri: `${env.auth.issuer}/protocol/openid-connect/certs`,
       }),
       handleSigningKeyError: (err, cb) => {
         if (err instanceof SigningKeyNotFoundError) {
@@ -27,8 +28,8 @@ export class JwtStrategy extends PassportStrategy(Strategy) {
       },
 
       // Validate the audience and the issuer.
-      audience: process.env.OIDC_CLIENT,
-      issuer: process.env.OIDC_ISSUER_URL,
+      audience: env.auth.clientId,
+      issuer: env.auth.issuer,
       algorithm: ['RS256'],
     });
   }

apps/api/src/auth/passport/ws-jwt.strategy.ts

@@ -6,6 +6,7 @@ import { passportJwtSecret, SigningKeyNotFoundError } from '@xmlking/jwks-rsa';
 import { AuthService } from '../auth.service';
 import { JwtToken } from '../interfaces/jwt-token.interface';
 import { WsException } from '@nestjs/websockets';
+import { environment as env } from '@env-api/environment';
 
 const extractJwtFromWsQuery = req => {
   let token = null;
@@ -22,13 +23,13 @@ export class WsJwtStrategy extends PassportStrategy(Strategy, 'ws-jwt') {
   constructor(private readonly authService: AuthService) {
     super({
       jwtFromRequest: extractJwtFromWsQuery, // ExtractJwt.fromUrlQueryParameter('token'),
-      // secretOrKey: process.env.OIDC_PUBLIC_KEY,
+      // secretOrKey: env.auth.publicKey,
       secretOrKeyProvider: passportJwtSecret({
         cache: true,
         rateLimit: true,
         jwksRequestsPerMinute: 5,
         strictSsl: false,
-        jwksUri: `${process.env.OIDC_ISSUER_URL}/protocol/openid-connect/certs`,
+        jwksUri: `${env.auth.issuer}/protocol/openid-connect/certs`,
       }),
       handleSigningKeyError: (err, cb) => {
         if (err instanceof SigningKeyNotFoundError) {
@@ -38,8 +39,8 @@ export class WsJwtStrategy extends PassportStrategy(Strategy, 'ws-jwt') {
       },
 
       // Validate the audience and the issuer.
-      audience: process.env.OIDC_CLIENT,
-      issuer: process.env.OIDC_ISSUER_URL,
+      audience: env.auth.clientId,
+      issuer: env.auth.issuer,
       algorithm: ['RS256'],
     });
   }

apps/api/src/email/email-core.module.ts

@@ -14,7 +14,7 @@ const defaultConfig = {
     forceEmbeddedImages: false,
     from: undefined,
   },
-  templateDir: `${process.cwd()}/email-templates`,
+  templateDir: `${process.cwd()}/assets/email-templates`,
 };
 
 @Global()

apps/api/src/environments/environment.prod.ts

@@ -23,11 +23,9 @@ export const environment = {
     synchronize: false,
   },
 
-  oidc: {
-    // issuerUrl: 'https://myroute-is360.a3c1.starter-us-west-1.openshiftapps.com/auth/realms/kubernetes',
-    // client: 'cockpit',
-    issuerUrl: process.env.OIDC_ISSUER_URL || 'https://myroute-is360.a3c1.starter-us-west-1.openshiftapps.com/auth/realms/is360',
-    client: process.env.OIDC_CLIENT || 'is360ui',
+  auth: {
+    issuer: process.env.OIDC_ISSUER_URL || 'https://myroute-is360.a3c1.starter-us-west-1.openshiftapps.com/auth/realms/is360',
+    clientId: process.env.OIDC_CLIENT_ID || 'is360ui',
   },
 
   email: {
@@ -43,7 +41,7 @@ export const environment = {
     defaults: {
       from: process.env.EMAIL_FROM ? process.env.EMAIL_FROM : '"sumo demo" <sumo@demo.com>',
     },
-    templateDir:  process.env.EMAIL_TEMPLATE_DIR || 'apps/api/email-templates',
+    templateDir:  process.env.EMAIL_TEMPLATE_DIR || `${__dirname}/assets/email-templates`,
   },
 
   webPush: {

apps/api/src/environments/environment.ts

@@ -29,11 +29,11 @@ export const environment = {
     synchronize: true,
   },
 
-  oidc: {
-    // issuerUrl: 'https://myroute-is360.a3c1.starter-us-west-1.openshiftapps.com/auth/realms/kubernetes',
-    // client: 'cockpit',
-    issuerUrl: process.env.OIDC_ISSUER_URL || 'https://myroute-is360.a3c1.starter-us-west-1.openshiftapps.com/auth/realms/is360',
-    client: process.env.OIDC_CLIENT || 'is360ui',
+  auth: {
+    // issuer: 'https://myroute-is360.a3c1.starter-us-west-1.openshiftapps.com/auth/realms/kubernetes',
+    // clientId: 'cockpit',
+    issuer: 'https://myroute-is360.a3c1.starter-us-west-1.openshiftapps.com/auth/realms/is360',
+    clientId: 'is360ui',
   },
 
   email: {
@@ -44,7 +44,7 @@ export const environment = {
     defaults: {
       from: '"sumo demo" <sumo@demo.com>',
     },
-    templateDir: 'apps/api/email-templates',
+    templateDir: 'apps/api/src/assets/email-templates',
   },
 
   webPush: {

apps/api/src/main.hmr.ts

@@ -33,16 +33,16 @@ async function bootstrap() {
     .setSchemes(config.isProd() ? 'https' : 'http')
     .addOAuth2(
       'implicit',
-      `${env.oidc.issuerUrl}/protocol/openid-connect/auth`,
-      `${env.oidc.issuerUrl}/protocol/openid-connect/token`,
+      `${env.auth.issuer}/protocol/openid-connect/auth`,
+      `${env.auth.issuer}/protocol/openid-connect/token`,
     )
     .build();
   const document = SwaggerModule.createDocument(app, options);
   SwaggerModule.setup('docs', app, document, {
     swaggerOptions: {
-      oauth2RedirectUrl: `${env.server.domainUrl})}/docs/oauth2-redirect.html`,
+      oauth2RedirectUrl: `${env.server.domainUrl}/docs/oauth2-redirect.html`,
       oauth: {
-        clientId: env.oidc.client,
+        clientId: env.auth.clientId,
         appName: 'Sumo API',
       },
     },

apps/api/src/main.ts

@@ -34,16 +34,16 @@ async function bootstrap() {
     .setSchemes(config.isProd() ? 'https' : 'http')
     .addOAuth2(
       'implicit',
-      `${env.oidc.issuerUrl}/protocol/openid-connect/auth`,
-      `${env.oidc.issuerUrl}/protocol/openid-connect/token`,
+      `${env.auth.issuer}/protocol/openid-connect/auth`,
+      `${env.auth.issuer}/protocol/openid-connect/token`,
     )
     .build();
   const document = SwaggerModule.createDocument(app, options);
   SwaggerModule.setup('docs', app, document, {
     swaggerOptions: {
-      oauth2RedirectUrl: `${env.server.domainUrl})}/docs/oauth2-redirect.html`,
+      oauth2RedirectUrl: `${env.server.domainUrl}/docs/oauth2-redirect.html`,
       oauth: {
-        clientId: env.oidc.client,
+        clientId: env.auth.clientId,
         appName: 'Sumo API',
         // scopeSeparator: ' ',
         // additionalQueryStringParams: {audience: env.oidc.audience},

package.json

@@ -51,13 +51,11 @@
     "dep-graph": "./node_modules/.bin/nx dep-graph",
     "help": "./node_modules/.bin/nx help",
     "// - API Serve": "API Serve",
-    "api:start:ng": "ng serve api",
-    "api:start": "ts-node -r tsconfig-paths/register apps/api/src/main.ts",
+    "api:start": "ng serve api",
     "api:start:dev": "nodemon --config ./apps/api/nodemon.json",
     "api:start:debug": "nodemon --config ./apps/api/nodemon-debug.json",
+    "api:build": "rimraf dist && ng build api --prod",
     "api:start:prod": "node dist/apps/api/main.js",
-    "api:prestart:prod": "rimraf dist && tsc -p ./apps/api/tsconfig.app.json",
-    "api:webpack": "webpack --config ./apps/api/webpack.config.js",
     "// - API Test": "API Testing",
     "api:test": "jest --projects=apps/api --roots=src",
     "api:test:watch": "jest --projects=apps/api --roots=src --watch",