feat(auth): switching OpenID Connect provider to Google

hosting KeyCloak is expensive, so for now using Google as OIDC provider

angular.json

@@ -104,26 +104,27 @@
                 {
                   "type": "bundle",
                   "name": "main",
-                  "baseline": "10mb",
+                  "baseline": "8mb",
                   "maximumError": "20%",
                   "maximumWarning": "10%"
                 },
                 {
                   "type": "initial",
-                  "maximumWarning": "2mb",
-                  "maximumError": "5mb"
+                  "baseline": "1500kb",
+                  "maximumError": "20%",
+                  "maximumWarning": "10%"
                 },
                 {
                   "type": "allScript",
-                  "baseline": "4.5mb",
+                  "baseline": "1.8mb",
                   "maximumError": "20%",
                   "maximumWarning": "10%",
                   "minimumError": "20%",
                   "minimumWarning": "10%"
                 },
                 {
                   "type": "all",
-                  "baseline": "50mb",
+                  "baseline": "6.5mb",
                   "maximumError": "20%",
                   "maximumWarning": "10%"
                 }

apps/api/package.json

@@ -31,7 +31,7 @@
     "class-validator": "^0.9.1",
     "cli-ux": "4.9.3",
     "cls-hooked": "^4.2.2",
-    "helmet": "^3.16.0",
+    "helmet": "^3.17.0",
     "kubernetes-client": "^7.0.0",
     "nest-router": "^1.0.0",
     "nodemailer": "^6.1.1",
@@ -43,7 +43,7 @@
     "rxjs": "^6.5.1",
     "sharp": "^0.22.1",
     "swagger-ui-express": "^4.0.2",
-    "typeorm": "^0.2.16",
+    "typeorm": "^0.2.17",
     "typeorm-express-query-builder": "^1.1.1",
     "web-push": "^3.3.3"
   },
@@ -59,7 +59,7 @@
   "optionalDependencies": {
     "@nestjs/schematics": "^6.2.0",
     "@nestjs/testing": "^6.1.0",
-    "nodemon": "^1.18.0",
+    "nodemon": "^1.19.0",
     "supertest": "^4.0.0"
   }
 }

apps/webapp/src/app/app.module.ts

@@ -27,12 +27,24 @@ export class MyHammerConfig extends HammerGestureConfig {
     RouterModule.forRoot(
       [
         { path: '', redirectTo: 'home', pathMatch: 'full' },
-        { path: 'home', loadChildren: '@ngx-starter-kit/home#HomeModule', data: { preload: true } },
-        { path: 'dashboard', loadChildren: '@ngx-starter-kit/dashboard#DashboardModule', data: { preload: true } },
-        { path: 'admin', loadChildren: '@ngx-starter-kit/admin#AdminModule', data: { preload: false } },
+        {
+          path: 'home',
+          loadChildren: () => import('@ngx-starter-kit/home').then(m => m.HomeModule),
+          data: { preload: true },
+        },
+        {
+          path: 'dashboard',
+          loadChildren: () => import('@ngx-starter-kit/dashboard').then(m => m.DashboardModule),
+          data: { preload: true },
+        },
+        {
+          path: 'admin',
+          loadChildren: () => import('@ngx-starter-kit/admin').then(m => m.AdminModule),
+          data: { preload: false },
+        },
         {
           path: '404',
-          loadChildren: '@ngx-starter-kit/not-found#NotFoundModule',
+          loadChildren: () => import('@ngx-starter-kit/not-found').then(m => m.NotFoundModule),
           data: { title: '404', preload: false },
         },
         // 404 should be last

apps/webapp/src/environments/environment.ts

@@ -14,9 +14,12 @@ export const environment: IEnvironment = {
   WS_EVENT_BUS_URL: 'ws://localhost:3000/eventbus',
 
   auth: {
-    clientId: 'ngxweb',
-    // issuer: 'http://localhost:8080/auth/realms/ngx',
-    issuer: 'https://keycloak-ngx1.1d35.starter-us-east-1.openshiftapps.com/auth/realms/ngx',
+    // clientId: 'ngxweb',
+    // // issuer: 'http://localhost:8080/auth/realms/ngx',
+    // issuer: 'https://keycloak-ngx1.1d35.starter-us-east-1.openshiftapps.com/auth/realms/ngx',
+
+    clientId: '791772336084-vkt37abstm1du92ofdmhgi30vgd7t0oa.apps.googleusercontent.com',
+    issuer: 'https://accounts.google.com'
   },
 };
 

libs/auth/src/lib/components/login/login.component.html

@@ -26,7 +26,8 @@
         placeholder="Usernames:  sumo, sumo1, sumo2, sumo3"
         formControlName="username"
       />
-      <mat-hint>Usernames: sumo, sumo1, sumo2, sumo3</mat-hint>
+<!--      <mat-hint>Usernames: sumo, sumo1, sumo2, sumo3</mat-hint>-->
+      <mat-hint>now support Google Login only. Click Google button below</mat-hint>
       <mat-error *ngIf="loginForm.get('username').hasError('required')">We need an username to log you in</mat-error>
     </mat-form-field>
 
@@ -76,7 +77,7 @@
       <button mat-mini-fab (click)="initSSO()" matTooltip="Login with KeyCloak" matTooltipPosition="above">
         <mat-icon>security</mat-icon>
       </button>
-      <button mat-mini-fab matTooltip="Login with Google" matTooltipPosition="above">
+      <button mat-mini-fab (click)="initSSO()" matTooltip="Login with Google" matTooltipPosition="above">
         <fa-icon [icon]="['fab', 'google']"></fa-icon>
       </button>
       <button mat-mini-fab matTooltip="Login with Twitter" matTooltipPosition="above">

libs/auth/src/lib/components/login/login.component.ts

@@ -53,9 +53,9 @@ export class LoginComponent {
   }
 
   initSSO() {
-    this.store.dispatch(new ChangeAuthMode(AuthMode.CodeFLow)).subscribe(() => {
-      // this.oauthService.initImplicitFlow();
-      this.oauthService.initAuthorizationCodeFlow();
+    this.store.dispatch(new ChangeAuthMode(AuthMode.ImplicitFLow)).subscribe(() => {
+      this.oauthService.initImplicitFlow();
+      // this.oauthService.initAuthorizationCodeFlow();
       console.log('initSSO');
     });
   }

libs/auth/src/lib/oauth.config.ts

@@ -15,6 +15,9 @@ const authConfig: AuthConfig = {
   // The SPA's id. The SPA is registerd with this id at the auth-server
   clientId: environment.auth.clientId,
 
+  // for Google Auth, use false
+  strictDiscoveryDocumentValidation: false,
+
   // set the scope for the permissions the client should request
   // The first three are defined by OIDC. The 4th is a usecase-specific one
   scope: 'openid profile email',

libs/auth/src/lib/oauth.init.ts

@@ -2,11 +2,12 @@ import { OAuthService } from '@xmlking/angular-oauth2-oidc-all';
 import { Store } from '@ngxs/store';
 import { LoginSuccess } from './auth.actions';
 import { AuthorizationErrorResponse } from './oauth.errors';
-import { authConfigCodeFlow } from './oauth.config';
+import { authConfigImplicit, authConfigCodeFlow } from './oauth.config';
 
 export function initializeAuth(oauthService: OAuthService, store: Store) {
-  // default: CodeFlow
-  oauthService.configure(authConfigCodeFlow);
+  // use appropriate authConfig, matching to initSSO() in login.component.ts
+  // oauthService.configure(authConfigCodeFlow);
+  oauthService.configure(authConfigImplicit);
   oauthService.setStorage(sessionStorage);
 
   return async () => {

libs/dashboard/src/lib/dashboard.module.ts

@@ -106,17 +106,17 @@ const matModules = [
           },
           {
             path: 'grid',
-            loadChildren: '@ngx-starter-kit/grid#GridModule',
+            loadChildren: () => import('@ngx-starter-kit/grid').then(m => m.GridModule),
             data: { title: 'Grid', depth: 2, preload: false },
           },
           {
             path: 'experiments',
-            loadChildren: '@ngx-starter-kit/experiments#ExperimentsModule',
+            loadChildren: () => import('@ngx-starter-kit/experiments').then(m => m.ExperimentsModule),
             data: { title: 'Experiments', depth: 2, preload: false },
           },
           {
             path: 'widgets',
-            loadChildren: '@ngx-starter-kit/widgets#WidgetsModule',
+            loadChildren: () => import('@ngx-starter-kit/widgets').then(m => m.WidgetsModule),
             data: { title: 'Widgets', depth: '2', preload: false },
           },
         ],

package.json

@@ -120,8 +120,8 @@
     "@fortawesome/fontawesome-svg-core": "^1.2.0",
     "@fortawesome/free-brands-svg-icons": "^5.8.0",
     "@fortawesome/free-solid-svg-icons": "^5.8.0",
-    "@ngx-formly/core": "^5.1.0",
-    "@ngx-formly/material": "^5.1.0",
+    "@ngx-formly/core": "^5.1.1",
+    "@ngx-formly/material": "^5.1.1",
     "@ngx-lite/in-viewport": "^0.1.3",
     "@ngx-lite/input-star-rating": "^0.2.5",
     "@ngx-lite/input-tag": "^0.3.8",
@@ -131,7 +131,7 @@
     "@ngxs/router-plugin": "^3.4.3",
     "@ngxs/storage-plugin": "^3.4.3",
     "@ngxs/store": "^3.4.3",
-    "@xmlking/angular-oauth2-oidc-all": "^5.2.1",
+    "@xmlking/angular-oauth2-oidc-all": "^6.0.0",
     "@xmlking/api-ai-javascript": "^2.0.0-beta.22",
     "@xmlking/ngx-knob": "^0.2.0",
     "@xmlking/ngx-quicklink": "0.0.11",
@@ -167,7 +167,7 @@
     "swagger-ui-express": "^4.0.2",
     "tslib": "^1.9.0",
     "uuid": "^3.3.2",
-    "zone.js": "~0.9.0"
+    "zone.js": "~0.9.1"
   },
   "devDependencies": {
     "@angular-devkit/build-angular": "0.800.0-beta.10",
@@ -186,11 +186,11 @@
     "@types/hammerjs": "^2.0.36",
     "@types/jest": "^24.0.0",
     "@types/jquery": "^3.3.29",
-    "@types/node": "^11.13.8",
+    "@types/node": "^12.0.0",
     "@types/socket.io-client": "^1.4.32",
     "loaders.css": "^0.1.2",
     "rimraf": "^2.6.2",
-    "ts-loader": "^5.4.4",
+    "ts-loader": "^5.4.5",
     "ts-node": "~8.1.0",
     "tsconfig-paths": "^3.8.0",
     "tsickle": "^0.35.0",
@@ -201,7 +201,7 @@
     "@commitlint/cli": "^7.5.0",
     "@commitlint/config-conventional": "^7.5.0",
     "@compodoc/compodoc": "^1.1.0",
-    "@ngx-formly/schematics": "^5.1.0",
+    "@ngx-formly/schematics": "^5.1.1",
     "@ngxs/schematics": "0.0.1-alpha.5",
     "@semantic-release/changelog": "^3.0.0",
     "@semantic-release/git": "^7.0.0",
@@ -212,11 +212,11 @@
     "commitizen": "^3.1.1",
     "cypress": "^3.2.0",
     "cz-conventional-changelog": "^2.1.0",
-    "dotenv": "^7.0.0",
-    "husky": "^2.1.0",
+    "dotenv": "^8.0.0",
+    "husky": "^2.2.0",
     "jest": "^24.7.0",
     "jest-preset-angular": "^7.1.0",
-    "lint-staged": "^8.1.0",
+    "lint-staged": "^8.1.6",
     "lite-server": "^2.4.0",
     "ng-packagr": "^5.1.0",
     "prettier": "^1.17.0",