Merge pull request #846 from opencb/TASK-5487

TASK-5487 - Allow IVA configuration for setting cookies in secure/insecure mode
opencb · Jan 30, 2024 · e776b34 · e776b34
2 parents b90d93a + 2faa907
commit e776b34
Show file tree

Hide file tree

Showing 3 changed files with 27 additions and 16 deletions.
diff --git a/src/core/clients/opencga/opencga-client.js b/src/core/clients/opencga/opencga-client.js
@@ -55,7 +55,8 @@ export class OpenCGAClient {
             },
             cookies: {
                 active: true,
-                prefix: ""
+                prefix: "",
+                secure: true,
                 // expirationTime: ""
             },
             sso: {
@@ -316,9 +317,13 @@ export class OpenCGAClient {
     #setCookies(userId, token) {
         if (userId && token) {
             // eslint-disable-next-line no-undef
-            Cookies.set(this._config.cookies.prefix + "_userId", userId, {secure: true});
+            Cookies.set(this._config.cookies.prefix + "_userId", userId, {
+                secure: this._config.cookies.secure ?? true,
+            });
             // eslint-disable-next-line no-undef
-            Cookies.set(this._config.cookies.prefix + "_sid", this._config.token, {secure: true});
+            Cookies.set(this._config.cookies.prefix + "_sid", this._config.token, {
+                secure: this._config.cookies.secure ?? true,
+            });
         } else {
             // eslint-disable-next-line no-undef
             Cookies.expire(this._config.cookies.prefix + "_userId");
@@ -344,11 +349,8 @@ export class OpenCGAClient {
         return opencgaSession;
     }
 
-    /**
-     * Creates an authenticated session for the user and token of the current OpenCGAClient. The token is taken from the
-     * opencgaClient object itself.
-     * @returns {Promise<any>}
-     */
+    // Creates an authenticated session for the user and token of the current OpenCGAClient. The token is taken from the
+    // opencgaClient object itself.
     createSession() {
         const _this = this;
         return new Promise((resolve, reject) => {

diff --git a/src/sites/iva/conf/config.js b/src/sites/iva/conf/config.js
@@ -35,7 +35,8 @@ const opencga = {
     host: hosts[1].url,
     version: "v2",
     cookie: {
-        prefix: "iva-" + hosts[1].id
+        prefix: "iva-" + hosts[1].id,
+        secure: true,
     },
     sso: {
         active: false,

diff --git a/src/sites/iva/iva-app.js b/src/sites/iva/iva-app.js
@@ -336,7 +336,8 @@ class IvaApp extends LitElement {
             // Initialize opencga configuration
             const opencgaHost = serverConf?.host || this.config.opencga.host;
             const opencgaVersion = serverConf?.version || this.config.opencga.version;
-            const opencgaPrefix = serverConf?.cookie?.prefix || this.config.opencga.cookie.prefix;
+            const opencgaCookiePrefix = serverConf?.cookie?.prefix || this.config.opencga.cookie.prefix;
+            const opencgaCookieSecure = serverConf?.cookie?.secure ?? this.config.opencga.cookie?.secure ?? true;
             const opencgaSsoActive = serverConf?.sso?.active ?? this.config.opencga.sso?.active ?? false;
             const opencgaSsoCookie = serverConf?.sso?.cookie ?? this.config.opencga.sso?.cookie ?? "JSESSIONID";
 
@@ -346,15 +347,21 @@ class IvaApp extends LitElement {
                 if (currentUrl.searchParams.has("token") && currentUrl.searchParams.has(opencgaSsoCookie)) {
                     // Save token and session ID in cookies
                     // eslint-disable-next-line no-undef
-                    Cookies.set(opencgaSsoCookie, currentUrl.searchParams.get(opencgaSsoCookie), {secure: true});
+                    Cookies.set(opencgaSsoCookie, currentUrl.searchParams.get(opencgaSsoCookie), {
+                        secure: opencgaCookieSecure,
+                    });
                     // eslint-disable-next-line no-undef
-                    Cookies.set(opencgaPrefix + "_sid", currentUrl.searchParams.get("token"), {secure: true});
+                    Cookies.set(opencgaCookiePrefix + "_sid", currentUrl.searchParams.get("token"), {
+                        secure: opencgaCookieSecure,
+                    });
 
                     // Decode token to get user ID
                     // eslint-disable-next-line no-undef
                     const decodedToken = jwt_decode(currentUrl.searchParams.get("token"));
                     // eslint-disable-next-line no-undef
-                    Cookies.set(opencgaPrefix + "_userId", decodedToken.sub, {secure: true});
+                    Cookies.set(opencgaCookiePrefix + "_userId", decodedToken.sub, {
+                        secure: opencgaCookieSecure,
+                    });
 
                     // We need to remove the params from the url
                     Array.from(currentUrl.searchParams.keys()).forEach(key => {
@@ -369,8 +376,8 @@ class IvaApp extends LitElement {
 
             // Initialise clients and create the session
             // this.opencgaClientConfig.serverVersion = this.config.opencga.serverVersion;
-            const sid = Cookies.get(opencgaPrefix + "_sid");
-            const userId = Cookies.get(opencgaPrefix + "_userId");
+            const sid = Cookies.get(opencgaCookiePrefix + "_sid");
+            const userId = Cookies.get(opencgaCookiePrefix + "_userId");
 
             this.opencgaClient = new OpenCGAClient({
                 host: opencgaHost,
@@ -379,7 +386,8 @@ class IvaApp extends LitElement {
                 userId: userId,
                 cookies: {
                     active: true,
-                    prefix: opencgaPrefix,
+                    prefix: opencgaCookiePrefix,
+                    secure: opencgaCookieSecure,
                 },
                 sso: {
                     active: opencgaSsoActive,