Merge pull request #1475 from navikt/tech/node-script-get-tokens

Script fetching auth token for local development against forms-api in dev-gcp

Author: akgagnat

README.md

@@ -39,6 +39,7 @@ _(Les mer om bruk av Github npm registry i Nav her: https://github.com/navikt/fr
 | yarn check-types    | sjekker at typene er korrekte                                                |
 | yarn clean          | sletter node_modules / dist / build / coverage for alle pakker i monorepoet  |
 | yarn lint           | se etter problemer i koden                                                   |
+| yarn get-tokens     | henter tokens som brukes mot eksterne api'er ved kjøring lokalt              |
 
 ## Lokal konfigurasjon med dotenv
 
@@ -105,10 +106,12 @@ Sett miljøvariabelen `FORMS_API_URL` i byggeren sin `.env`-fil til riktig port
 
     FORMS_API_URL=http://localhost:8082
 
-Alternativt kan du bruke [azure-token-generator](https://azure-token-generator.intern.dev.nav.no/api/obo?aud=dev-gcp:fyllut-sendinn:forms-api) (krever trygdeetaten-bruker) til å generere et midlertidig access token for å nå forms-api i preprod. Merk at tokenet kun er gyldig en begrenset periode. Legg til følgende miljøvariabler for å få tilgang.
+Alternativt kan du kjøre `yarn get-tokens` for å hente access token ved hjelp av
+[azure-token-generator](https://azure-token-generator.intern.dev.nav.no/api/obo?aud=dev-gcp:fyllut-sendinn:forms-api)
+(krever trygdeetaten-bruker). Merk at tokenet kun er gyldig en begrenset periode. Bruk følgende Forms API url:
 
     FORMS_API_URL=https://forms-api.intern.dev.nav.no
-    FORMS_API_ACCESS_TOKEN=<access-token> // Bruk access_token fra responsen til azure-token-generator
+    FORMS_API_ACCESS_TOKEN=<access-token> // Access token settes ved kjøring av yarn get-tokens
 
 ## Teste publisering av skjema på lokal maskin
 

bin/build-application.sh

@@ -0,0 +1,7 @@
+[
+  {
+    "filePath": "packages/bygger-backend/.env",
+    "name": "FORMS_API_ACCESS_TOKEN",
+    "url": "https://azure-token-generator.intern.dev.nav.no/api/obo?aud=dev-gcp:fyllut-sendinn:forms-api"
+  }
+]

bin/deploy-context.mjs

@@ -0,0 +1,70 @@
+import fs from 'node:fs';
+import path from 'node:path';
+import { createInterface } from 'node:readline';
+import jsonConfig from './token-generator.config.json' with { type: 'json' };
+
+const root = process.cwd();
+
+const COLOR_GREEN = '\x1b[32m';
+const COLOR_ORANGE = '\x1b[33m';
+const COLOR_RESET = '\x1b[0m';
+
+const ICON_CLOCK = '\u23F0';
+
+function readLineFromStdin() {
+  return new Promise((resolve) => {
+    const rl = createInterface({ input: process.stdin });
+    rl.on('line', (line) => {
+      resolve(line.trim());
+      rl.close();
+    });
+  });
+}
+
+function getExp(accessToken) {
+  try {
+    const [, payload] = accessToken.split('.');
+    const decodedPayload = JSON.parse(Buffer.from(payload, 'base64').toString('utf-8'));
+    const expiryTimestamp = decodedPayload.exp;
+    return new Date(expiryTimestamp * 1000).toISOString();
+  } catch (_err) {
+    return '<unknown>';
+  }
+}
+
+for (const env of jsonConfig) {
+  process.stdout.write(`Visit ${env.url}\n`);
+  process.stdout.write(`${COLOR_ORANGE}Paste access_token:${COLOR_RESET} `);
+  const accessToken = await readLineFromStdin();
+
+  const envContent = fs.readFileSync(path.join(root, env.filePath), { encoding: 'utf-8', flag: 'r' });
+  const lines = envContent.split('\n');
+  const tokenLine = `${env.name}=${accessToken}`;
+  let tokenLineReplaced = false;
+
+  for (let lineIndex = 0; lineIndex < lines.length; lineIndex++) {
+    const currentLineContainsToken = lines[lineIndex].includes(`${env.name}=`);
+    if (currentLineContainsToken) {
+      if (!tokenLineReplaced) {
+        // Replace line with correct token
+        lines[lineIndex] = tokenLine;
+        tokenLineReplaced = true;
+      } else if (!lines[lineIndex].startsWith('#')) {
+        // Comment out any additional lines containing token if the token has already been replaced
+        lines[lineIndex] = `#${lines[lineIndex]}`;
+      }
+    }
+  }
+
+  if (!tokenLineReplaced) {
+    // Add line with token if it did not exist
+    lines.push(tokenLine);
+  }
+
+  process.stdout.write(`• Token ${env.name} expires at ${getExp(accessToken)} ${ICON_CLOCK} \n`);
+
+  const newEnvContent = lines.join('\n');
+  fs.writeFileSync(path.join(root, env.filePath), newEnvContent);
+}
+
+process.stdout.write(`${COLOR_GREEN}Token ready, remember to restart dev server${COLOR_RESET} \n`);

bin/package-locator.mjs

@@ -22,6 +22,7 @@
   "scripts": {
     "build": "yarn workspaces run build",
     "clean": "yarn workspaces run clean",
+    "get-tokens": "node bin/token-generator.mjs",
     "start": "concurrently --kill-others-on-fail \"yarn:start:fyllut\" \"yarn:start:bygger\"",
     "start:bygger": "concurrently --kill-others-on-fail \"yarn workspace @navikt/bygger-backend start\" \"yarn workspace @navikt/bygger-frontend start\"",
     "start:fyllut": "concurrently --kill-others-on-fail \"yarn workspace @navikt/fyllut-backend start\" \"yarn workspace @navikt/fyllut-frontend start\"",