Merge pull request #23 from edx/rir/update-auth

Update auth to the latest version of edx/frontend-auth

config/webpack.dev.config.js

@@ -79,6 +79,7 @@ module.exports = Merge.smart(commonConfig, {
       LMS_BASE_URL: 'http://localhost:18000',
       LOGIN_URL: 'http://localhost:18000/login',
       LOGOUT_URL: 'http://localhost:18000/login',
+      CSRF_TOKEN_API_PATH: '/csrf/api/v1/token',
       REFRESH_ACCESS_TOKEN_ENDPOINT: 'http://localhost:18000/login',
       DATA_API_BASE_URL: 'http://localhost:8000',
       // LMS_CLIENT_ID should match the lms DOT client application id your LMS container

config/webpack.prod.config.js

@@ -98,6 +98,7 @@ module.exports = Merge.smart(commonConfig, {
       LMS_BASE_URL: null,
       LOGIN_URL: null,
       LOGOUT_URL: null,
+      CSRF_TOKEN_API_PATH: null,
       REFRESH_ACCESS_TOKEN_ENDPOINT: null,
       DATA_API_BASE_URL: null,
       SEGMENT_KEY: null,

package-lock.json

@@ -2965,18 +2965,20 @@
       }
     },
     "@edx/frontend-auth": {
-      "version": "1.1.0",
-      "resolved": "https://registry.npmjs.org/@edx/frontend-auth/-/frontend-auth-1.1.0.tgz",
-      "integrity": "sha512-Pl6CUgwRPHcKx3REX1CXJIGl/WqSCg20IPGNUbpsyQ4ZuIaOi/bxI6dYfGhmOWt8LPLeBiEmGerofEWLNydZ9w==",
+      "version": "1.2.1",
+      "resolved": "https://registry.npmjs.org/@edx/frontend-auth/-/frontend-auth-1.2.1.tgz",
+      "integrity": "sha512-NEc+rAJq5HJ9UACPirezpwTp5yhX9G2AQDPfk1hW4ceEF7BFRMIfzb+nJqmTJkEX/37yRVYUfQFLW+z2j1ZRcw==",
       "requires": {
         "axios": "^0.18.0",
         "jwt-decode": "^2.2.0",
         "prop-types": "^15.5.10",
+        "pubsub-js": "^1.7.0",
         "react": "^16.4.2",
         "react-redux": "^5.0.7",
         "react-router-dom": "^4.3.1",
         "redux": "^4.0.0",
-        "universal-cookie": "^3.0.4"
+        "universal-cookie": "^3.0.4",
+        "url-parse": "^1.4.3"
       },
       "dependencies": {
         "invariant": {
@@ -2987,6 +2989,11 @@
             "loose-envify": "^1.0.0"
           }
         },
+        "querystringify": {
+          "version": "2.1.0",
+          "resolved": "https://registry.npmjs.org/querystringify/-/querystringify-2.1.0.tgz",
+          "integrity": "sha512-sluvZZ1YiTLD5jsqZcDmFyV2EwToyXZBfpoVOmktMmW+VEnhgakFHnasVph65fOjGPTWN0Nw3+XQaSeMayr0kg=="
+        },
         "react": {
           "version": "16.6.3",
           "resolved": "https://registry.npmjs.org/react/-/react-16.6.3.tgz",
@@ -3055,13 +3062,13 @@
             }
           }
         },
-        "scheduler": {
-          "version": "0.11.2",
-          "resolved": "https://registry.npmjs.org/scheduler/-/scheduler-0.11.2.tgz",
-          "integrity": "sha512-+WCP3s3wOaW4S7C1tl3TEXp4l9lJn0ZK8G3W3WKRWmw77Z2cIFUW2MiNTMHn5sCjxN+t7N43HAOOgMjyAg5hlg==",
+        "url-parse": {
+          "version": "1.4.4",
+          "resolved": "https://registry.npmjs.org/url-parse/-/url-parse-1.4.4.tgz",
+          "integrity": "sha512-/92DTTorg4JjktLNLe6GPS2/RvAd/RGr6LuktmWSMLEOa6rjnlrFXNgSbSmkNvCoL2T028A0a1JaJLzRMlFoHg==",
           "requires": {
-            "loose-envify": "^1.1.0",
-            "object-assign": "^4.1.1"
+            "querystringify": "^2.0.0",
+            "requires-port": "^1.0.0"
           }
         },
         "warning": {
@@ -3533,9 +3540,9 @@
       }
     },
     "@types/cookie": {
-      "version": "0.3.1",
-      "resolved": "https://registry.npmjs.org/@types/cookie/-/cookie-0.3.1.tgz",
-      "integrity": "sha512-64Uv+8bTRVZHlbB8eXQgMP9HguxPgnOOIYrQpwHWrtLDrtcG/lILKhUl7bV65NSOIJ9dXGYD7skQFXzhL8tk1A=="
+      "version": "0.3.2",
+      "resolved": "https://registry.npmjs.org/@types/cookie/-/cookie-0.3.2.tgz",
+      "integrity": "sha512-aHQA072E10/8iUQsPH7mQU/KUyQBZAGzTVRCUvnSz8mSvbrYsP4xEO2RSA0Pjltolzi0j8+8ixrm//Hr4umPzw=="
     },
     "@types/node": {
       "version": "9.4.7",
@@ -3545,7 +3552,7 @@
     },
     "@types/object-assign": {
       "version": "4.0.30",
-      "resolved": "https://registry.npmjs.org/@types/object-assign/-/object-assign-4.0.30.tgz",
+      "resolved": "http://registry.npmjs.org/@types/object-assign/-/object-assign-4.0.30.tgz",
       "integrity": "sha1-iUk3HVqZ9Dge4PHfCpt6GH4H5lI="
     },
     "@types/tapable": {
@@ -9162,9 +9169,9 @@
       }
     },
     "follow-redirects": {
-      "version": "1.5.9",
-      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.5.9.tgz",
-      "integrity": "sha512-Bh65EZI/RU8nx0wbYF9shkFZlqLP+6WT/5FnA3cE/djNSuKNHJEinGGZgu/cQEkeeb2GdFOgenAmn8qaqYke2w==",
+      "version": "1.5.10",
+      "resolved": "https://registry.npmjs.org/follow-redirects/-/follow-redirects-1.5.10.tgz",
+      "integrity": "sha512-0V5l4Cizzvqt5D44aTXbFZz+FtyXV1vrDN6qrelxtfYQKW0KO0W2T/hkE8xvGa/540LkZlkaUjO4ailYTFtHVQ==",
       "requires": {
         "debug": "=3.1.0"
       },
@@ -19165,6 +19172,11 @@
         "randombytes": "^2.0.1"
       }
     },
+    "pubsub-js": {
+      "version": "1.7.0",
+      "resolved": "https://registry.npmjs.org/pubsub-js/-/pubsub-js-1.7.0.tgz",
+      "integrity": "sha512-Pb68P9qFZxnvDipHMuj9oT1FoIgBcXJ9C9eWdHCLZAnulaUoJ3+Y87RhGMYilWpun6DMWVmvK70T4RP4drZMSA=="
+    },
     "pump": {
       "version": "2.0.1",
       "resolved": "https://registry.npmjs.org/pump/-/pump-2.0.1.tgz",
@@ -20102,8 +20114,7 @@
     "requires-port": {
       "version": "1.0.0",
       "resolved": "https://registry.npmjs.org/requires-port/-/requires-port-1.0.0.tgz",
-      "integrity": "sha1-kl0mAdOaxIXgkc8NpcbmlNw9yv8=",
-      "dev": true
+      "integrity": "sha1-kl0mAdOaxIXgkc8NpcbmlNw9yv8="
     },
     "resolve": {
       "version": "1.5.0",
@@ -22987,9 +22998,9 @@
       }
     },
     "universal-cookie": {
-      "version": "3.0.4",
-      "resolved": "https://registry.npmjs.org/universal-cookie/-/universal-cookie-3.0.4.tgz",
-      "integrity": "sha512-3rhx6RAIuRmCWJttnbgzMrp2TbHhUmgQ2GrpY/US03Siv5T28iXr2qYw1m3YqmluBxEyrvZaloVemkLSId+Oyg==",
+      "version": "3.0.6",
+      "resolved": "https://registry.npmjs.org/universal-cookie/-/universal-cookie-3.0.6.tgz",
+      "integrity": "sha512-VxVnwj1bWVLuYKAbaeQ6PL4NlIEWB6r4PUjwKp76nFnrLyqQtnOKAHe9dOjESpcJ4gPoc/Zkxb/6ZK+FMuEioA==",
       "requires": {
         "@types/cookie": "^0.3.1",
         "@types/object-assign": "^4.0.30",

package.json

@@ -25,7 +25,7 @@
   },
   "dependencies": {
     "@edx/edx-bootstrap": "^0.4.3",
-    "@edx/frontend-auth": "1.1.0",
+    "@edx/frontend-auth": "^1.2.1",
     "@edx/paragon": "^3.7.2",
     "babel-polyfill": "^6.26.0",
     "classnames": "^2.2.5",

src/config/index.js

@@ -3,6 +3,7 @@ const configuration = {
   LMS_BASE_URL: process.env.LMS_BASE_URL,
   LOGIN_URL: process.env.LOGIN_URL,
   LOGOUT_URL: process.env.LOGOUT_URL,
+  CSRF_TOKEN_API_PATH: process.env.CSRF_TOKEN_API_PATH,
   REFRESH_ACCESS_TOKEN_ENDPOINT: process.env.REFRESH_ACCESS_TOKEN_ENDPOINT,
   DATA_API_BASE_URL: process.env.DATA_API_BASE_URL,
   SECURE_COOKIES: process.env.NODE_ENV !== 'development',

src/data/apiClient.js

@@ -6,6 +6,7 @@ const apiClient = getAuthenticatedAPIClient({
   appBaseUrl: configuration.BASE_URL,
   loginUrl: configuration.LOGIN_URL,
   logoutUrl: configuration.LOGOUT_URL,
+  csrfTokenApiPath: process.env.CSRF_TOKEN_API_PATH,
   refreshAccessTokenEndpoint: configuration.REFRESH_ACCESS_TOKEN_ENDPOINT,
   accessTokenCookieName: configuration.ACCESS_TOKEN_COOKIE_NAME,
   csrfCookieName: configuration.CSRF_COOKIE_NAME,

src/index.jsx

@@ -4,6 +4,7 @@ import ReactDOM from 'react-dom';
 import { BrowserRouter as Router, Route, Switch } from 'react-router-dom';
 import { Provider } from 'react-redux';
 
+import apiClient from './data/apiClient';
 import GradebookPage from './containers/GradebookPage';
 import store from './data/store';
 import './App.scss';
@@ -20,4 +21,6 @@ const App = () => (
   </Provider>
 );
 
-ReactDOM.render(<App />, document.getElementById('root'));
+if (apiClient.ensurePublicOrAuthencationAndCookies(window.location.pathname)) {
+  ReactDOM.render(<App />, document.getElementById('root'));
+}