Merge pull request #58 from credebl/27-supabase-integration

Supabase integration: 27

apps/api-gateway/src/authz/authz.module.ts

@@ -11,10 +11,11 @@ import { JwtStrategy } from './jwt.strategy';
 import { MobileJwtStrategy } from './mobile-jwt.strategy';
 import { Module } from '@nestjs/common';
 import { PassportModule } from '@nestjs/passport';
-import { VerificationService } from '../verification/verification.service';
 import { SocketGateway } from './socket.gateway';
+import { SupabaseService } from '@credebl/supabase';
 import { UserModule } from '../user/user.module';
 import { UserService } from '../user/user.service';
+import { VerificationService } from '../verification/verification.service';
 
 //import { WebhookService } from "../../../platform-service/src/webhook/webhook.service";
 
@@ -46,7 +47,8 @@ import { UserService } from '../user/user.service';
     ConnectionService,
     AgentService,
     CommonService,
-    UserService
+    UserService,
+    SupabaseService
   ],
   exports: [
     PassportModule,

apps/api-gateway/src/authz/jwt.strategy.ts

@@ -1,17 +1,12 @@
-// src/authz/jwt.strategy.ts
-
 import * as dotenv from 'dotenv';
-import * as jwt from 'jsonwebtoken';
 
 import { ExtractJwt, Strategy } from 'passport-jwt';
 import { Injectable, Logger } from '@nestjs/common';
 
-import { CommonConstants } from '@credebl/common/common.constant';
 import { JwtPayload } from './jwt-payload.interface';
 import { NotFoundException } from '@nestjs/common';
 import { PassportStrategy } from '@nestjs/passport';
 import { UserService } from '../user/user.service';
-import { passportJwtSecret } from 'jwks-rsa';
 
 dotenv.config();
 
@@ -23,33 +18,17 @@ export class JwtStrategy extends PassportStrategy(Strategy) {
     private readonly usersService: UserService
   ) {
     super({
-
-      secretOrKeyProvider: (request, jwtToken, done) => {
-        const decodedToken = jwt.decode(jwtToken) as jwt.JwtPayload;       
-        const audiance = decodedToken.iss.toString();       
-        const jwtOptions = {
-          cache: true,
-          rateLimit: true,
-          jwksRequestsPerMinute: 5,
-          jwksUri: `${audiance}${CommonConstants.URL_KEYCLOAK_JWKS}`
-        };
-        const secretprovider = passportJwtSecret(jwtOptions);
-        let certkey;
-        secretprovider(request, jwtToken, async (err, data) => {       
-          certkey = data;
-          done(null, certkey);
-        });
-      },
       jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
-      algorithms: ['RS256']
+      secretOrKey: process.env.SUPABASE_JWT_SECRET,
+      ignoreExpiration: false
     });
   }
   async validate(payload: JwtPayload): Promise<object> {
-
-    const userDetails = await this.usersService.findUserByKeycloakId(payload?.sub);
+    
+    const userDetails = await this.usersService.findUserinSupabase(payload.sub);
 
     if (!userDetails.response) {
-      throw new NotFoundException('Keycloak user not found');
+      throw new NotFoundException('User not found');
     }
 
     return {

apps/api-gateway/src/user/user.service.ts

@@ -69,16 +69,17 @@ export class UserService extends BaseService {
     }
   }
 
-  async findUserByKeycloakId(id: string): Promise<{ response: object }> {
+  async findUserinSupabase(id: string): Promise<{ response: object }> {
     const payload = { id };
 
     try {
-      return this.sendNats(this.serviceProxy, 'get-user-by-keycloak-id', payload);
+      return this.sendNats(this.serviceProxy, 'get-user-by-supabase', payload);
     } catch (error) {
       this.logger.error(`Error in get user:${JSON.stringify(error)}`);
     }
   }
 
+
   async invitations(id: number, status: string, getAllInvitationsDto: GetAllInvitationsDto): Promise<{ response: object }> {
     const {pageNumber, pageSize, search} = getAllInvitationsDto;
     const payload = { id, status, pageNumber, pageSize, search };

apps/user/interfaces/user.interface.ts

@@ -9,7 +9,7 @@ export interface UserI {
     isEmailVerified?: boolean,
     clientId?: string,
     clientSecret?: string,
-    keycloakUserId?: string,
+    supabaseUserId?: string,
     userOrgRoles?: object
 }
 

apps/user/repositories/fido-user.repository.ts

@@ -1,5 +1,3 @@
-import * as bcrypt from 'bcrypt';
-
 import { Injectable, Logger, NotFoundException } from '@nestjs/common';
 import { CreateUserDto } from '../dtos/create-user.dto';
 import { InternalServerErrorException } from '@nestjs/common';
@@ -34,7 +32,6 @@ export class FidoUserRepository {
           email: createUserDto.email,
           firstName: createUserDto.firstName,
           lastName: createUserDto.lastName,
-          password: await bcrypt.hash(createUserDto.password, 10),
           verificationCode: verifyCode
         }
       });

apps/user/repositories/user.repository.ts

@@ -1,10 +1,10 @@
 /* eslint-disable prefer-destructuring */
 
-import * as bcrypt from 'bcrypt';
 import { Injectable, Logger, NotFoundException } from '@nestjs/common';
+import { UpdateUserProfile, UserEmailVerificationDto, UserI, userInfo } from '../interfaces/user.interface';
+
 import { InternalServerErrorException } from '@nestjs/common';
 import { PrismaService } from '@credebl/prisma-service';
-import { UpdateUserProfile, UserEmailVerificationDto, UserI, userInfo } from '../interfaces/user.interface';
 // eslint-disable-next-line camelcase
 import { user } from '@prisma/client';
 import { v4 as uuidv4 } from 'uuid';
@@ -136,23 +136,22 @@ export class UserRepository {
    * @param id
    * @returns User data
    */
-  async getUserByKeycloakId(id: string): Promise<object> {
+  async getUserBySupabaseId(id: string): Promise<object> {
     try {
       return this.prisma.user.findFirst({
         where: {
-          keycloakUserId: id
+          supabaseUserId: id
         },
         select: {
           id: true,
           username: true,
-          password: false,
           email: true,
           firstName: true,
           lastName: true,
           isEmailVerified: true,
           clientId: true,
           clientSecret: true,
-          keycloakUserId: true,
+          supabaseUserId: true,
           userOrgRoles: {
             include: {
               orgRole: true,
@@ -195,7 +194,6 @@ export class UserRepository {
       select: {
         id: true,
         username: true,
-        password: false,
         email: true,
         firstName: true,
         lastName: true,
@@ -204,7 +202,7 @@ export class UserRepository {
         isEmailVerified: true,
         clientId: true,
         clientSecret: true,
-        keycloakUserId: true,
+        supabaseUserId: true,
         userOrgRoles: {
           include: {
             orgRole: true,
@@ -241,7 +239,6 @@ export class UserRepository {
       select: {
         id: true,
         username: true,
-        password: false,
         email: true,
         firstName: true,
         lastName: true,
@@ -274,15 +271,15 @@ export class UserRepository {
    * @returns Updates organization details
    */
   // eslint-disable-next-line camelcase
-  async updateUserDetails(id: number, keycloakUserId: string): Promise<user> {
+  async updateUserDetails(id: number, supabaseUserId: string): Promise<user> {
     try {
       const updateUserDetails = await this.prisma.user.update({
         where: {
           id
         },
         data: {
           isEmailVerified: true,
-          keycloakUserId
+          supabaseUserId
         }
       });
       return updateUserDetails;
@@ -306,8 +303,7 @@ export class UserRepository {
         },
         data: {
           firstName: userInfo.firstName,
-          lastName: userInfo.lastName,
-          password: await bcrypt.hash(userInfo.password, 10)
+          lastName: userInfo.lastName
         }
       });
       return updateUserDetails;
@@ -333,14 +329,13 @@ export class UserRepository {
         select: {
           id: true,
           username: true,
-          password: false,
           email: true,
           firstName: true,
           lastName: true,
           isEmailVerified: true,
           clientId: true,
           clientSecret: true,
-          keycloakUserId: true,
+          supabaseUserId: true,
           userOrgRoles: {
             where: {
               ...filterOptions
@@ -399,14 +394,13 @@ export class UserRepository {
           select: {
             id: true,
             username: true,
-            password: false,
             email: true,
             firstName: true,
             lastName: true,
             isEmailVerified: true,
             clientId: false,
             clientSecret: false,
-            keycloakUserId: false
+            supabaseUserId: false
           },
           take: pageSize,
           skip: (pageNumber - 1) * pageSize,

apps/user/src/fido/fido.module.ts

@@ -11,6 +11,7 @@ import { KeycloakUrlService } from '@credebl/keycloak-url';
 import { OrgRolesRepository } from 'libs/org-roles/repositories';
 import { OrgRolesService } from '@credebl/org-roles';
 import { PrismaService } from '@credebl/prisma-service';
+import { SupabaseService } from '@credebl/supabase';
 import { UserActivityRepository } from 'libs/user-activity/repositories';
 import { UserActivityService } from '@credebl/user-activity';
 import { UserDevicesRepository } from '../../repositories/user-device.repository';
@@ -32,7 +33,7 @@ import { UserService } from '../user.service';
     ]),
     HttpModule,
     CommonModule
-  ],
+],
   controllers: [FidoController],
   providers: [
     UserService,
@@ -41,6 +42,7 @@ import { UserService } from '../user.service';
     UserRepository,
     UserDevicesRepository,
     ClientRegistrationService,
+    SupabaseService,
     Logger,
     KeycloakUrlService,
     FidoUserRepository,

apps/user/src/user.controller.ts

@@ -51,14 +51,15 @@ export class UserController {
     return this.userService.updateUserProfile(payload.updateUserProfileDto);
   }
 
-  @MessagePattern({ cmd: 'get-user-by-keycloak-id' })
-  async findByKeycloakId(payload: { id }): Promise<object> {
-    return this.userService.findByKeycloakId(payload);
+  @MessagePattern({ cmd: 'get-user-by-supabase' }) 
+  async findSupabaseUser(payload: { id }): Promise<object> {
+    return this.userService.findSupabaseUser(payload);
   }
 
+
   @MessagePattern({ cmd: 'get-user-by-mail' })
   async findUserByEmail(payload: { email }): Promise<object> {
-    return this.userService.findUserByEmail(payload);
+    return this.userService.findUserByEmail(payload); 
   }
 
   @MessagePattern({ cmd: 'get-org-invitations' })
@@ -106,7 +107,7 @@ export class UserController {
   }
   @MessagePattern({ cmd: 'add-user' })
   async addUserDetailsInKeyCloak(payload: { userEmail: string, userInfo: userInfo }): Promise<string | object> {
-    return this.userService.createUserInKeyCloak(payload.userEmail, payload.userInfo);
+    return this.userService.createUserForToken(payload.userEmail, payload.userInfo);
   }
 
   // Fetch Users recent activities

apps/user/src/user.module.ts

@@ -8,6 +8,7 @@ import { FidoModule } from './fido/fido.module';
 import { KeycloakUrlService } from '@credebl/keycloak-url';
 import { OrgRolesRepository } from 'libs/org-roles/repositories';
 import { PrismaService } from '@credebl/prisma-service';
+import { SupabaseService } from '@credebl/supabase';
 import { UserActivityRepository } from 'libs/user-activity/repositories';
 import { UserActivityService } from '@credebl/user-activity';
 import { UserController } from './user.controller';
@@ -30,14 +31,15 @@ import { UserService } from './user.service';
     CommonModule,
     FidoModule,
     OrgRolesModule
-  ],
+],
   controllers: [UserController],
   providers: [
     UserService,
     UserRepository,
     PrismaService,
     Logger,
     ClientRegistrationService,
+    SupabaseService,
     KeycloakUrlService,
     OrgRolesService,
     UserOrgRolesService,