Revert RTR (#1371)

Revert all PRs related to STCOR-571, which implemented RTR
in a service worker. This includes the following:

* Revert "STCOR-759 return non-okapi request fetches as-is (#1369)"
  This reverts commit a323456.
* Revert "STCOR-759 read okapi config from micro-stripes-config (#1366)"
  This reverts commit 6c6a85e.
* Revert "STCOR-756 correctly evaluate token lifespan (#1363)"
  This reverts commit 607dc5c.
* Revert "STCOR-574 rotate tokens after 80% of their TTL (#1361)"
  This reverts commit dd71819.
* Revert "STCOR-671 handle access-control via cookies (#1346)"
  This reverts commit 27d2948.

Also, add a dummy service-worker.js file to appease stripes-webpack.
This removes the need to do extra clean-up work in that repository.

CHANGELOG.md

@@ -6,10 +6,7 @@
 * Avoid private path when import `validateUser` function. Refs STCOR-749.
 * Ensure `<AppIcon>` is not cut off when app name is long. Refs STCOR-752.
 * Use cookies and RTR instead of directly handling the JWT. Refs STCOR-671, FOLIO-3627.
-* Shrink the token lifespan so we are less likely to use an expired one. Refs STCOR-754.
-* Correctly evaluate token lifespan; use consistent protocol for service worker messages. Refs STCOR-756.
 * Allow console to be preserved on logout. STCOR-761.
-* Do not catch and reject non-okapi request errors. Refs STCOR-759, UILDP-129.
 
 ## [10.0.0](https://github.com/folio-org/stripes-core/tree/v10.0.0) (2023-10-11)
 [Full Changelog](https://github.com/folio-org/stripes-core/compare/v9.0.0...v10.0.0)
@@ -35,7 +32,6 @@
 * *BREAKING* bump `react-intl` to `v6.4.4`. Refs STCOR-744.
 * Bump `stylelint` to `v15` and `stylelint-config-standard` to `v34`. Refs STCOR-745.
 * Read ky timeout from stripes-config value. Refs STCOR-594.
-* *BREAKING* use cookies and RTR instead of directly handling the JWT. Refs STCOR-671, FOLIO-3627.
 
 ## [9.0.0](https://github.com/folio-org/stripes-core/tree/v9.0.0) (2023-01-30)
 [Full Changelog](https://github.com/folio-org/stripes-core/compare/v8.3.0...v9.0.0)

index.js

@@ -45,7 +45,3 @@ export { userLocaleConfig } from './src/loginServices';
 export * from './src/consortiaServices';
 export { default as queryLimit } from './src/queryLimit';
 export { default as init } from './src/init';
-
-/* RTR and service worker */
-export { postTokenExpiration } from './src/loginServices';
-export { registerServiceWorker, unregisterServiceWorker } from './src/serviceWorkerRegistration';

package.json

@@ -74,7 +74,6 @@
     "graphql": "^16.0.0",
     "history": "^4.6.3",
     "hoist-non-react-statics": "^3.3.0",
-    "inactivity-timer": "^1.0.0",
     "jwt-decode": "^3.1.2",
     "ky": "^0.23.0",
     "localforage": "^1.5.6",

src/App.js

@@ -11,7 +11,6 @@ import gatherActions from './gatherActions';
 import { destroyStore } from './mainActions';
 
 import Root from './components/Root';
-import { registerServiceWorker } from './serviceWorkerRegistration';
 
 export default class StripesCore extends Component {
   static propTypes = {
@@ -31,12 +30,6 @@ export default class StripesCore extends Component {
     this.epics = configureEpics(connectErrorEpic);
     this.store = configureStore(initialState, this.logger, this.epics);
     this.actionNames = gatherActions();
-
-    // register a service worker, providing okapi and stripes config details.
-    // the service worker functions as a proxy between between the browser
-    // and the network, intercepting ALL fetch requests to make sure they
-    // are accompanied by a valid access-token.
-    registerServiceWorker(okapiConfig, config, this.logger);
   }
 
   componentWillUnmount() {

src/RootWithIntl.js

@@ -46,13 +46,13 @@ class RootWithIntl extends React.Component {
       logger: PropTypes.object.isRequired,
       clone: PropTypes.func.isRequired,
     }).isRequired,
-    isAuthenticated: PropTypes.bool,
+    token: PropTypes.string,
     disableAuth: PropTypes.bool.isRequired,
     history: PropTypes.shape({}),
   };
 
   static defaultProps = {
-    isAuthenticated: false,
+    token: '',
     history: {},
   };
 
@@ -66,7 +66,7 @@ class RootWithIntl extends React.Component {
 
   render() {
     const {
-      isAuthenticated,
+      token,
       disableAuth,
       history,
     } = this.props;
@@ -85,7 +85,7 @@ class RootWithIntl extends React.Component {
               >
                 <Provider store={stripes.store}>
                   <Router history={history}>
-                    { isAuthenticated || disableAuth ?
+                    { token || disableAuth ?
                       <>
                         <MainContainer>
                           <AppCtxMenuProvider>

src/Stripes.js

@@ -49,18 +49,18 @@ export const stripesShape = PropTypes.shape({
     ]),
     okapiReady: PropTypes.bool,
     tenant: PropTypes.string.isRequired,
-    isAuthenticated: PropTypes.bool,
+    token: PropTypes.string,
     translations: PropTypes.object,
     url: PropTypes.string.isRequired,
     withoutOkapi: PropTypes.bool,
   }).isRequired,
   plugins: PropTypes.object,
   setBindings: PropTypes.func.isRequired,
   setCurrency: PropTypes.func.isRequired,
-  setIsAuthenticated: PropTypes.func.isRequired,
   setLocale: PropTypes.func.isRequired,
   setSinglePlugin: PropTypes.func.isRequired,
   setTimezone: PropTypes.func.isRequired,
+  setToken: PropTypes.func.isRequired,
   store: PropTypes.shape({
     dispatch: PropTypes.func.isRequired,
     getState: PropTypes.func.isRequired,

src/components/MainNav/MainNav.js

@@ -4,14 +4,17 @@ import { isEqual, find } from 'lodash';
 import { compose } from 'redux';
 import { injectIntl } from 'react-intl';
 import { withRouter } from 'react-router';
+import localforage from 'localforage';
 
 import { branding, config } from 'stripes-config';
 
 import { Icon } from '@folio/stripes-components';
 
 import { withModules } from '../Modules';
 import { LastVisitedContext } from '../LastVisited';
-import { getLocale, logout as sessionLogout } from '../../loginServices';
+import { clearOkapiToken, clearCurrentUser } from '../../okapiActions';
+import { resetStore } from '../../mainActions';
+import { getLocale } from '../../loginServices';
 import {
   updateQueryResource,
   getLocationQuery,
@@ -120,8 +123,12 @@ class MainNav extends Component {
   returnToLogin() {
     const { okapi } = this.store.getState();
 
-    return getLocale(okapi.url, this.store, okapi.tenant)
-      .then(sessionLogout(okapi.url, this.store));
+    return getLocale(okapi.url, this.store, okapi.tenant).then(() => {
+      this.store.dispatch(clearOkapiToken());
+      this.store.dispatch(clearCurrentUser());
+      this.store.dispatch(resetStore());
+      localforage.removeItem('okapiSess');
+    });
   }
 
   // return the user to the login screen, but after logging in they will be brought to the default screen.

src/components/Root/Root.js

@@ -20,8 +20,8 @@ import initialReducers from '../../initialReducers';
 import enhanceReducer from '../../enhanceReducer';
 import createApolloClient from '../../createApolloClient';
 import createReactQueryClient from '../../createReactQueryClient';
-import { setSinglePlugin, setBindings, setIsAuthenticated, setTimezone, setCurrency, updateCurrentUser } from '../../okapiActions';
-import { addServiceWorkerListeners, loadTranslations, checkOkapiSession } from '../../loginServices';
+import { setSinglePlugin, setBindings, setOkapiToken, setTimezone, setCurrency, updateCurrentUser } from '../../okapiActions';
+import { loadTranslations, checkOkapiSession } from '../../loginServices';
 import { getQueryResourceKey, getCurrentModule } from '../../locationService';
 import Stripes from '../../Stripes';
 import RootWithIntl from '../../RootWithIntl';
@@ -40,7 +40,7 @@ class Root extends Component {
   constructor(...args) {
     super(...args);
 
-    const { modules, history, okapi, store } = this.props;
+    const { modules, history, okapi } = this.props;
 
     this.reducers = { ...initialReducers };
     this.epics = {};
@@ -64,9 +64,6 @@ class Root extends Component {
 
     this.apolloClient = createApolloClient(okapi);
     this.reactQueryClient = createReactQueryClient();
-
-    // service-worker message listeners
-    addServiceWorkerListeners(okapi, store);
   }
 
   getChildContext() {
@@ -110,7 +107,7 @@ class Root extends Component {
   }
 
   render() {
-    const { logger, store, epics, config, okapi, actionNames, isAuthenticated, disableAuth, currentUser, currentPerms, locale, defaultTranslations, timezone, currency, plugins, bindings, discovery, translations, history, serverDown } = this.props;
+    const { logger, store, epics, config, okapi, actionNames, token, disableAuth, currentUser, currentPerms, locale, defaultTranslations, timezone, currency, plugins, bindings, discovery, translations, history, serverDown } = this.props;
 
     if (serverDown) {
       return <div>Error: server is down.</div>;
@@ -128,7 +125,7 @@ class Root extends Component {
       config,
       okapi,
       withOkapi: this.withOkapi,
-      setIsAuthenticated: (val) => { store.dispatch(setIsAuthenticated(val)); },
+      setToken: (val) => { store.dispatch(setOkapiToken(val)); },
       actionNames,
       locale,
       timezone,
@@ -169,7 +166,7 @@ class Root extends Component {
               >
                 <RootWithIntl
                   stripes={stripes}
-                  isAuthenticated={isAuthenticated}
+                  token={token}
                   disableAuth={disableAuth}
                   history={history}
                 />
@@ -194,7 +191,7 @@ Root.propTypes = {
     getState: PropTypes.func.isRequired,
     replaceReducer: PropTypes.func.isRequired,
   }),
-  isAuthenticated: PropTypes.bool,
+  token: PropTypes.string,
   disableAuth: PropTypes.bool.isRequired,
   logger: PropTypes.object.isRequired,
   currentPerms: PropTypes.object,
@@ -252,13 +249,13 @@ function mapStateToProps(state) {
     currentPerms: state.okapi.currentPerms,
     currentUser: state.okapi.currentUser,
     discovery: state.discovery,
-    isAuthenticated: state.okapi.isAuthenticated,
     locale: state.okapi.locale,
     okapi: state.okapi,
     okapiReady: state.okapi.okapiReady,
     plugins: state.okapi.plugins,
     serverDown: state.okapi.serverDown,
     timezone: state.okapi.timezone,
+    token: state.okapi.token,
     translations: state.okapi.translations,
   };
 }

src/createApolloClient.js

@@ -1,10 +1,10 @@
 import { InMemoryCache, ApolloClient } from '@apollo/client';
 
-const createClient = ({ url, tenant }) => (new ApolloClient({
+const createClient = ({ url, tenant, token }) => (new ApolloClient({
   uri: `${url}/graphql`,
-  credentials: 'include',
   headers: {
     'X-Okapi-Tenant': tenant,
+    'X-Okapi-Token': token,
   },
   cache: new InMemoryCache(),
 }));

src/discoverServices.js

@@ -1,8 +1,9 @@
 import { some } from 'lodash';
 
-function getHeaders(tenant) {
+function getHeaders(tenant, token) {
   return {
     'X-Okapi-Tenant': tenant,
+    'X-Okapi-Token': token,
     'Content-Type': 'application/json'
   };
 }
@@ -11,9 +12,7 @@ function fetchOkapiVersion(store) {
   const okapi = store.getState().okapi;
 
   return fetch(`${okapi.url}/_/version`, {
-    headers: getHeaders(okapi.tenant),
-    credentials: 'include',
-    mode: 'cors',
+    headers: getHeaders(okapi.tenant, okapi.token)
   }).then((response) => { // eslint-disable-line consistent-return
     if (response.status >= 400) {
       store.dispatch({ type: 'DISCOVERY_FAILURE', code: response.status });
@@ -32,9 +31,7 @@ function fetchModules(store) {
   const okapi = store.getState().okapi;
 
   return fetch(`${okapi.url}/_/proxy/tenants/${okapi.tenant}/modules?full=true`, {
-    headers: getHeaders(okapi.tenant),
-    credentials: 'include',
-    mode: 'cors',
+    headers: getHeaders(okapi.tenant, okapi.token)
   }).then((response) => { // eslint-disable-line consistent-return
     if (response.status >= 400) {
       store.dispatch({ type: 'DISCOVERY_FAILURE', code: response.status });