Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: upgrade sgid sdk #6584

Merged
merged 25 commits into from Aug 18, 2023
Merged

feat: upgrade sgid sdk #6584

merged 25 commits into from Aug 18, 2023

Conversation

kschiew
Copy link
Contributor

@kschiew kschiew commented Aug 1, 2023
edited by justynoh

Problem

sgID did a major release for its TypeScript SDK recently and will deprecate support for v1 SDK (which is currently used by FormSG) by the end of the year.

Solution

  • Bumped major version of sgid-client to v2.
  • Bumped major version of Mockpass to v4.x which is compatible to v2 of sgid-client.
  • Code changes for Authenticated form via sgID flow.
  • Code changes for Authenticated form with myInfo fields via sgID flow.
  • Code changes for OGP officer-only login via sgID flow.

Breaking Changes

  • Yes - this PR contains breaking changes
    • The code changes for the sgID flow is not backwards compatible, and should only work on snapshots where sgid-client version is >= 2.0.0.
  • No - this PR is backwards compatible

Improvements:

  • Introduced Proof Key for Code Exchange (PKCE) for sgID integration.

Tests

  • Created unit tests for test paths where code_verifier cookie is missing.
  • Updated existing test cases based on the breaking changes.
  • Manually tested against sgID's staging environment:
  • Log in to FormSG via the /ogp-login route. This should work correctly.
  • Create and submit a form with SGID authentication. This should work correctly.
  • Create and submit a form with SGID MyInfo. This should work correctly.

Deploy Notes

New environment variables:

  • SGID_HOSTNAME in docker-compose.yml : updated accordingly to Mockpass' changes. No changes required for staging/prod env vars.

New dependencies:

  • @opengovsg/sgid-client : Bumped from ^1.0.4 to v2.0.0.
  • mockpass: Bumped from v3.1.3 to v4.0.4.

@kschiew kschiew changed the title feat:upgrade sgid sdk feat: upgrade sgid sdk Aug 1, 2023
@justynoh justynoh temporarily deployed to staging August 16, 2023 10:11 — with GitHub Actions Inactive
justynoh
justynoh reviewed Aug 16, 2023
View reviewed changes
Copy link
Contributor

@justynoh justynoh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks so much for doing this @kschiew ! Generally LGTM with just a few small comments

src/app/modules/form/public-form/public-form.controller.ts Outdated Show resolved Hide resolved
src/app/modules/form/public-form/public-form.controller.ts Outdated Show resolved Hide resolved
src/app/modules/sgid/__tests__/sgid.routes.spec.ts Show resolved Hide resolved
src/app/modules/sgid/sgid.controller.ts Outdated Show resolved Hide resolved
src/app/modules/auth/sgid/auth-sgid.controller.ts Outdated Show resolved Hide resolved
@justynoh justynoh marked this pull request as ready for review August 18, 2023 04:39
@justynoh justynoh merged commit 5c79ac8 into develop Aug 18, 2023
19 checks passed
@justynoh justynoh deleted the feat/upgrade_sgid_sdk branch August 18, 2023 07:58
@wanlingt wanlingt mentioned this pull request Aug 23, 2023
Merged
44 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@justynoh justynoh justynoh approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@kschiew @justynoh