Merged in feat/loy-403-seamless (pull request #3164)

feat(LOY-403): removed seamless login/logout

* feat(LOY-403): removed seamless login/logout


Approved-by: Joakim Jäderberg

apps/scandic-web/.env

@@ -1,7 +1,3 @@
 NEXTAUTH_DEBUG="false"
 DEBUG_QUERIES="false"
-SEAMLESS_ENVIRONMENT_SUBDOMAIN="www"
-CURITY_CLIENT_SERVICE_SCOPES="profile, hotel, booking, package, availability"
-
-SEAMLESS_LOGIN="https://${SEAMLESS_ENVIRONMENT_SUBDOMAIN}.scandichotels.{topleveldomain}/updatelogin"
-SEAMLESS_LOGOUT="https://${SEAMLESS_ENVIRONMENT_SUBDOMAIN}.scandichotels.{topleveldomain}/updatelogout?newweb=1"
+CURITY_CLIENT_SERVICE_SCOPES="profile, hotel, booking, package, availability"

apps/scandic-web/.env.local.example

@@ -20,18 +20,6 @@ REVALIDATE_SECRET=""
 SITEMAP_SYNC_SECRET=""
 SALESFORCE_PREFERENCE_BASE_URL="https://cloud.emails.scandichotels.com/preference-center"
 
-SEAMLESS_LOGIN_DA="http://www.example.dk/updatelogin"
-SEAMLESS_LOGIN_DE="http://www.example.de/updatelogin"
-SEAMLESS_LOGIN_EN="http://www.example.com/updatelogin"
-SEAMLESS_LOGIN_FI="http://www.example.fi/updatelogin"
-SEAMLESS_LOGIN_NO="http://www.example.no/updatelogin"
-SEAMLESS_LOGIN_SV="http://www.example.se/updatelogin"
-SEAMLESS_LOGOUT_DA="http://www.example.dk/updatelogout?newweb=1"
-SEAMLESS_LOGOUT_DE="http://www.example.de/updatelogout?newweb=1"
-SEAMLESS_LOGOUT_EN="http://www.example.com/updatelogout?newweb=1"
-SEAMLESS_LOGOUT_FI="http://www.example.fi/updatelogout?newweb=1"
-SEAMLESS_LOGOUT_NO="http://www.example.no/updatelogout?newweb=1"
-SEAMLESS_LOGOUT_SV="http://www.example.sv/updatelogout?newweb=1"
 WEBVIEW_ENCRYPTION_KEY="MTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI="
 BOOKING_ENCRYPTION_KEY=""
 // WEB-210 NodeJS v17+ uses OPENSSL 3.0 in which the encryption algorithm “DES-ECB” is deprecated and

apps/scandic-web/.env.test

@@ -19,18 +19,6 @@ NEXT_PUBLIC_PUBLIC_URL="test"
 NEXTAUTH_URL="test"
 NODE_ENV="test"
 REVALIDATE_SECRET="test"
-SEAMLESS_LOGIN_DA="test"
-SEAMLESS_LOGIN_DE="test"
-SEAMLESS_LOGIN_EN="test"
-SEAMLESS_LOGIN_FI="test"
-SEAMLESS_LOGIN_NO="test"
-SEAMLESS_LOGIN_SV="test"
-SEAMLESS_LOGOUT_DA="test"
-SEAMLESS_LOGOUT_DE="test"
-SEAMLESS_LOGOUT_EN="test"
-SEAMLESS_LOGOUT_FI="test"
-SEAMLESS_LOGOUT_NO="test"
-SEAMLESS_LOGOUT_SV="test"
 WEBVIEW_ENCRYPTION_KEY="test"
 BOOKING_ENCRYPTION_KEY="test"
 GOOGLE_STATIC_MAP_KEY="test"

apps/scandic-web/app/[lang]/(live)/(protected)/logout/route.ts

@@ -1,7 +1,6 @@
 import { type NextRequest, NextResponse } from "next/server"
 import { AuthError } from "next-auth"
 
-import { Lang } from "@scandic-hotels/common/constants/language"
 import { logger } from "@scandic-hotels/common/logger"
 
 import { env } from "@/env/server"
@@ -10,17 +9,11 @@ import { getPublicURL } from "@/server/utils"
 
 import { signOut } from "@/auth"
 
-export async function GET(
-  request: NextRequest,
-  context: RouteContext<"/[lang]/logout">
-) {
+export async function GET(request: NextRequest) {
   const publicURL = getPublicURL(request)
 
   let redirectTo: string = ""
 
-  const returnUrl = request.headers.get("x-returnurl")
-  const isSeamless = request.headers.get("x-logout-source") === "seamless"
-
   logger.debug(
     `[logout] source: ${request.headers.get("x-logout-source") || "normal"}`
   )
@@ -29,62 +22,13 @@ export async function GET(
     request.nextUrl.searchParams.get("redirectTo")
   const redirectToFallback = "/"
 
-  if (isSeamless) {
-    if (returnUrl) {
-      redirectTo = returnUrl
-    } else {
-      logger.debug(
-        `[login] missing returnUrl, using fallback: ${redirectToFallback}`
-      )
-      redirectTo = redirectToFallback
-    }
-  } else {
-    redirectTo = redirectToSearchParamValue || redirectToFallback
+  redirectTo = redirectToSearchParamValue || redirectToFallback
 
-    // Make relative URL to absolute URL
-    if (redirectTo.startsWith("/")) {
-      logger.debug(`[logout] make redirectTo absolute, from ${redirectTo}`)
-      redirectTo = new URL(redirectTo, publicURL).href
-      logger.debug(`[logout] make redirectTo absolute, to ${redirectTo}`)
-    }
-
-    try {
-      // Initiate the seamless logout flow
-      let redirectUrlValue
-      const params = await context.params
-      switch (params.lang) {
-        case Lang.da:
-          redirectUrlValue = env.SEAMLESS_LOGOUT_DA
-          break
-        case Lang.de:
-          redirectUrlValue = env.SEAMLESS_LOGOUT_DE
-          break
-        case Lang.en:
-          redirectUrlValue = env.SEAMLESS_LOGOUT_EN
-          break
-        case Lang.fi:
-          redirectUrlValue = env.SEAMLESS_LOGOUT_FI
-          break
-        case Lang.no:
-          redirectUrlValue = env.SEAMLESS_LOGOUT_NO
-          break
-        case Lang.sv:
-          redirectUrlValue = env.SEAMLESS_LOGOUT_SV
-          break
-        default:
-          throw new Error(`Unsupported language for logout: ${params.lang}`)
-      }
-      const redirectUrl = new URL(redirectUrlValue)
-      logger.debug(
-        `[logout] creating redirect to seamless logout: ${redirectUrl}`
-      )
-      redirectTo = redirectUrl.toString()
-    } catch (e) {
-      logger.error(
-        "Unable to create URL for seamless logout, proceeding without it.",
-        e
-      )
-    }
+  // Make relative URL to absolute URL
+  if (redirectTo.startsWith("/")) {
+    logger.debug(`[logout] make redirectTo absolute, from ${redirectTo}`)
+    redirectTo = new URL(redirectTo, publicURL).href
+    logger.debug(`[logout] make redirectTo absolute, to ${redirectTo}`)
   }
 
   try {

apps/scandic-web/app/[lang]/(live)/(public)/login/route.ts

@@ -1,10 +1,8 @@
 import { type NextRequest, NextResponse } from "next/server"
 import { AuthError } from "next-auth"
 
-import { Lang } from "@scandic-hotels/common/constants/language"
 import { logger } from "@scandic-hotels/common/logger"
 
-import { env } from "@/env/server"
 import { internalServerError } from "@/server/errors/next"
 import { getPublicURL } from "@/server/utils"
 
@@ -21,7 +19,6 @@ export async function GET(
   let redirectTo: string
 
   const returnUrl = request.headers.get("x-returnurl")
-  const isSeamless = request.headers.get("x-login-source") === "seamless"
   const isMFA = request.headers.get("x-login-source") === "mfa"
   const isSeamlessMagicLink =
     request.headers.get("x-login-source") === "seamless-magiclink"
@@ -40,7 +37,7 @@ export async function GET(
     `[login] redirectTo search param value: ${redirectToSearchParamValue}`
   )
 
-  if (isSeamless || isSeamlessMagicLink || isMFA) {
+  if (isSeamlessMagicLink || isMFA) {
     if (returnUrl) {
       redirectTo = returnUrl
     } else {
@@ -66,57 +63,6 @@ export async function GET(
       "set-cookie",
       "redirectTo=; Expires=Thu, 01 Jan 1970 00:00:00 UTC; Path=/; HttpOnly; SameSite=Lax"
     )
-
-    try {
-      // Initiate the seamless login flow
-      let redirectUrlValue
-      switch (contextParams.lang) {
-        case Lang.da:
-          redirectUrlValue = env.SEAMLESS_LOGIN_DA
-          break
-        case Lang.de:
-          redirectUrlValue = env.SEAMLESS_LOGIN_DE
-          break
-        case Lang.en:
-          redirectUrlValue = env.SEAMLESS_LOGIN_EN
-          break
-        case Lang.fi:
-          redirectUrlValue = env.SEAMLESS_LOGIN_FI
-          break
-        case Lang.no:
-          redirectUrlValue = env.SEAMLESS_LOGIN_NO
-          break
-        case Lang.sv:
-          redirectUrlValue = env.SEAMLESS_LOGIN_SV
-          break
-        default:
-          throw new Error(
-            `Unsupported language for login: ${contextParams.lang}`
-          )
-      }
-      const redirectUrl = new URL(redirectUrlValue)
-      logger.debug(
-        `[login] creating redirect to seamless login: ${redirectUrl}`
-      )
-      redirectUrl.searchParams.set("returnurl", redirectTo)
-      logger.debug(
-        `[login] returnurl for seamless login: ${redirectUrl.searchParams.get("returnurl")}`
-      )
-      redirectTo = redirectUrl.toString()
-
-      /** Set cookie with redirect Url to appropriately redirect user when using magic link login */
-      redirectHeaders.append(
-        "set-cookie",
-        "magicLinkRedirectTo=" +
-          redirectTo +
-          "; Max-Age=300; Path=/; HttpOnly; SameSite=Lax"
-      )
-    } catch (e) {
-      logger.error(
-        "[login] unable to create URL for seamless login, proceeding without it.",
-        e
-      )
-    }
   }
 
   try {

apps/scandic-web/env/server.ts

@@ -44,42 +44,6 @@ export const env = createEnv({
     PUBLIC_URL: z.string().default(""),
     REVALIDATE_SECRET: z.string(),
     SITEMAP_SYNC_SECRET: z.string(),
-    SEAMLESS_LOGIN_DA: z
-      .string()
-      .transform((s) => replaceTopLevelDomain(s, "dk")),
-    SEAMLESS_LOGIN_DE: z
-      .string()
-      .transform((s) => replaceTopLevelDomain(s, "de")),
-    SEAMLESS_LOGIN_EN: z
-      .string()
-      .transform((s) => replaceTopLevelDomain(s, "com")),
-    SEAMLESS_LOGIN_FI: z
-      .string()
-      .transform((s) => replaceTopLevelDomain(s, "fi")),
-    SEAMLESS_LOGIN_NO: z
-      .string()
-      .transform((s) => replaceTopLevelDomain(s, "no")),
-    SEAMLESS_LOGIN_SV: z
-      .string()
-      .transform((s) => replaceTopLevelDomain(s, "se")),
-    SEAMLESS_LOGOUT_DA: z
-      .string()
-      .transform((s) => replaceTopLevelDomain(s, "dk")),
-    SEAMLESS_LOGOUT_DE: z
-      .string()
-      .transform((s) => replaceTopLevelDomain(s, "de")),
-    SEAMLESS_LOGOUT_EN: z
-      .string()
-      .transform((s) => replaceTopLevelDomain(s, "com")),
-    SEAMLESS_LOGOUT_FI: z
-      .string()
-      .transform((s) => replaceTopLevelDomain(s, "fi")),
-    SEAMLESS_LOGOUT_NO: z
-      .string()
-      .transform((s) => replaceTopLevelDomain(s, "no")),
-    SEAMLESS_LOGOUT_SV: z
-      .string()
-      .transform((s) => replaceTopLevelDomain(s, "se")),
     WEBVIEW_ENCRYPTION_KEY: z.string(),
     GOOGLE_STATIC_MAP_KEY: z.string(),
     GOOGLE_STATIC_MAP_SIGNATURE_SECRET: z.string(),
@@ -170,30 +134,7 @@ export const env = createEnv({
     PUBLIC_URL: process.env.NEXT_PUBLIC_PUBLIC_URL,
     REVALIDATE_SECRET: process.env.REVALIDATE_SECRET,
     SITEMAP_SYNC_SECRET: process.env.SITEMAP_SYNC_SECRET,
-    SEAMLESS_LOGIN_DA:
-      process.env.SEAMLESS_LOGIN || process.env.SEAMLESS_LOGIN_DA,
-    SEAMLESS_LOGIN_DE:
-      process.env.SEAMLESS_LOGIN || process.env.SEAMLESS_LOGIN_DE,
-    SEAMLESS_LOGIN_EN:
-      process.env.SEAMLESS_LOGIN || process.env.SEAMLESS_LOGIN_EN,
-    SEAMLESS_LOGIN_FI:
-      process.env.SEAMLESS_LOGIN || process.env.SEAMLESS_LOGIN_FI,
-    SEAMLESS_LOGIN_NO:
-      process.env.SEAMLESS_LOGIN || process.env.SEAMLESS_LOGIN_NO,
-    SEAMLESS_LOGIN_SV:
-      process.env.SEAMLESS_LOGIN || process.env.SEAMLESS_LOGIN_SV,
-    SEAMLESS_LOGOUT_DA:
-      process.env.SEAMLESS_LOGOUT || process.env.SEAMLESS_LOGOUT_DA,
-    SEAMLESS_LOGOUT_DE:
-      process.env.SEAMLESS_LOGOUT || process.env.SEAMLESS_LOGOUT_DE,
-    SEAMLESS_LOGOUT_EN:
-      process.env.SEAMLESS_LOGOUT || process.env.SEAMLESS_LOGOUT_EN,
-    SEAMLESS_LOGOUT_FI:
-      process.env.SEAMLESS_LOGOUT || process.env.SEAMLESS_LOGOUT_FI,
-    SEAMLESS_LOGOUT_NO:
-      process.env.SEAMLESS_LOGOUT || process.env.SEAMLESS_LOGOUT_NO,
-    SEAMLESS_LOGOUT_SV:
-      process.env.SEAMLESS_LOGOUT || process.env.SEAMLESS_LOGOUT_SV,
+
     WEBVIEW_ENCRYPTION_KEY: process.env.WEBVIEW_ENCRYPTION_KEY,
     GOOGLE_STATIC_MAP_KEY: process.env.GOOGLE_STATIC_MAP_KEY,
     GOOGLE_STATIC_MAP_SIGNATURE_SECRET:
@@ -223,7 +164,3 @@ export const env = createEnv({
     NEW_STAYS_ON_MY_PAGES: process.env.NEW_STAYS_ON_MY_PAGES,
   },
 })
-
-function replaceTopLevelDomain(url: string, domain: string) {
-  return url.replaceAll("{topleveldomain}", domain)
-}

apps/scandic-web/middleware.ts

@@ -7,9 +7,6 @@ import { findLang } from "@scandic-hotels/common/utils/languages"
 import * as authRequired from "@/middlewares/authRequired"
 import * as bookingFlow from "@/middlewares/bookingFlow"
 import * as cmsContent from "@/middlewares/cmsContent"
-import * as currentWebLogin from "@/middlewares/currentWebLogin"
-import * as currentWebLoginEmail from "@/middlewares/currentWebLoginEmail"
-import * as currentWebLogout from "@/middlewares/currentWebLogout"
 import * as dateQueryParams from "@/middlewares/dateQueryParams"
 import * as errorPages from "@/middlewares/errorPages"
 import * as familyAndFriends from "@/middlewares/familyAndFriends"
@@ -40,9 +37,6 @@ export const middleware: NextMiddleware = async (request, event) => {
     noValidLang,
     invalidUrl,
     trailingSlash,
-    currentWebLogin,
-    currentWebLoginEmail,
-    currentWebLogout,
     authRequired,
     handleAuth,
     handleDTMC,

apps/scandic-web/middlewares/currentWebLogin.ts

@@ -1,31 +0,0 @@
-import { type NextMiddleware, NextResponse } from "next/server"
-
-import { badRequest } from "@/server/errors/next"
-
-import { findLang } from "@scandic-hotels/common/utils/languages"
-
-import type { MiddlewareMatcher } from "@/types/middleware"
-
-export const middleware: NextMiddleware = (request) => {
-  const returnUrl = request.nextUrl.searchParams.get("returnurl")
-
-  if (!returnUrl) {
-    return badRequest()
-  }
-
-  const lang = findLang(request.nextUrl.pathname)!
-
-  const headers = new Headers(request.headers)
-  headers.set("x-returnurl", returnUrl)
-  headers.set("x-login-source", "seamless")
-
-  return NextResponse.rewrite(new URL(`/${lang}/login`, request.nextUrl), {
-    request: {
-      headers,
-    },
-  })
-}
-
-export const matcher: MiddlewareMatcher = (request) => {
-  return request.nextUrl.pathname.endsWith("/updatelogin")
-}

apps/scandic-web/middlewares/currentWebLoginEmail.ts

@@ -1,31 +0,0 @@
-import { type NextMiddleware, NextResponse } from "next/server"
-
-import { badRequest } from "@/server/errors/next"
-
-import { findLang } from "@scandic-hotels/common/utils/languages"
-
-import type { MiddlewareMatcher } from "@/types/middleware"
-
-export const middleware: NextMiddleware = (request) => {
-  const returnUrl = request.nextUrl.searchParams.get("returnurl")
-
-  if (!returnUrl) {
-    return badRequest()
-  }
-
-  const lang = findLang(request.nextUrl.pathname)!
-
-  const headers = new Headers(request.headers)
-  headers.set("x-returnurl", returnUrl)
-  headers.set("x-login-source", "seamless-magiclink")
-
-  return NextResponse.rewrite(new URL(`/${lang}/login`, request.nextUrl), {
-    request: {
-      headers,
-    },
-  })
-}
-
-export const matcher: MiddlewareMatcher = (request) => {
-  return request.nextUrl.pathname.endsWith("/updateloginemail")
-}

apps/scandic-web/middlewares/currentWebLogout.ts

@@ -1,31 +0,0 @@
-import { type NextMiddleware, NextResponse } from "next/server"
-
-import { badRequest } from "@/server/errors/next"
-import { getPublicURL } from "@/server/utils"
-
-import { findLang } from "@scandic-hotels/common/utils/languages"
-
-import type { MiddlewareMatcher } from "@/types/middleware"
-
-export const middleware: NextMiddleware = (request) => {
-  const currentwebUrl = request.nextUrl.searchParams.get("currentweb")
-  if (currentwebUrl == null || undefined) {
-    return badRequest()
-  }
-  const lang = findLang(request.nextUrl.pathname)!
-
-  const redirectTo = getPublicURL(request)
-
-  const headers = new Headers(request.headers)
-  headers.set("x-returnurl", redirectTo)
-  headers.set("x-logout-source", "seamless")
-
-  return NextResponse.rewrite(new URL(`/${lang}/logout`, request.nextUrl), {
-    request: {
-      headers,
-    },
-  })
-}
-export const matcher: MiddlewareMatcher = (request) => {
-  return request.nextUrl.pathname.endsWith("/updatelogout")
-}