diff --git a/apps/scandic-web/.env b/apps/scandic-web/.env index f7c7de9b9..f1aaa05aa 100644 --- a/apps/scandic-web/.env +++ b/apps/scandic-web/.env @@ -1,7 +1,3 @@ NEXTAUTH_DEBUG="false" DEBUG_QUERIES="false" -SEAMLESS_ENVIRONMENT_SUBDOMAIN="www" -CURITY_CLIENT_SERVICE_SCOPES="profile, hotel, booking, package, availability" - -SEAMLESS_LOGIN="https://${SEAMLESS_ENVIRONMENT_SUBDOMAIN}.scandichotels.{topleveldomain}/updatelogin" -SEAMLESS_LOGOUT="https://${SEAMLESS_ENVIRONMENT_SUBDOMAIN}.scandichotels.{topleveldomain}/updatelogout?newweb=1" \ No newline at end of file +CURITY_CLIENT_SERVICE_SCOPES="profile, hotel, booking, package, availability" \ No newline at end of file diff --git a/apps/scandic-web/.env.local.example b/apps/scandic-web/.env.local.example index ecc736506..e60d40f3d 100644 --- a/apps/scandic-web/.env.local.example +++ b/apps/scandic-web/.env.local.example @@ -20,18 +20,6 @@ REVALIDATE_SECRET="" SITEMAP_SYNC_SECRET="" SALESFORCE_PREFERENCE_BASE_URL="https://cloud.emails.scandichotels.com/preference-center" -SEAMLESS_LOGIN_DA="http://www.example.dk/updatelogin" -SEAMLESS_LOGIN_DE="http://www.example.de/updatelogin" -SEAMLESS_LOGIN_EN="http://www.example.com/updatelogin" -SEAMLESS_LOGIN_FI="http://www.example.fi/updatelogin" -SEAMLESS_LOGIN_NO="http://www.example.no/updatelogin" -SEAMLESS_LOGIN_SV="http://www.example.se/updatelogin" -SEAMLESS_LOGOUT_DA="http://www.example.dk/updatelogout?newweb=1" -SEAMLESS_LOGOUT_DE="http://www.example.de/updatelogout?newweb=1" -SEAMLESS_LOGOUT_EN="http://www.example.com/updatelogout?newweb=1" -SEAMLESS_LOGOUT_FI="http://www.example.fi/updatelogout?newweb=1" -SEAMLESS_LOGOUT_NO="http://www.example.no/updatelogout?newweb=1" -SEAMLESS_LOGOUT_SV="http://www.example.sv/updatelogout?newweb=1" WEBVIEW_ENCRYPTION_KEY="MTIzNDU2Nzg5MDEyMzQ1Njc4OTAxMjM0NTY3ODkwMTI=" BOOKING_ENCRYPTION_KEY="" // WEB-210 NodeJS v17+ uses OPENSSL 3.0 in which the encryption algorithm “DES-ECB” is deprecated and diff --git a/apps/scandic-web/.env.test b/apps/scandic-web/.env.test index cf11d1dac..3f2a0efae 100644 --- a/apps/scandic-web/.env.test +++ b/apps/scandic-web/.env.test @@ -19,18 +19,6 @@ NEXT_PUBLIC_PUBLIC_URL="test" NEXTAUTH_URL="test" NODE_ENV="test" REVALIDATE_SECRET="test" -SEAMLESS_LOGIN_DA="test" -SEAMLESS_LOGIN_DE="test" -SEAMLESS_LOGIN_EN="test" -SEAMLESS_LOGIN_FI="test" -SEAMLESS_LOGIN_NO="test" -SEAMLESS_LOGIN_SV="test" -SEAMLESS_LOGOUT_DA="test" -SEAMLESS_LOGOUT_DE="test" -SEAMLESS_LOGOUT_EN="test" -SEAMLESS_LOGOUT_FI="test" -SEAMLESS_LOGOUT_NO="test" -SEAMLESS_LOGOUT_SV="test" WEBVIEW_ENCRYPTION_KEY="test" BOOKING_ENCRYPTION_KEY="test" GOOGLE_STATIC_MAP_KEY="test" diff --git a/apps/scandic-web/app/[lang]/(live)/(protected)/logout/route.ts b/apps/scandic-web/app/[lang]/(live)/(protected)/logout/route.ts index 61d3c5c73..aa1e70b00 100644 --- a/apps/scandic-web/app/[lang]/(live)/(protected)/logout/route.ts +++ b/apps/scandic-web/app/[lang]/(live)/(protected)/logout/route.ts @@ -1,7 +1,6 @@ import { type NextRequest, NextResponse } from "next/server" import { AuthError } from "next-auth" -import { Lang } from "@scandic-hotels/common/constants/language" import { logger } from "@scandic-hotels/common/logger" import { env } from "@/env/server" @@ -10,17 +9,11 @@ import { getPublicURL } from "@/server/utils" import { signOut } from "@/auth" -export async function GET( - request: NextRequest, - context: RouteContext<"/[lang]/logout"> -) { +export async function GET(request: NextRequest) { const publicURL = getPublicURL(request) let redirectTo: string = "" - const returnUrl = request.headers.get("x-returnurl") - const isSeamless = request.headers.get("x-logout-source") === "seamless" - logger.debug( `[logout] source: ${request.headers.get("x-logout-source") || "normal"}` ) @@ -29,62 +22,13 @@ export async function GET( request.nextUrl.searchParams.get("redirectTo") const redirectToFallback = "/" - if (isSeamless) { - if (returnUrl) { - redirectTo = returnUrl - } else { - logger.debug( - `[login] missing returnUrl, using fallback: ${redirectToFallback}` - ) - redirectTo = redirectToFallback - } - } else { - redirectTo = redirectToSearchParamValue || redirectToFallback + redirectTo = redirectToSearchParamValue || redirectToFallback - // Make relative URL to absolute URL - if (redirectTo.startsWith("/")) { - logger.debug(`[logout] make redirectTo absolute, from ${redirectTo}`) - redirectTo = new URL(redirectTo, publicURL).href - logger.debug(`[logout] make redirectTo absolute, to ${redirectTo}`) - } - - try { - // Initiate the seamless logout flow - let redirectUrlValue - const params = await context.params - switch (params.lang) { - case Lang.da: - redirectUrlValue = env.SEAMLESS_LOGOUT_DA - break - case Lang.de: - redirectUrlValue = env.SEAMLESS_LOGOUT_DE - break - case Lang.en: - redirectUrlValue = env.SEAMLESS_LOGOUT_EN - break - case Lang.fi: - redirectUrlValue = env.SEAMLESS_LOGOUT_FI - break - case Lang.no: - redirectUrlValue = env.SEAMLESS_LOGOUT_NO - break - case Lang.sv: - redirectUrlValue = env.SEAMLESS_LOGOUT_SV - break - default: - throw new Error(`Unsupported language for logout: ${params.lang}`) - } - const redirectUrl = new URL(redirectUrlValue) - logger.debug( - `[logout] creating redirect to seamless logout: ${redirectUrl}` - ) - redirectTo = redirectUrl.toString() - } catch (e) { - logger.error( - "Unable to create URL for seamless logout, proceeding without it.", - e - ) - } + // Make relative URL to absolute URL + if (redirectTo.startsWith("/")) { + logger.debug(`[logout] make redirectTo absolute, from ${redirectTo}`) + redirectTo = new URL(redirectTo, publicURL).href + logger.debug(`[logout] make redirectTo absolute, to ${redirectTo}`) } try { diff --git a/apps/scandic-web/app/[lang]/(live)/(public)/login/route.ts b/apps/scandic-web/app/[lang]/(live)/(public)/login/route.ts index a0094fe41..eccc56ba4 100644 --- a/apps/scandic-web/app/[lang]/(live)/(public)/login/route.ts +++ b/apps/scandic-web/app/[lang]/(live)/(public)/login/route.ts @@ -1,10 +1,8 @@ import { type NextRequest, NextResponse } from "next/server" import { AuthError } from "next-auth" -import { Lang } from "@scandic-hotels/common/constants/language" import { logger } from "@scandic-hotels/common/logger" -import { env } from "@/env/server" import { internalServerError } from "@/server/errors/next" import { getPublicURL } from "@/server/utils" @@ -21,7 +19,6 @@ export async function GET( let redirectTo: string const returnUrl = request.headers.get("x-returnurl") - const isSeamless = request.headers.get("x-login-source") === "seamless" const isMFA = request.headers.get("x-login-source") === "mfa" const isSeamlessMagicLink = request.headers.get("x-login-source") === "seamless-magiclink" @@ -40,7 +37,7 @@ export async function GET( `[login] redirectTo search param value: ${redirectToSearchParamValue}` ) - if (isSeamless || isSeamlessMagicLink || isMFA) { + if (isSeamlessMagicLink || isMFA) { if (returnUrl) { redirectTo = returnUrl } else { @@ -66,57 +63,6 @@ export async function GET( "set-cookie", "redirectTo=; Expires=Thu, 01 Jan 1970 00:00:00 UTC; Path=/; HttpOnly; SameSite=Lax" ) - - try { - // Initiate the seamless login flow - let redirectUrlValue - switch (contextParams.lang) { - case Lang.da: - redirectUrlValue = env.SEAMLESS_LOGIN_DA - break - case Lang.de: - redirectUrlValue = env.SEAMLESS_LOGIN_DE - break - case Lang.en: - redirectUrlValue = env.SEAMLESS_LOGIN_EN - break - case Lang.fi: - redirectUrlValue = env.SEAMLESS_LOGIN_FI - break - case Lang.no: - redirectUrlValue = env.SEAMLESS_LOGIN_NO - break - case Lang.sv: - redirectUrlValue = env.SEAMLESS_LOGIN_SV - break - default: - throw new Error( - `Unsupported language for login: ${contextParams.lang}` - ) - } - const redirectUrl = new URL(redirectUrlValue) - logger.debug( - `[login] creating redirect to seamless login: ${redirectUrl}` - ) - redirectUrl.searchParams.set("returnurl", redirectTo) - logger.debug( - `[login] returnurl for seamless login: ${redirectUrl.searchParams.get("returnurl")}` - ) - redirectTo = redirectUrl.toString() - - /** Set cookie with redirect Url to appropriately redirect user when using magic link login */ - redirectHeaders.append( - "set-cookie", - "magicLinkRedirectTo=" + - redirectTo + - "; Max-Age=300; Path=/; HttpOnly; SameSite=Lax" - ) - } catch (e) { - logger.error( - "[login] unable to create URL for seamless login, proceeding without it.", - e - ) - } } try { diff --git a/apps/scandic-web/env/server.ts b/apps/scandic-web/env/server.ts index 824e707c1..ae1cf11e8 100644 --- a/apps/scandic-web/env/server.ts +++ b/apps/scandic-web/env/server.ts @@ -44,42 +44,6 @@ export const env = createEnv({ PUBLIC_URL: z.string().default(""), REVALIDATE_SECRET: z.string(), SITEMAP_SYNC_SECRET: z.string(), - SEAMLESS_LOGIN_DA: z - .string() - .transform((s) => replaceTopLevelDomain(s, "dk")), - SEAMLESS_LOGIN_DE: z - .string() - .transform((s) => replaceTopLevelDomain(s, "de")), - SEAMLESS_LOGIN_EN: z - .string() - .transform((s) => replaceTopLevelDomain(s, "com")), - SEAMLESS_LOGIN_FI: z - .string() - .transform((s) => replaceTopLevelDomain(s, "fi")), - SEAMLESS_LOGIN_NO: z - .string() - .transform((s) => replaceTopLevelDomain(s, "no")), - SEAMLESS_LOGIN_SV: z - .string() - .transform((s) => replaceTopLevelDomain(s, "se")), - SEAMLESS_LOGOUT_DA: z - .string() - .transform((s) => replaceTopLevelDomain(s, "dk")), - SEAMLESS_LOGOUT_DE: z - .string() - .transform((s) => replaceTopLevelDomain(s, "de")), - SEAMLESS_LOGOUT_EN: z - .string() - .transform((s) => replaceTopLevelDomain(s, "com")), - SEAMLESS_LOGOUT_FI: z - .string() - .transform((s) => replaceTopLevelDomain(s, "fi")), - SEAMLESS_LOGOUT_NO: z - .string() - .transform((s) => replaceTopLevelDomain(s, "no")), - SEAMLESS_LOGOUT_SV: z - .string() - .transform((s) => replaceTopLevelDomain(s, "se")), WEBVIEW_ENCRYPTION_KEY: z.string(), GOOGLE_STATIC_MAP_KEY: z.string(), GOOGLE_STATIC_MAP_SIGNATURE_SECRET: z.string(), @@ -170,30 +134,7 @@ export const env = createEnv({ PUBLIC_URL: process.env.NEXT_PUBLIC_PUBLIC_URL, REVALIDATE_SECRET: process.env.REVALIDATE_SECRET, SITEMAP_SYNC_SECRET: process.env.SITEMAP_SYNC_SECRET, - SEAMLESS_LOGIN_DA: - process.env.SEAMLESS_LOGIN || process.env.SEAMLESS_LOGIN_DA, - SEAMLESS_LOGIN_DE: - process.env.SEAMLESS_LOGIN || process.env.SEAMLESS_LOGIN_DE, - SEAMLESS_LOGIN_EN: - process.env.SEAMLESS_LOGIN || process.env.SEAMLESS_LOGIN_EN, - SEAMLESS_LOGIN_FI: - process.env.SEAMLESS_LOGIN || process.env.SEAMLESS_LOGIN_FI, - SEAMLESS_LOGIN_NO: - process.env.SEAMLESS_LOGIN || process.env.SEAMLESS_LOGIN_NO, - SEAMLESS_LOGIN_SV: - process.env.SEAMLESS_LOGIN || process.env.SEAMLESS_LOGIN_SV, - SEAMLESS_LOGOUT_DA: - process.env.SEAMLESS_LOGOUT || process.env.SEAMLESS_LOGOUT_DA, - SEAMLESS_LOGOUT_DE: - process.env.SEAMLESS_LOGOUT || process.env.SEAMLESS_LOGOUT_DE, - SEAMLESS_LOGOUT_EN: - process.env.SEAMLESS_LOGOUT || process.env.SEAMLESS_LOGOUT_EN, - SEAMLESS_LOGOUT_FI: - process.env.SEAMLESS_LOGOUT || process.env.SEAMLESS_LOGOUT_FI, - SEAMLESS_LOGOUT_NO: - process.env.SEAMLESS_LOGOUT || process.env.SEAMLESS_LOGOUT_NO, - SEAMLESS_LOGOUT_SV: - process.env.SEAMLESS_LOGOUT || process.env.SEAMLESS_LOGOUT_SV, + WEBVIEW_ENCRYPTION_KEY: process.env.WEBVIEW_ENCRYPTION_KEY, GOOGLE_STATIC_MAP_KEY: process.env.GOOGLE_STATIC_MAP_KEY, GOOGLE_STATIC_MAP_SIGNATURE_SECRET: @@ -223,7 +164,3 @@ export const env = createEnv({ NEW_STAYS_ON_MY_PAGES: process.env.NEW_STAYS_ON_MY_PAGES, }, }) - -function replaceTopLevelDomain(url: string, domain: string) { - return url.replaceAll("{topleveldomain}", domain) -} diff --git a/apps/scandic-web/middleware.ts b/apps/scandic-web/middleware.ts index c320e2c69..a2ff4228e 100644 --- a/apps/scandic-web/middleware.ts +++ b/apps/scandic-web/middleware.ts @@ -7,9 +7,6 @@ import { findLang } from "@scandic-hotels/common/utils/languages" import * as authRequired from "@/middlewares/authRequired" import * as bookingFlow from "@/middlewares/bookingFlow" import * as cmsContent from "@/middlewares/cmsContent" -import * as currentWebLogin from "@/middlewares/currentWebLogin" -import * as currentWebLoginEmail from "@/middlewares/currentWebLoginEmail" -import * as currentWebLogout from "@/middlewares/currentWebLogout" import * as dateQueryParams from "@/middlewares/dateQueryParams" import * as errorPages from "@/middlewares/errorPages" import * as familyAndFriends from "@/middlewares/familyAndFriends" @@ -40,9 +37,6 @@ export const middleware: NextMiddleware = async (request, event) => { noValidLang, invalidUrl, trailingSlash, - currentWebLogin, - currentWebLoginEmail, - currentWebLogout, authRequired, handleAuth, handleDTMC, diff --git a/apps/scandic-web/middlewares/currentWebLogin.ts b/apps/scandic-web/middlewares/currentWebLogin.ts deleted file mode 100644 index d93fa944e..000000000 --- a/apps/scandic-web/middlewares/currentWebLogin.ts +++ /dev/null @@ -1,31 +0,0 @@ -import { type NextMiddleware, NextResponse } from "next/server" - -import { badRequest } from "@/server/errors/next" - -import { findLang } from "@scandic-hotels/common/utils/languages" - -import type { MiddlewareMatcher } from "@/types/middleware" - -export const middleware: NextMiddleware = (request) => { - const returnUrl = request.nextUrl.searchParams.get("returnurl") - - if (!returnUrl) { - return badRequest() - } - - const lang = findLang(request.nextUrl.pathname)! - - const headers = new Headers(request.headers) - headers.set("x-returnurl", returnUrl) - headers.set("x-login-source", "seamless") - - return NextResponse.rewrite(new URL(`/${lang}/login`, request.nextUrl), { - request: { - headers, - }, - }) -} - -export const matcher: MiddlewareMatcher = (request) => { - return request.nextUrl.pathname.endsWith("/updatelogin") -} diff --git a/apps/scandic-web/middlewares/currentWebLoginEmail.ts b/apps/scandic-web/middlewares/currentWebLoginEmail.ts deleted file mode 100644 index 2e496a7c7..000000000 --- a/apps/scandic-web/middlewares/currentWebLoginEmail.ts +++ /dev/null @@ -1,31 +0,0 @@ -import { type NextMiddleware, NextResponse } from "next/server" - -import { badRequest } from "@/server/errors/next" - -import { findLang } from "@scandic-hotels/common/utils/languages" - -import type { MiddlewareMatcher } from "@/types/middleware" - -export const middleware: NextMiddleware = (request) => { - const returnUrl = request.nextUrl.searchParams.get("returnurl") - - if (!returnUrl) { - return badRequest() - } - - const lang = findLang(request.nextUrl.pathname)! - - const headers = new Headers(request.headers) - headers.set("x-returnurl", returnUrl) - headers.set("x-login-source", "seamless-magiclink") - - return NextResponse.rewrite(new URL(`/${lang}/login`, request.nextUrl), { - request: { - headers, - }, - }) -} - -export const matcher: MiddlewareMatcher = (request) => { - return request.nextUrl.pathname.endsWith("/updateloginemail") -} diff --git a/apps/scandic-web/middlewares/currentWebLogout.ts b/apps/scandic-web/middlewares/currentWebLogout.ts deleted file mode 100644 index 57a8aea8b..000000000 --- a/apps/scandic-web/middlewares/currentWebLogout.ts +++ /dev/null @@ -1,31 +0,0 @@ -import { type NextMiddleware, NextResponse } from "next/server" - -import { badRequest } from "@/server/errors/next" -import { getPublicURL } from "@/server/utils" - -import { findLang } from "@scandic-hotels/common/utils/languages" - -import type { MiddlewareMatcher } from "@/types/middleware" - -export const middleware: NextMiddleware = (request) => { - const currentwebUrl = request.nextUrl.searchParams.get("currentweb") - if (currentwebUrl == null || undefined) { - return badRequest() - } - const lang = findLang(request.nextUrl.pathname)! - - const redirectTo = getPublicURL(request) - - const headers = new Headers(request.headers) - headers.set("x-returnurl", redirectTo) - headers.set("x-logout-source", "seamless") - - return NextResponse.rewrite(new URL(`/${lang}/logout`, request.nextUrl), { - request: { - headers, - }, - }) -} -export const matcher: MiddlewareMatcher = (request) => { - return request.nextUrl.pathname.endsWith("/updatelogout") -}