From 0ab61c8f599d86c6b1528590fb0b9b447a76ca16 Mon Sep 17 00:00:00 2001 From: Fran McDade <18710366+frano-m@users.noreply.github.com> Date: Tue, 26 May 2026 16:12:49 +1000 Subject: [PATCH] feat: implement authorization code flow for hca prod (ma-prod) (#4850) Co-Authored-By: Claude Opus 4.7 (1M context) --- .../ma-prod/authentication/authentication.ts | 7 +++--- .../ma-prod/authentication/constants.ts | 25 +++++++++++++------ site-config/hca-dcp/ma-prod/config.ts | 2 +- 3 files changed, 23 insertions(+), 11 deletions(-) diff --git a/site-config/hca-dcp/ma-prod/authentication/authentication.ts b/site-config/hca-dcp/ma-prod/authentication/authentication.ts index a4a725925..8a71a8de8 100644 --- a/site-config/hca-dcp/ma-prod/authentication/authentication.ts +++ b/site-config/hca-dcp/ma-prod/authentication/authentication.ts @@ -1,14 +1,15 @@ import { AuthenticationConfig } from "@databiosphere/findable-ui/lib/config/entities"; import * as MDX from "../../../../app/components/common/MDXContent/hca-dcp"; -import { GOOGLE_PROVIDER, TERRA_SERVICE } from "./constants"; +import { getGoogleProvider, TERRA_SERVICE } from "./constants"; /** * Returns the authentication config for HCA DCP MA-PROD environment. + * @param dataSourceUrl - Data source URL. * @returns - Authentication config for HCA DCP MA-PROD environment. */ -export function getAuthentication(): AuthenticationConfig { +export function getAuthentication(dataSourceUrl: string): AuthenticationConfig { return { - providers: [GOOGLE_PROVIDER], + providers: [getGoogleProvider(dataSourceUrl)], services: [TERRA_SERVICE], termsOfService: MDX.LoginTermsOfService({}), text: MDX.LoginText({}), diff --git a/site-config/hca-dcp/ma-prod/authentication/constants.ts b/site-config/hca-dcp/ma-prod/authentication/constants.ts index 94f27dd07..555c62461 100644 --- a/site-config/hca-dcp/ma-prod/authentication/constants.ts +++ b/site-config/hca-dcp/ma-prod/authentication/constants.ts @@ -8,14 +8,25 @@ import { GoogleProfile } from "@databiosphere/findable-ui/lib/google/types"; import { OAUTH_GOOGLE_SIGN_IN } from "../../../common/authentication"; const CLIENT_ID = - "473200283737-4pt6e9lraf5jbb650f9kp7ethelv4a8l.apps.googleusercontent.com"; + "473200283737-h5e1l7neunbuesrtgjf8b12lb7o3jf1m.apps.googleusercontent.com"; -export const GOOGLE_PROVIDER: OAuthProvider = { - ...GOOGLE_SIGN_IN_PROVIDER, - ...OAUTH_GOOGLE_SIGN_IN, - clientId: CLIENT_ID, - flow: OAUTH_FLOW.IMPLICIT, -}; +/** + * Returns the Google OAuth provider configured for the authorization code + * flow, with `authorize` derived from the given Azul base URL. + * @param dataSourceUrl - Azul base URL. + * @returns Google OAuth provider. + */ +export function getGoogleProvider( + dataSourceUrl: string +): OAuthProvider { + return { + ...GOOGLE_SIGN_IN_PROVIDER, + ...OAUTH_GOOGLE_SIGN_IN, + authorize: `${dataSourceUrl}/user/authorize`, + clientId: CLIENT_ID, + flow: OAUTH_FLOW.AUTHORIZATION_CODE, + }; +} export const TERRA_SERVICE = { endpoint: { diff --git a/site-config/hca-dcp/ma-prod/config.ts b/site-config/hca-dcp/ma-prod/config.ts index e1ce18bda..da7fb58e6 100644 --- a/site-config/hca-dcp/ma-prod/config.ts +++ b/site-config/hca-dcp/ma-prod/config.ts @@ -14,7 +14,7 @@ const config = makeConfig( DATA_URL, GIT_HUB_REPO_URL, CATALOG, - getAuthentication() + getAuthentication(DATA_URL) ); // Configure analytics for the prod environment.