From ff350f526d3ce9ad6e43ee7c5f68f4f7986e9ab1 Mon Sep 17 00:00:00 2001
From: Hugo Wood <hugo.wood@zenika.com>
Date: Thu, 5 Nov 2020 16:14:34 +0100
Subject: [PATCH] =?UTF-8?q?=E2=9A=A1=20change=20authentication=20function?=
 =?UTF-8?q?=20region?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

See https://github.com/Zenika/humeur-du-mois-2018/issues/41#issuecomment-717809968. Also updates firebase-functions.
---
 functions/package-lock.json     | 100 ++++++--------------------------
 functions/package.json          |   2 +-
 functions/src/exchange-token.ts |  72 ++++++++++++-----------
 3 files changed, 58 insertions(+), 116 deletions(-)

diff --git a/functions/package-lock.json b/functions/package-lock.json
index 4c0a9232..46892619 100644
--- a/functions/package-lock.json
+++ b/functions/package-lock.json
@@ -1087,16 +1087,16 @@
       },
       "dependencies": {
         "mime-db": {
-          "version": "1.43.0",
-          "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.43.0.tgz",
-          "integrity": "sha512-+5dsGEEovYbT8UY9yD7eE4XTc4UwJ1jBYlgaQQF38ENsKR3wj/8q8RFZrF9WIZpB2V1ArTVFUva8sAul1NzRzQ=="
+          "version": "1.44.0",
+          "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.44.0.tgz",
+          "integrity": "sha512-/NOTfLrsPBVeH7YtFPgsVWveuL+4SjjYxaQ1xtM1KMFj7HdxlBlxeyNLzhyJVx7r4rZGJAZ/6lkKCitSc/Nmpg=="
         },
         "mime-types": {
-          "version": "2.1.26",
-          "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.26.tgz",
-          "integrity": "sha512-01paPWYgLrkqAyrlDorC1uDwl2p3qZT7yl806vW7DvDoxwXi46jsjFbg+WdwotBIk6/MbEhO/dh5aZ5sNj/dWQ==",
+          "version": "2.1.27",
+          "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.27.tgz",
+          "integrity": "sha512-JIhqnCasI9yD+SsmkquHBxTSEuZdQX5BuQnS2Vc7puQQQ+8yiP5AY5uWhpdv4YL4VM5c6iliiYWPgJ/nJQLp7w==",
           "requires": {
-            "mime-db": "1.43.0"
+            "mime-db": "1.44.0"
           }
         }
       }
@@ -3422,14 +3422,13 @@
       }
     },
     "firebase-functions": {
-      "version": "3.5.0",
-      "resolved": "https://registry.npmjs.org/firebase-functions/-/firebase-functions-3.5.0.tgz",
-      "integrity": "sha512-BnhfsMyhi2eQfKO6RlOKg7bidiIzTrKY+7qF3M02c5yCczUaSQN3TvggqxphaZPOdEdPF2OjoBBK9xO2R2RHeg==",
+      "version": "3.11.0",
+      "resolved": "https://registry.npmjs.org/firebase-functions/-/firebase-functions-3.11.0.tgz",
+      "integrity": "sha512-i1uMhZ/M6i5SCI3ulKo7EWX0/LD+I5o6N+sk0HbOWfzyWfOl0iJTvQkR3BVDcjrlhPVC4xG1bDTLxd+DTkLqaw==",
       "requires": {
-        "@types/express": "^4.17.3",
+        "@types/express": "4.17.3",
         "cors": "^2.8.5",
         "express": "^4.17.1",
-        "jsonwebtoken": "^8.5.1",
         "lodash": "^4.17.14"
       },
       "dependencies": {
@@ -3442,69 +3441,6 @@
             "@types/express-serve-static-core": "*",
             "@types/serve-static": "*"
           }
-        },
-        "cors": {
-          "version": "2.8.5",
-          "resolved": "https://registry.npmjs.org/cors/-/cors-2.8.5.tgz",
-          "integrity": "sha512-KIHbLJqu73RGr/hnbrO9uBeixNGuvSQjul/jdFvS/KFSIH1hWVd1ng7zOHx+YrEfInLG7q4n6GHQ9cDtxv/P6g==",
-          "requires": {
-            "object-assign": "^4",
-            "vary": "^1"
-          }
-        },
-        "ecdsa-sig-formatter": {
-          "version": "1.0.11",
-          "resolved": "https://registry.npmjs.org/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.11.tgz",
-          "integrity": "sha512-nagl3RYrbNv6kQkeJIpt6NJZy8twLB/2vtz6yN9Z4vRKHN4/QZJIEbqohALSgwKdnksuY3k5Addp5lg8sVoVcQ==",
-          "requires": {
-            "safe-buffer": "^5.0.1"
-          }
-        },
-        "jsonwebtoken": {
-          "version": "8.5.1",
-          "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-8.5.1.tgz",
-          "integrity": "sha512-XjwVfRS6jTMsqYs0EsuJ4LGxXV14zQybNd4L2r0UvbVnSF9Af8x7p5MzbJ90Ioz/9TI41/hTCvznF/loiSzn8w==",
-          "requires": {
-            "jws": "^3.2.2",
-            "lodash.includes": "^4.3.0",
-            "lodash.isboolean": "^3.0.3",
-            "lodash.isinteger": "^4.0.4",
-            "lodash.isnumber": "^3.0.3",
-            "lodash.isplainobject": "^4.0.6",
-            "lodash.isstring": "^4.0.1",
-            "lodash.once": "^4.0.0",
-            "ms": "^2.1.1",
-            "semver": "^5.6.0"
-          }
-        },
-        "jwa": {
-          "version": "1.4.1",
-          "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.4.1.tgz",
-          "integrity": "sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA==",
-          "requires": {
-            "buffer-equal-constant-time": "1.0.1",
-            "ecdsa-sig-formatter": "1.0.11",
-            "safe-buffer": "^5.0.1"
-          }
-        },
-        "jws": {
-          "version": "3.2.2",
-          "resolved": "https://registry.npmjs.org/jws/-/jws-3.2.2.tgz",
-          "integrity": "sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==",
-          "requires": {
-            "jwa": "^1.4.1",
-            "safe-buffer": "^5.0.1"
-          }
-        },
-        "ms": {
-          "version": "2.1.2",
-          "resolved": "https://registry.npmjs.org/ms/-/ms-2.1.2.tgz",
-          "integrity": "sha512-sGkPx+VjMtmA6MX27oA4FBFELFCZZ4S4XqeGOXCv68tT+jb3vk/RyaKWP0PTKyWtmLSM0b+adUTEvbs1PEaH2w=="
-        },
-        "semver": {
-          "version": "5.7.1",
-          "resolved": "https://registry.npmjs.org/semver/-/semver-5.7.1.tgz",
-          "integrity": "sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ=="
         }
       }
     },
@@ -8530,16 +8466,16 @@
       },
       "dependencies": {
         "mime-db": {
-          "version": "1.43.0",
-          "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.43.0.tgz",
-          "integrity": "sha512-+5dsGEEovYbT8UY9yD7eE4XTc4UwJ1jBYlgaQQF38ENsKR3wj/8q8RFZrF9WIZpB2V1ArTVFUva8sAul1NzRzQ=="
+          "version": "1.44.0",
+          "resolved": "https://registry.npmjs.org/mime-db/-/mime-db-1.44.0.tgz",
+          "integrity": "sha512-/NOTfLrsPBVeH7YtFPgsVWveuL+4SjjYxaQ1xtM1KMFj7HdxlBlxeyNLzhyJVx7r4rZGJAZ/6lkKCitSc/Nmpg=="
         },
         "mime-types": {
-          "version": "2.1.26",
-          "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.26.tgz",
-          "integrity": "sha512-01paPWYgLrkqAyrlDorC1uDwl2p3qZT7yl806vW7DvDoxwXi46jsjFbg+WdwotBIk6/MbEhO/dh5aZ5sNj/dWQ==",
+          "version": "2.1.27",
+          "resolved": "https://registry.npmjs.org/mime-types/-/mime-types-2.1.27.tgz",
+          "integrity": "sha512-JIhqnCasI9yD+SsmkquHBxTSEuZdQX5BuQnS2Vc7puQQQ+8yiP5AY5uWhpdv4YL4VM5c6iliiYWPgJ/nJQLp7w==",
           "requires": {
-            "mime-db": "1.43.0"
+            "mime-db": "1.44.0"
           }
         }
       }
diff --git a/functions/package.json b/functions/package.json
index 48cd30fa..6bfc33e5 100644
--- a/functions/package.json
+++ b/functions/package.json
@@ -11,7 +11,7 @@
     "auth0": "^2.27.1",
     "cors": "2.8.5",
     "firebase-admin": "8.10.0",
-    "firebase-functions": "3.5.0",
+    "firebase-functions": "3.11.0",
     "mailgun-js": "0.22.0",
     "node-fetch": "2.6.1"
   },
diff --git a/functions/src/exchange-token.ts b/functions/src/exchange-token.ts
index 9eb82dc2..19dc82e3 100644
--- a/functions/src/exchange-token.ts
+++ b/functions/src/exchange-token.ts
@@ -32,39 +32,45 @@ const errorResponse = (message: string) => ({ error: { message } });
  * Cannot use functions.https.onCall here because this function is called
  * before the user is authenticated to Firebase.
  */
-export const exchangeToken = functions.https.onRequest((request, response) => {
-  const { userId, accessToken } = request.body.data as RequestPayload;
-  if (!userId || !accessToken) {
-    response.status(400).send(errorResponse("Missing fields in request body"));
-    return;
-  }
+export const exchangeToken = functions
+  .region("europe-west1")
+  .https.onRequest((request, response) => {
+    const { userId, accessToken } = request.body.data as RequestPayload;
+    if (!userId || !accessToken) {
+      response
+        .status(400)
+        .send(errorResponse("Missing fields in request body"));
+      return;
+    }
 
-  const authenticationClient = new AuthenticationClient({
-    domain: config.auth0.domain,
-    clientId: config.auth0.client_id
-  });
+    const authenticationClient = new AuthenticationClient({
+      domain: config.auth0.domain,
+      clientId: config.auth0.client_id
+    });
 
-  authenticationClient.getProfile(
-    accessToken,
-    async (userInfoErr, user: any) => {
-      if (userInfoErr) {
-        console.error(userInfoErr);
-        response.status(401).send(errorResponse("Unauthorized"));
-        return;
-      } else if (userId !== user.sub) {
-        response
-          .status(401)
-          .send(errorResponse("userId and accessToken do not match"));
-        return;
-      }
-      try {
-        const customToken = await exchangeTokenApp
-          .auth()
-          .createCustomToken(userId, { email: user.email });
-        response.send({ result: { token: customToken } });
-      } catch (err) {
-        response.status(500).send(errorResponse("Error creating custom token"));
+    authenticationClient.getProfile(
+      accessToken,
+      async (userInfoErr, user: any) => {
+        if (userInfoErr) {
+          console.error(userInfoErr);
+          response.status(401).send(errorResponse("Unauthorized"));
+          return;
+        } else if (userId !== user.sub) {
+          response
+            .status(401)
+            .send(errorResponse("userId and accessToken do not match"));
+          return;
+        }
+        try {
+          const customToken = await exchangeTokenApp
+            .auth()
+            .createCustomToken(userId, { email: user.email });
+          response.send({ result: { token: customToken } });
+        } catch (err) {
+          response
+            .status(500)
+            .send(errorResponse("Error creating custom token"));
+        }
       }
-    }
-  );
-});
+    );
+  });