0

I am working with appid-serversdk-nodejs and I have the code working and everything works fine, both locally and in the IBM cloud.

But I have to manually switch the APP-URL (localhost:3000 vs .eu-gb.mybluemix.net) I understand that I can do it without providing the passport settings, but how can I have one code base that works for:

  • localdev test
  • instance in ibm cloud
  • production instance in ibm cloud

I am talking about this piece of code:

// The redirectUri value can be supplied in three ways:
// 1. Manually in new WebAppStrategy({redirectUri: "...."})
// 2. As environment variable named redirectUri
// 3. If none of the above was supplied the App ID SDK will try to retrieve
// application_uri of the application running on IBM Cloud and append a
// default suffix "/ibm/bluemix/appid/callback"
passport.use(new WebAppStrategy({
tenantId: "removed",
clientId: "removed",
secret: "removed",
oauthServerUrl: "https://eu-gb.appid.cloud.ibm.com/oauth/v4/REMOVED"
redirectUri: "https://REMOVED.eu-gb.mybluemix.net" + CALLBACK_URL
//redirectUri: "http://localhost:3000" + CALLBACK_URL
}));

Update: I have moved the data to the .env file, but this doesn't solve my question.

tenantId: process.env.APPID_tenantId,
clientId: process.env.APPID_clientId,
secret: process.env.APPID_secret,
oauthServerUrl: process.env.APPID_oauthServerUrl,
redirectUri: process.env.APPID_redirectUri + CALLBACK_URL

Now I have to change the .env file, which leads to a new commit and build. I want to leverage the connection between APP-ID and our Node server in the IBM cloud.

I am getting errors if I don't supply the redirectUri or the entire WebAppStrategy

mpjjonker
  • 917
  • 1
  • 6
  • 28
  • 1
    Do you mean you currently have everything hardcoded? Look at something like .env (dotenv) available for many prog languages. You either read in the local environment or the bindings from your cloud deployment – data_henrik Nov 10 '20 at 16:51
  • @data_henrik, yes to get it to work I have everything hardcoded. I understand the concept of the bindings from my cloud deployment, but I fail to get it to work. I am looking on advice what to remove and what to keep / add. I know how to do this in Java , but in nodejs (react) I have little experience – mpjjonker Nov 12 '20 at 10:08

1 Answers1

1

You are doing the right thing (technically) with process.env.*, there are of course multiple other ways of doing it, but that's another subject (personally I utilize CUPS a lot in these situations, .env leads easily to a situations where you commit the secrets to version control)

I'm sure you have given all the url:s as redirect uri:s at the App ID instance ( which would anyway give quite distinctive error if that was the problem ).

You're not sharing what errors are those, that you are getting, but there are a few things you can check.

a) The olders trick in the book - make some debug outputs on your logic to verify that the values you set as environment variables, are actually present at runtime.

b) As you usually do https in cloud but http locally, you might need to set conditionally cookie: { secure: true } only for the cloud deployment, not locally.

jarkko
  • 76
  • 8
  • Thanks @jarkko. I will share the error messages later, but I am looking for a way to achieve this hint in de sample code: //You're not required to provide this argument if // your node.js application runs on IBM Cloud and is bound to the // App ID service instance. In this case App ID configuration will be obtained // using VCAP_SERVICES environment variable. – mpjjonker Nov 24 '20 at 10:58