Conversation
IS-10806 Update start page with more links
updating previewer runable
Add Apache 2 License file
…ading Improve live reloading in idsvr previewer
improve readme files
…plates CSS fixes for Identity Server templates
…s-once Only run prestart tasks once when using start command from root
A small CSS adjustment on powered by Curity and authenticator buttons…
…ew-page Remove LWA and update repo overview image
IS-10930 updating the Previewer
ssp previewer readme update,adding code
…e-about-bankid-qr-code-display-time IS-10932 Change BankID message about QR Code displayed time
…-and-package-json Remove LWA from readme and package.json
…for-version-5-in-BankID IS-10773 Remove BankID version-5 specific template
…ail-improvements HTML Form authenticator: improve UX when 'username is email'
Commit new lock file
IS-10797 Remove Encap from UI-kit.
…eadme IS-10358 Improve root readme file
IS-10937 adding GitHub Action to build previewer JRE image.
| process.exit(1); | ||
| } | ||
|
|
||
| if (expectedSha256) { |
There was a problem hiding this comment.
If I got it right, resolveAssetSuffix fails if platform/os isn't supported, so if expectedSha256 is not set, it probably means that this script has an error. I suggested failing in that case - or maybe always doing verifySha256 which hopefully fails if the expected hash is empty.
| if (statusCode && statusCode >= 300 && statusCode < 400 && location) { | ||
| if (remainingRedirects === 0) { | ||
| fileStream.close(); | ||
| fs.unlink(destinationPath, () => { |
There was a problem hiding this comment.
This logic with unlink seems a bit complicated. I'd say it would be simpler if the file was created only once outside the download logic and then unlinked if the download promise fails, or closed if the download promise succeeds. I didn't check in detail, though.
|
|
||
| stream.on('error', reject); | ||
| stream.on('data', chunk => hash.update(chunk)); | ||
| stream.on('end', () => { |
There was a problem hiding this comment.
No need to close the stream after end ?
| } | ||
|
|
||
| await extract(nestedZipPath, { dir: targetDir }); | ||
| console.log(`Unzipped nested archive ${nestedZipPath} to ${targetDir}`); |
There was a problem hiding this comment.
Do we want users to see these intermediate steps? (if this is visible to users, not sure)
|
|
||
| request.on('error', err => { | ||
| fileStream.close(); | ||
| fs.unlink(destinationPath, () => reject(err)); |
There was a problem hiding this comment.
Don't we need to fail or log an error here?
| const nestedZipPath = path.join(targetDir, nestedZipFileName); | ||
|
|
||
| if (!fs.existsSync(nestedZipPath)) { | ||
| console.log(`Nested zip not found: ${nestedZipPath}`); |
There was a problem hiding this comment.
I suggest failing everything if this happens. The "nested zip" contains all the jars, without those there's no way to go ahead.
| stream.on('end', () => { | ||
| const digest = hash.digest('hex'); | ||
| if (digest !== normalizedExpected) { | ||
| reject(new Error(`SHA256 mismatch for ${filePath}: expected ${normalizedExpected}, got ${digest}`)); |
There was a problem hiding this comment.
I suggest deleting the downloaded file in this case, since that means the file may contain malicious contents.
| await extract(source, { dir: target }); | ||
| console.log(`Unzipped ${source} to ${target}`); | ||
|
|
||
| await extractNestedZip(target, `ui-kit-runtime-${version}.zip`); |
There was a problem hiding this comment.
Why not claenup here by deleting the unnecessary zip files that were downloaded?
| "scripts": { | ||
| "prestart": "npm run build --workspace @curity/ui-kit-icons --workspace @curity/ui-kit-css-lib --workspace @curity/ui-kit-css --workspace @curity/ui-kit-component-library && npm run unzip-libs --workspace @curity/ui-kit-identity-server", | ||
| "prestart": "npm run build --workspace @curity/ui-kit-icons --workspace @curity/ui-kit-css-lib --workspace @curity/ui-kit-css --workspace @curity/ui-kit-component-library --workspace @curity/ui-kit-identity-server && npm run unzip-libs --workspace @curity/ui-kit-identity-server", | ||
| "start": "SKIP_PRESTART=1 concurrently \"npm run start:identity-server\" \"npm run start:ssp\" \"npm run start:css\" \"npm run start:component-library\" \"open index.html\"", |
There was a problem hiding this comment.
Please ask some AI to make the scripts all runnable also on Windows.
Would be nice if npm was smart enough to do that but apparently it's pretty dumb.
7 participants
No description provided.