Adjust config and JWT endpoint for 55 (#30)

Co-authored-by: sanex3339 <sanex3339@yandex.ru>

Author: oisincoveney

.env.example

@@ -1,7 +1,6 @@
 # FRONTEND
 CLIENT_PORT=3100
 VITE_METABASE_INSTANCE_URL="http://localhost:3000"
-VITE_AUTH_PROVIDER_URI="http://localhost:9090/sso/metabase"
 
 # BACKEND
 AUTH_PROVIDER_PORT=9090

client/Dockerfile

@@ -6,9 +6,6 @@ ENV WATCH=${WATCH}
 ARG VITE_METABASE_INSTANCE_URL
 ENV VITE_METABASE_INSTANCE_URL=${VITE_METABASE_INSTANCE_URL}
 
-ARG VITE_AUTH_PROVIDER_URI
-ENV VITE_AUTH_PROVIDER_URI=${VITE_AUTH_PROVIDER_URI}
-
 WORKDIR /app
 
 COPY ./client ./client

client/package-lock.json

@@ -11,7 +11,7 @@
     "lint": "eslint ."
   },
   "dependencies": {
-    "@metabase/embedding-sdk-react": "^0.54.11",
+    "@metabase/embedding-sdk-react": "^0.55.2-nightly",
     "react": "^18.3.1",
     "react-dom": "^18.3.1"
   },

client/package.json

@@ -10,7 +10,6 @@ import {
 // Configuration
 const config = defineMetabaseAuthConfig({
   metabaseInstanceUrl: import.meta.env.VITE_METABASE_INSTANCE_URL,
-  authProviderUri: import.meta.env.VITE_AUTH_PROVIDER_URI,
 });
 
 const questionId = 24;

client/src/App.jsx

@@ -11,6 +11,7 @@ services:
       MB_JWT_SHARED_SECRET: "${METABASE_JWT_SHARED_SECRET}"
       MB_SETUP_TOKEN: "${PREMIUM_EMBEDDING_TOKEN}"
       MB_PREMIUM_EMBEDDING_TOKEN: "${PREMIUM_EMBEDDING_TOKEN}"
+      MB_JWT_IDENTITY_PROVIDER_URI: "http://localhost:${AUTH_PROVIDER_PORT}/sso/metabase"
     healthcheck:
       test: curl --fail -X GET -I "http://localhost:${MB_PORT}/api/health" || exit 1
       interval: 15s
@@ -30,12 +31,10 @@ services:
       dockerfile: ./client/Dockerfile
       args:
         VITE_METABASE_INSTANCE_URL: "http://localhost:${MB_PORT}"
-        VITE_AUTH_PROVIDER_URI: "http://localhost:${AUTH_PROVIDER_PORT}/sso/metabase"
-        WATCH: '${WATCH}'
+        WATCH: "${WATCH}"
     environment:
       CLIENT_PORT: "${CLIENT_PORT}"
       VITE_METABASE_INSTANCE_URL: "http://localhost:${MB_PORT}"
-      VITE_AUTH_PROVIDER_URI: "http://localhost:${AUTH_PROVIDER_PORT}/sso/metabase"
     ports:
       - "${CLIENT_PORT}:${CLIENT_PORT}"
     volumes:

docker-compose.yml

@@ -1,4 +1,4 @@
-FROM metabase/metabase-enterprise:v1.54.x
+FROM metabase/metabase-enterprise:v1.55.x
 
 COPY ./metabase /app/
 COPY ./local-dist /app/local-dist

metabase/Dockerfile

@@ -1,21 +1,20 @@
-const express = require('express');
+const express = require("express");
 const app = express();
-const dotenv = require('dotenv').config({ path: '../.env' });
-const cors = require('cors');
+const dotenv = require("dotenv").config({ path: "../.env" });
+const cors = require("cors");
 const jwt = require("jsonwebtoken");
 
-app.get('/', (req, res) => {
-  res.send('Hello from our server!')
-})
+app.get("/", (req, res) => {
+  res.send("Hello from our server!");
+});
 
-const AUTH_PROVIDER_PORT = process.env.AUTH_PROVIDER_PORT
-const METABASE_INSTANCE_URL = process.env.METABASE_INSTANCE_URL
-const METABASE_JWT_SHARED_SECRET = process.env.METABASE_JWT_SHARED_SECRET
+const AUTH_PROVIDER_PORT = process.env.AUTH_PROVIDER_PORT;
+const METABASE_INSTANCE_URL = process.env.METABASE_INSTANCE_URL;
+const METABASE_JWT_SHARED_SECRET = process.env.METABASE_JWT_SHARED_SECRET;
 
-app.use(cors({ credentials: true, origin:true })); //https://stackoverflow.com/a/66437447
+app.use(cors({ credentials: true, origin: true })); //https://stackoverflow.com/a/66437447
 
 app.get("/sso/metabase", async (req, res) => {
-
   // Usually, you would grab the user from the current session
   // Here it is hardcoded for demonstration purposes
   // Example:
@@ -24,15 +23,15 @@ app.get("/sso/metabase", async (req, res) => {
     email: "rene@example.com",
     firstName: "Rene",
     lastName: "Descartes",
-    group: "Customer"
-  }
+    group: "Customer",
+  };
 
   if (!user) {
     console.log("no user");
     return res.status(401).json({
-      status: 'error',
-      message: 'not authenticated',
-    })
+      status: "error",
+      message: "not authenticated",
+    });
   }
 
   const token = jwt.sign(
@@ -44,28 +43,36 @@ app.get("/sso/metabase", async (req, res) => {
       exp: Math.round(Date.now() / 1000) + 60 * 10, // 10 minutes expiration
     },
     // This is the JWT signing secret in your Metabase JWT authentication setting
-    METABASE_JWT_SHARED_SECRET
-  )
-  const ssoUrl = `${METABASE_INSTANCE_URL}/auth/sso?token=true&jwt=${token}`
-  console.log('Hitting MB SSO endpoint', ssoUrl);
+    METABASE_JWT_SHARED_SECRET,
+  );
+
+  if (req.query.response === "json") {
+    return res
+      .status(200)
+      .set("Content-Type", "application/json")
+      .send({ jwt: token });
+  }
+
+  const ssoUrl = `${METABASE_INSTANCE_URL}/auth/sso?token=true&jwt=${token}`;
+  console.log("Hitting MB SSO endpoint", ssoUrl);
 
   try {
-    const response = await fetch(ssoUrl, { method: 'GET' })
-    const session = await response.text()
+    const response = await fetch(ssoUrl, { method: "GET" });
+    const session = await response.text();
 
-    console.log("Received session", session)
-    return res.status(200).set("Content-Type", "application/json").end(session)
+    console.log("Received session", session);
+    return res.status(200).set("Content-Type", "application/json").end(session);
   } catch (error) {
     if (error instanceof Error) {
       res.status(401).json({
-        status: 'error',
-        message: 'authentication failed',
+        status: "error",
+        message: "authentication failed",
         error: error.message,
-      })
+      });
     }
   }
-})
+});
 
 app.listen(AUTH_PROVIDER_PORT, () => {
-  console.log(`server listening on port ${AUTH_PROVIDER_PORT}`)
-})
+  console.log(`server listening on port ${AUTH_PROVIDER_PORT}`);
+});