Merge pull request #25 from GoogleChromeLabs/fedcm-passive-remove-local-idp

FedCM passive mode: add the local IdP only if developing in local env

Author: ewewraw

src/client/helpers/federated.ts

@@ -87,3 +87,10 @@ export async function saveFederation(
 export async function getAllIdentityProviders(): Promise<any> {
   return get('/federation/mappings');
 }
+
+/**
+ * Returns a list of IdP URLs based on the environment.
+ */
+export async function getIdpUrls(): Promise<string[]> {
+  return get('/federation/idp-list');
+}

src/client/pages/fedcm-passive-mode.ts

@@ -23,6 +23,7 @@ import {
   toast,
 } from '~project-sesame/client/helpers/index';
 import {SesameIdP} from '~project-sesame/client/helpers/identity';
+import { getIdpUrls } from '../helpers/federated';
 
 postForm(
   async () => {
@@ -37,11 +38,8 @@ postForm(
 if ('IdentityCredential' in window) {
   $('#unsupported').classList.add('hidden');
   try {
-    const idp = new SesameIdP([
-      'https://sesame-identity-provider.appspot.com',
-      'https://accounts.google.com',
-      'https://sesame-identity-provider.local'
-    ]);
+    const idpURLs = await getIdpUrls();
+    const idp = new SesameIdP(idpURLs);
     const nonce = await idp.initialize();
     await idp.signIn({mode: 'passive', mediation: 'required', nonce});
     await redirect('/home');

src/server/middlewares/federation.ts

@@ -290,4 +290,25 @@ router.post(
   }
 );
 
+/**
+ * Returns a list of IdP URLs based on the environment.
+ */
+router.get(
+  '/idp-list',
+  apiAclCheck(ApiType.NoAuth),
+  (req: Request, res: Response) => {
+    const idpUrls = [
+      'https://sesame-identity-provider.appspot.com',
+      'https://accounts.google.com',
+    ];
+
+    if (config.is_localhost) {
+      // TODO: Ideally, let's wrap it in one place to reuse elsewhere
+      idpUrls.push("https://sesame-identity-provider.local");
+    }
+
+    return res.json(idpUrls);
+  }
+);
+
 export {router as federation};