From 18d35b5172f31f7a23a898b471a32257b8379b81 Mon Sep 17 00:00:00 2001
From: Marsell Kukuljevic <marsell_pk@yahoo.com>
Date: Sat, 10 Apr 2021 20:19:23 +0200
Subject: [PATCH] Eliminate /token path from server.js, to match Dragos' env.

---
 bin/server.js | 21 ++++++---------------
 1 file changed, 6 insertions(+), 15 deletions(-)
 mode change 100644 => 100755 bin/server.js

diff --git a/bin/server.js b/bin/server.js
old mode 100644
new mode 100755
index 79c2015..13a9396
--- a/bin/server.js
+++ b/bin/server.js
@@ -21,6 +21,8 @@ let SIGNER = {};
 // from cloudapi to our client caller. Effectively this function is a proxy
 // that solely signs the request as it passes through.
 function proxy(req, res, cb) {
+    console.log('### proxy', req.url)
+
     // return data from cloudapi to the client caller
     function proxyReturn(err, _, res2, data) {
         if (err && !res2) {
@@ -78,9 +80,11 @@ function proxy(req, res, cb) {
 // secure token. Once the user successfully logs in, the token is returned
 // through an SSO redirect to token() below.
 function login(req, res, cb) {
+    console.log('### login');
+
     const query = {
         permissions: '{"cloudapi":["/my/*"]}',
-        returnto: CONFIG.urls.local + '/token',
+        returnto: CONFIG.urls.local,
         now: new Date().toUTCString(),
         keyid: '/' + CONFIG.key.user + '/keys/' + CONFIG.key.id,
         nonce:  mod_crypto.randomBytes(15).toString('base64')
@@ -98,19 +102,7 @@ function login(req, res, cb) {
     const signature = signer.sign(PRIVATE_KEY, 'base64');
     url += '&sig=' + encodeURIComponent(signature);
 
-    res.redirect(url, cb);
-}
-
-
-// Once a user successfully logs in, they are redirected to here. We convert
-// the token that was returned to use as query arg into an X-Auth-Token header
-// that is returned to the client caller. This header must be provided by the
-// client from now on in order to communicate with Cloudapi.
-function token(req, res, cb) {
-    const token = decodeURIComponent(req.query().split('=')[1]);
-    res.header('X-Auth-Token', token);
-    res.send(204);
-    return cb();
+    res.json({ url });
 }
 
 
@@ -169,7 +161,6 @@ function main() {
  
     // route HTTP requests to proper functions
     server.get('/login',  login);
-    server.get('/token',  token);
 
     server.get(/^/,  proxy);
     server.put(/^/,  proxy);