m2m implementation with circleci ver 2.

Author: sachin-maheshwari

config/custom-environment-variables.js

@@ -20,4 +20,9 @@ module.exports = {
   TC_SLACK_WEBHOOK_URL: 'TC_SLACK_WEBHOOK_URL',
   SYSTEM_USER_CLIENT_ID: 'SYSTEM_USER_CLIENT_ID',
   SYSTEM_USER_CLIENT_SECRET: 'SYSTEM_USER_CLIENT_SECRET',
+  AUTH0_URL: 'AUTH0_URL',
+  AUTH0_AUDIENCE: 'AUTH0_AUDIENCE',
+  TOKEN_CACHE_TIME: 'TOKEN_CACHE_TIME',
+  AUTH0_CLIENT_ID: 'AUTH0_CLIENT_ID',
+  AUTH0_CLIENT_SECRET: 'AUTH0_CLIENT_SECRET',
 };

config/test.js

@@ -23,4 +23,9 @@ module.exports = {
   },
   TC_SLACK_WEBHOOK_URL: 'http://localhost:3001/slack',
   API_BASE_URL: 'http://localhost:3001',
+  AUTH0_URL: process.env.DEV_AUTH0_URL || '',
+  AUTH0_AUDIENCE: process.env.DEV_AUTH0_AUDIENCE || '',
+  TOKEN_CACHE_TIME: process.env.DEV_TOKEN_CACHE_TIME || 86400000,
+  AUTH0_CLIENT_ID: process.env.DEV_AUTH0_CLIENT_ID,
+  AUTH0_CLIENT_SECRET: process.env.DEV_AUTH0_CLIENT_SECRET,
 };

deploy.sh

@@ -70,6 +70,26 @@ make_task_def(){
 				{
 					"name": "TC_SLACK_WEBHOOK_URL",
 					"value": "%s"
+				},
+				{
+					"name": "AUTH0_URL",
+					"value": "%s"
+				},
+				{
+					"name": "AUTH0_AUDIENCE",
+					"value": "%s"
+				},
+				{
+					"name": "AUTH0_CLIENT_ID",
+					"value": "%s"
+				},
+				{
+					"name": "AUTH0_CLIENT_SECRET",
+					"value": "%s"
+				},
+				{
+					"name": "TOKEN_CACHE_TIME",
+					"value": "%s"
 				}
 			],
 			"logConfiguration": {
@@ -86,13 +106,19 @@ make_task_def(){
 	CAPTURE_LOGS=$(eval "echo \$${ENV}_CAPTURE_LOGS")
 	LOGENTRIES_TOKEN=$(eval "echo \$${ENV}_LOGENTRIES_TOKEN")
 	LOG_LEVEL=$(eval "echo \$${ENV}_LOG_LEVEL")
+	AUTH0_URL=$(eval "echo \$${ENV}_AUTH0_URL")
+	AUTH0_AUDIENCE=$(eval "echo \$${ENV}_AUTH0_AUDIENCE")
+	TOKEN_CACHE_TIME=$(eval "echo \$${ENV}_TOKEN_CACHE_TIME")
+	AUTH0_CLIENT_ID=$(eval "echo \$${ENV}_AUTH0_CLIENT_ID")
+	AUTH0_CLIENT_SECRET=$(eval "echo \$${ENV}_AUTH0_CLIENT_SECRET")
+
 	if [ "$ENV" = "PROD" ]; then
 		NODE_ENV=production
 	elif [ "$ENV" = "DEV" ]; then
 		NODE_ENV=development
 	fi
 
-	task_def=$(printf "$task_template" $ACCOUNT_ID $AWS_REGION $AWS_REPOSITORY $CIRCLE_SHA1 $NODE_ENV $LOG_LEVEL $CAPTURE_LOGS $LOGENTRIES_TOKEN $RABBITMQ_URL $SYSTEM_USER_CLIENT_ID $SYSTEM_USER_CLIENT_SECRET $TC_SLACK_WEBHOOK_URL $AWS_ECS_CLUSTER $AWS_REGION $NODE_ENV)
+	task_def=$(printf "$task_template" $ACCOUNT_ID $AWS_REGION $AWS_REPOSITORY $CIRCLE_SHA1 $NODE_ENV $LOG_LEVEL $CAPTURE_LOGS $LOGENTRIES_TOKEN $RABBITMQ_URL $SYSTEM_USER_CLIENT_ID $SYSTEM_USER_CLIENT_SECRET $TC_SLACK_WEBHOOK_URL "$AUTH0_URL" "$AUTH0_AUDIENCE" $AUTH0_CLIENT_ID "$AUTH0_CLIENT_SECRET" $TOKEN_CACHE_TIME $AWS_ECS_CLUSTER $AWS_REGION $NODE_ENV)
 }
 
 push_ecr_image(){

package.json

@@ -24,7 +24,8 @@
     "config": "^1.24.0",
     "jackrabbit": "^4.3.0",
     "lodash": "^4.16.6",
-    "request": "^2.78.0"
+    "request": "^2.78.0",
+    "tc-core-library-js": "appirio-tech/tc-core-library-js.git#v2.3"
   },
   "devDependencies": {
     "babel-cli": "^6.9.0",

src/handlers/util.js

@@ -11,6 +11,9 @@ const _ = require('lodash');
 const config = require('config');
 const Promise = require('bluebird');
 const request = require('request');
+const tcCoreLibAuth = require('tc-core-library-js').auth;
+
+const M2m = tcCoreLibAuth.m2m(config);
 
 /**
  * Makes a GET request to the API server
@@ -39,17 +42,7 @@ function requestPromise(options, cb = null) {
 }
 
 const getSystemUserToken = Promise.coroutine(function* () {
-  const formData = {
-    clientId: config.get('SYSTEM_USER_CLIENT_ID'),
-    secret: config.get('SYSTEM_USER_CLIENT_SECRET'),
-  };
-  return yield requestPromise(
-    {
-      method: 'POST',
-      url: `${config.get('API_BASE_URL')}/v3/authorizations/`,
-      form: formData,
-    },
-    (data, resolve) => resolve(data.result.content.token));
+  return yield M2m.getMachineToken(config.AUTH0_CLIENT_ID, config.AUTH0_CLIENT_SECRET);
 });
 
 /**