From 94ee4c76a97902259d8face3a19f745dcedf7742 Mon Sep 17 00:00:00 2001
From: "argiro.kokogiannaki"
 <argiro.kokogiannaki@d315682c-612b-4755-9ff5-7f18f6832af3>
Date: Thu, 14 Nov 2019 10:12:48 +0000
Subject: [PATCH] [connect | Trunk]

Server.ts: add x-frames headers to sameorigin, but allow for specific domains

piwikHelper: add community pids




git-svn-id: https://svn.driver.research-infrastructures.eu/driver/dnet40/modules/uoa-connect-portal/trunk@57604 d315682c-612b-4755-9ff5-7f18f6832af3
---
 server.ts                      | 16 ++++++++++++++++
 src/app/app.component.ts       |  1 -
 src/app/utils/piwikHelper.ts   |  8 ++++++--
 src/assets/env-properties.json |  4 ++--
 4 files changed, 24 insertions(+), 5 deletions(-)

diff --git a/server.ts b/server.ts
index 505d3d6..9ef529b 100644
--- a/server.ts
+++ b/server.ts
@@ -27,6 +27,7 @@ import {ngExpressEngine, RenderOptions} from '@nguniversal/express-engine';
 // Import module map for lazy loading
 import { provideModuleMap } from '@nguniversal/module-map-ngfactory-loader';
 import {REQUEST, RESPONSE} from "@nguniversal/express-engine/tokens";
+import {isArray} from "util";
 
 // Our Universal express-engine (found @ https://github.com/angular/universal/tree/master/modules/express-engine)
 // app.engine('html', ngExpressEngine({
@@ -63,6 +64,21 @@ app.engine('html', (_, options: any, callback) => {
 
 app.set('view engine', 'html');
 app.set('views', join(DIST_FOLDER, 'browser'));
+// Allow frames from specific domains
+app.use(function (req, res, next) {
+  var XFRAME_WHITELIST = [ 'http://scoobydoo.di.uoa.gr/frames.html', 'http://scoobydoo.di.uoa.gr:5000/customize-layout', 'https://beta.admin.connect.openaire.eu/customize-layout','https://admin.connect.openaire.eu/customize-layout'  ];
+  let referer:string;
+  if(req.headers.referer){
+    referer = isArray(req.headers.referer)?req.headers.referer[0]:req.headers.referer;
+    referer = referer.split("?")[0];
+  }
+  if (  referer &&  XFRAME_WHITELIST.indexOf(referer) != -1 ) {
+    // res.header('X-FRAME-OPTIONS', 'allow from ' +req.headers.referer);
+  }else {
+    res.header('X-FRAME-OPTIONS', 'SAMEORIGIN');
+  }
+  next();
+});
 
 /* - Example Express Rest API endpoints -
   app.get('/api/**', (req, res) => { });
diff --git a/src/app/app.component.ts b/src/app/app.component.ts
index 153b97b..6df0129 100644
--- a/src/app/app.component.ts
+++ b/src/app/app.component.ts
@@ -98,7 +98,6 @@ export class AppComponent {
           this.user = user;
           this.init();
         });
-        this.init();
       }, error => {
         console.log("App couldn't fetch properties");
         console.log(error);
diff --git a/src/app/utils/piwikHelper.ts b/src/app/utils/piwikHelper.ts
index 390c493..b3424e5 100644
--- a/src/app/utils/piwikHelper.ts
+++ b/src/app/utils/piwikHelper.ts
@@ -13,7 +13,9 @@ export class PiwikHelper{
     "rda":90,
     "aginfra":93,
     "clarin":100,
-    "dariah":103
+    "dariah":103,
+    "epos": 217,
+    "beopen": 218
   };
   public static siteIDsProduction={
     "connect": 112,
@@ -29,7 +31,9 @@ export class PiwikHelper{
     "rda":'',
     "aginfra":'',
     "clarin":'',
-    "dariah":''
+    "dariah":'',
+    "epos": null,
+    "beopen" :null
   };
   public static getSiteId(communityId:string, environment:string){
     if(environment == 'production'){
diff --git a/src/assets/env-properties.json b/src/assets/env-properties.json
index 00a645b..5576b25 100644
--- a/src/assets/env-properties.json
+++ b/src/assets/env-properties.json
@@ -38,9 +38,9 @@
 
   "piwikBaseUrl" :"https://analytics.openaire.eu/piwik.php?idsite=",
   "piwikSiteId" : "80",
-  "loginUrl" :"http://rudie.di.uoa.gr:8080/dnet-login/openid_connect_login",
+  "loginUrl" :"http://scoobydoo.di.uoa.gr:8080/dnet-openaire-users-1.0.0-SNAPSHOT/openid_connect_login",
 
-  "userInfoUrl" : "http://rudie.di.uoa.gr:8080/dnet-openaire-users-1.0.0-SNAPSHOT/api/users/getUserInfo?accessToken=",
+  "userInfoUrl" : "http://scoobydoo.di.uoa.gr:8080/dnet-openaire-users-1.0.0-SNAPSHOT/api/users/getUserInfo?accessToken=",
 
   "logoutUrl" :"https://aai.openaire.eu/proxy/saml2/idp/SingleLogoutService.php?ReturnTo=",