add consent expiry checking

Author: nemozak1

server/controllers/OpeyIIController.ts

@@ -310,7 +310,7 @@ export class OpeyController {
               // If we have a consent id, we can get the consent from OBP
               const consent = await this.obpConsentsService.getConsentByConsentId(session, consentId)
 
-              return response.status(200).json({consent_id: consent.consent_id});
+              return response.status(200).json({consent_id: consent.consent_id, jwt: consent.jwt});
           } else {
               console.log("No existing consent ID found")
           }
@@ -322,7 +322,7 @@ export class OpeyController {
 
           const authConfig = session['opeyConfig']['authConfig']
 
-          return response.status(200).json({consent_id: authConfig?.obpConsent.consent_id});
+          return response.status(200).json({consent_id: authConfig?.obpConsent.consent_id, jwt: authConfig?.obpConsent.jwt});
 
         } catch (error) {
           console.error("Error in consent endpoint: ", error);

server/services/OBPConsentsService.ts

@@ -165,6 +165,15 @@ export default class OBPConsentsService {
         }
     }
 
+    async checkConsentExpired(consent: any): Promise<boolean> { //DEBUG
+        // Check if the consent is expired
+        // Decode the JWT and check the exp field
+        
+        const exp = consent.jwt_payload.exp
+        const now = Math.floor(Date.now() / 1000)
+        return exp < now
+    }
+
     async getExistingOpeyConsentId(session: Session): Promise<any> {
         // Get Consents for the current user, check if any of them are for Opey
         // If so, return the consent
@@ -186,8 +195,10 @@ export default class OBPConsentsService {
             throw new Error('User is not logged in')
         }
 
-
-        const consentInfosPath = '/obp/v5.1.0/my/consent-infos'
+        // We need to change this back to consent infos once OBP shows 'EXPIRED' in the status
+        // Right now we have to check the JWT ourselves
+        const consentInfosPath = '/obp/v5.1.0/my/consents'
+        //const consentInfosPath = '/obp/v5.1.0/my/consent-infos'
 
         let opeyConsentId: string | null = null
         try {
@@ -199,11 +210,15 @@ export default class OBPConsentsService {
                 throw new Error('Opey Consumer ID is missing, please set VITE_OPEY_CONSUMER_ID')
             }
 
-            console.log('consents data: \n', response.data) //DEBUG
-
             for (const consent of consents) {
                 console.log(`consent_consumer_id: ${consent.consumer_id}, opey_consumer_id: ${opeyConsumerID}\n consent_status: ${consent.status}`) //DEBUG
                 if (consent.consumer_id === opeyConsumerID && consent.status === 'ACCEPTED') {
+                    // Check if the consent is expired
+                    const isExpired = await this.checkConsentExpired(consent)
+                    if (isExpired) {
+                        console.log('getExistingConsent: Consent is expired')
+                        continue
+                    }
                     opeyConsentId = consent.consent_id
                     break
                 }

src/stores/chat.ts

@@ -152,14 +152,34 @@ export const useChat = defineStore('chat', {
 
             if (consentResponse) {
                 const consentId = consentResponse.consent_id
-                if (consentId) {
-                    this.userIsAuthenticated = true
-                } else {
-                    throw new Error('Failed to grant consent. Please try again.')
-                }
+                
             } else {
                 throw new Error('Failed to grant consent. Please try again.')
             }
+
+            const consentJwt = consentResponse.jwt
+
+            const opeyBaseUri = import.meta.env.VITE_CHATBOT_URL
+            // Get a session from opey
+            try {
+                const sessionResponse = await fetch(`${opeyBaseUri}/create-session`, {
+                    method: 'POST',
+                    credentials: 'include',
+                    headers: {
+                        'Content-Type': 'application/json',
+                        'Consent-JWT': consentJwt
+                    },
+                })
+
+                if (!sessionResponse.ok) {
+                    throw new Error(`Failed to create session: ${sessionResponse.statusText}`);
+                } else if (sessionResponse.status === 200) {
+                    this.userIsAuthenticated = true
+                }
+
+            } catch (error) {
+                console.error('Error creating session:', error);
+            }
         },
 
         async stream(input: ChatStreamInput): Promise<void> {
@@ -181,11 +201,12 @@ export const useChat = defineStore('chat', {
             this.addMessage(this.currentAssistantMessage)
 
             // Set the status to 'loading' before we fetch the stream
-
+            const opeyBaseUri = import.meta.env.VITE_CHATBOT_URL
             // Handle stream
             try {
-                const response = await fetch('/api/opey/stream', {
+                const response = await fetch(`${opeyBaseUri}/stream`, {
                     method: 'POST',
+                    credentials: 'include',
                     headers: {
                         'Content-Type': 'application/json'
                     },