feat: use identifier field to token exchange and call teams verifier in session controller

backend/src/controllers/SessionController.ts

@@ -7,7 +7,7 @@ import { RefreshTokenService } from "../services/AuthServices/RefreshTokenServic
 
 import createOrUpdateOnlineUserService from "../services/UserServices/CreateOrUpdateOnlineUserService";
 import { removeUserFromOlineList } from "../helpers/removeUserFromOnlineList";
-import { TokenExchangeService, verifyTokenFromWebService } from "../services/AuthServices/TokenExchangeService";
+import { TokenExchangeService, verifyTokenFromTeamsService, verifyTokenFromWebService } from "../services/AuthServices/TokenExchangeService";
 
 //  const usersSocket = require("./../libs/socket");
 const usersSocket = require("../libs/socket");
@@ -91,7 +91,7 @@ export const tokenExchange = async (
   const platformIsFromWeb = platform === "web";
   let tokenExchanged = await TokenExchangeService({
     token: token,
-    tokenVerifier: platformIsFromWeb ? verifyTokenFromWebService : verifyTokenFromWebService
+    tokenVerifier: platformIsFromWeb ? verifyTokenFromWebService : verifyTokenFromTeamsService
   })
 
   SendRefreshToken(res, tokenExchanged.refreshToken);

backend/src/services/AuthServices/TokenExchangeService.ts

@@ -41,10 +41,6 @@ export const verifyTokenFromWebService = async (token: string): Promise<TokenVer
 export const verifyTokenFromTeamsService = async (token: string): Promise<TokenVerifierResponse> => {
   const { payload: userPayload } = await verifyTeamsToken(token)
 
-  if (userPayload.aud !== authConfig.hitphone.teams.CLIENT_ID) {
-    throw new AppError("ERR_TOKEN_AUD_INVALID", 401);
-  }
-
   const requiredFields = ["aud", "tid", "oid", "preferred_username"];
   for (const key of requiredFields) {
     if (!userPayload[key]) {
@@ -52,6 +48,10 @@ export const verifyTokenFromTeamsService = async (token: string): Promise<TokenV
     }
   }
 
+  if (userPayload.aud !== authConfig.hitphone.teams.CLIENT_ID) {
+    throw new AppError("ERR_TOKEN_AUD_INVALID", 401);
+  }
+
   const exists = await clientExists(userPayload.tid);
 
   if (!exists) {
@@ -61,9 +61,11 @@ export const verifyTokenFromTeamsService = async (token: string): Promise<TokenV
   return { name: userPayload.preferred_username, email: userPayload.preferred_username, sub: userPayload.sub }
 }
 
+type TokenVerifier = (token: string) => Promise<TokenVerifierResponse>
+
 type TokenExchangeServiceRequest = {
   token: string;
-  tokenVerifier: (token: string) => Promise<TokenVerifierResponse>
+  tokenVerifier: TokenVerifier
 }
 
 export type TokenExchangeServiceResponse = {
@@ -82,7 +84,7 @@ export const TokenExchangeService = async (
     const { email } = await tokenVerifier(token);
 
     const user = await User.findOne({
-      where: { email },
+      where: { identifier: email },
       include: ["queues"]
     });
 

backend/src/services/External/HitphoneServices/ClientExists.ts

@@ -3,7 +3,7 @@ import authConfig from "../../../config/auth";
 import { responseOk } from "./utils/fetch";
 
 export const fetchWithKey: typeof fetch = async (endpoint, options) => {
-  const response = await fetch(authConfig.hitphone.CLIENT_SERVICE_URL + endpoint, {
+  const response = await fetch(authConfig.hitphone.CLIENT_SERVICE_URL + '/api/' + endpoint, {
     ...options,
     headers: {
       ...options?.headers,