Removed JWT tokens logic

EstoesMoises · EstoesMoises · commit 9a8c3fd0fbf4 · 2025-03-24T08:41:31.000Z
diff --git a/plugins/stack-overflow-teams-backend/README.md b/plugins/stack-overflow-teams-backend/README.md
@@ -13,7 +13,7 @@ The **Stack Overflow for Teams Backend plugin** is responsible for:
   - `/questions`
   - Posting new questions via `/questions`
 - **Managing OAuth authentication flow** to securely access Stack Overflow private instances via ``createStackOverflowAuth``
-- **Encrypts** the Stack Overflow Token before sending it as an http-only cookie to the frontend.
+- **HTTP-only cookie** the Stack Overflow Token is set as a secure http-only cookie to the frontend with 24 hours expiration.
 
 ## OAuth Authentication Flow
 
@@ -33,8 +33,7 @@ The backend is the only component that directly utilizes the **encrypted Stack O
 - Retrieves the stored **Code Verifier** and **State**.
 - Validates that the received **state** matches the one from Stack Overflow's query string parameter.
 - The backend requests an **Access Token** using the stored **Code Verifier**.
-- Backend **encrypts the token**, using the JWT secret stored in memory.
-- Stores the **encrypted Stack Overflow Access Token** in a **secure, HTTP-only cookie**.
+- Stores the **Stack Overflow Access Token** in a **secure, HTTP-only cookie**.
 
 ## Installation
 
diff --git a/plugins/stack-overflow-teams-backend/package.json b/plugins/stack-overflow-teams-backend/package.json
@@ -1,6 +1,6 @@
 {
   "name": "backstage-plugin-stack-overflow-teams-backend",
-  "version": "1.0.3",
+  "version": "1.0.4",
   "main": "src/index.ts",
   "types": "src/index.ts",
   "license": "Apache-2.0",
diff --git a/plugins/stack-overflow-teams-backend/src/plugin.ts b/plugins/stack-overflow-teams-backend/src/plugin.ts
@@ -2,7 +2,6 @@ import {
   coreServices,
   createBackendPlugin,
 } from '@backstage/backend-plugin-api';
-import { randomBytes } from 'crypto'
 import { createRouter } from './router';
 import { createStackOverflowService } from './services/StackOverflowService';
 import { StackOverflowConfig } from './services/StackOverflowService';
@@ -13,8 +12,6 @@ import { StackOverflowConfig } from './services/StackOverflowService';
  * @public
  */
 
-const JWT_SECRET = randomBytes(64).toString('hex')
-
 export const stackOverflowTeamsPlugin = createBackendPlugin({
   pluginId: 'stack-overflow-teams',
   register(env) {
@@ -41,8 +38,7 @@ export const stackOverflowTeamsPlugin = createBackendPlugin({
           await createRouter({
             stackOverflowConfig,
             logger,
-            stackOverflowService,
-            jwtSecret: JWT_SECRET
+            stackOverflowService
           }),
         );
       },
diff --git a/plugins/stack-overflow-teams-backend/src/router.ts b/plugins/stack-overflow-teams-backend/src/router.ts
@@ -6,18 +6,15 @@ import {
   StackOverflowConfig,
 } from './services/StackOverflowService/types';
 import { createStackOverflowAuth } from './api';
-import { decryptToken, encryptToken } from './utils';
 
 export async function createRouter({
   logger,
   stackOverflowConfig,
   stackOverflowService,
-  jwtSecret,
 }: {
   logger: LoggerService;
   stackOverflowConfig: StackOverflowConfig;
   stackOverflowService: StackOverflowAPI;
-  jwtSecret: string;
 }): Promise<express.Router> {
   const router = Router();
   const authService = createStackOverflowAuth(stackOverflowConfig, logger);
@@ -42,7 +39,7 @@ export async function createRouter({
     const cookiesToken = cookies['stackoverflow-access-token'];
 
     try {
-      const authToken = decryptToken(cookiesToken, jwtSecret);
+      const authToken = cookiesToken
       if (!authToken) {
         res.clearCookie('stackoverflow-access-token');
         return null;
@@ -94,12 +91,11 @@ export async function createRouter({
         codeVerifier,
       );
 
-      const encryptedToken = encryptToken(accessToken, jwtSecret);
       // The cookie's max age is linked to the Token's expiration, the default expiration is 24 hours.
       return res
         .clearCookie('socodeverifier')
         .clearCookie('state')
-        .cookie('stackoverflow-access-token', encryptedToken, {
+        .cookie('stackoverflow-access-token', accessToken, {
           httpOnly: true,
           secure: process.env.NODE_ENV === 'production',
           sameSite: 'strict',
@@ -227,7 +223,6 @@ export async function createRouter({
       const tags = await stackOverflowService.getTags(authToken);
       return res.send(tags);
     } catch (error: any) {
-      // Fix type issue when including the error for some reason
       logger.error('Error fetching tags', { error });
       return res.status(500).send({
         error: `Failed to fetch tags from the Stack Overflow instance`,
@@ -246,7 +241,6 @@ export async function createRouter({
       const users = await stackOverflowService.getUsers(authToken);
       return res.send(users);
     } catch (error: any) {
-      // Fix type issue when including the error for some reason
       logger.error('Error fetching users', { error });
       return res.status(500).send({
         error: `Failed to fetch users from the Stack Overflow instance`,
diff --git a/plugins/stack-overflow-teams-backend/src/utils/index.ts b/plugins/stack-overflow-teams-backend/src/utils/index.ts
diff --git a/plugins/stack-overflow-teams-backend/src/utils/jwtUtils.ts b/plugins/stack-overflow-teams-backend/src/utils/jwtUtils.ts

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "backstage-plugin-stack-overflow-teams-backend",`
`3`		`- "version": "1.0.3",`
	`3`	`+ "version": "1.0.4",`
`4`	`4`	`"main": "src/index.ts",`
`5`	`5`	`"types": "src/index.ts",`
`6`	`6`	`"license": "Apache-2.0",`