Merge pull request #19 from topcoder-platform/develop

Sync with develop

Author: kkartunov

.gitignore

@@ -3,6 +3,9 @@
 /node_modules
 /build
 
+# migration files
+/prisma/Scorecards
+
 # Logs
 logs
 *.log

src/main.ts

@@ -38,7 +38,14 @@ async function bootstrap() {
     credentials: true,
     origin: process.env.CORS_ALLOWED_ORIGIN
       ? new RegExp(process.env.CORS_ALLOWED_ORIGIN)
-      : ['http://localhost:3000', /\.localhost:3000$/],
+      : [
+          'http://localhost:3000',
+          /\.localhost:3000$/,
+          'https://topcoder.com',
+          'https://topcoder-dev.com',
+          /\.topcoder-dev\.com$/,
+          /\.topcoder\.com$/,
+        ],
     methods: 'GET, POST, OPTIONS, PUT, DELETE, PATCH',
   };
   app.use(cors(corsConfig));

src/shared/modules/global/jwt.service.ts

@@ -94,10 +94,12 @@ export class JwtService implements OnModuleInit {
           // Get the signing key from Auth0
           const signingKey = await this.getSigningKey(tokenHeader.kid);
 
+          console.log(`Signing key: ${JSON.stringify(signingKey)}`);
+
           // Verify options
           const verifyOptions: VerifyOptions = {
-            issuer: AuthConfig.jwt.issuer,
-            audience: AuthConfig.jwt.audience,
+            //issuer: AuthConfig.jwt.issuer,
+            //audience: AuthConfig.jwt.audience,
             clockTolerance: AuthConfig.jwt.clockTolerance,
             ignoreExpiration: AuthConfig.jwt.ignoreExpiration,
           };
@@ -117,6 +119,7 @@ export class JwtService implements OnModuleInit {
         throw new UnauthorizedException('Invalid token');
       }
 
+      console.log(`Decoded token: ${JSON.stringify(decodedToken)}`);
       const user: JwtUser = { isMachine: false };
 
       // Check for M2M token from Auth0