Check trusted apps in Keyrock

config.js.template

@@ -28,8 +28,7 @@ config.app = {
 config.pep = {
 	app_id: '',
 	username: '',
-	password: '',
-	trusted_apps : []
+	password: ''
 }
 
 // in seconds

lib/idm.js

@@ -54,6 +54,8 @@ const IDM = (function() {
 
         let path =  '/user?access_token=' + encodeURIComponent(token)
 
+        path = path + '&app_id=' + config.pep.app_id
+
         if (action && resource) {
             path = path + '&action=' + action
             path = path + '&resource=' + resource
@@ -103,61 +105,41 @@ const IDM = (function() {
 
         proxy.sendData(protocol, options, undefined, undefined, function (status, resp) {
             const userInfo = JSON.parse(resp);
-
-            if (!checkApplication(userInfo.app_id)) {
+            /*if (!checkApplication(userInfo.app_id)) {
                 log.error('User not authorized in application', config.pep.app_id);
                 callbackError(401, 'User not authorized in application', config.pep.app_id);
-            } else {
-                cache[token] = {};
-                cache[token].date = new Date();
-                cache[token].userInfo = userInfo;
-
-                if (config.authorization.enabled) {
-                    if (config.authorization.pdp === 'idm' && userInfo.authorization_decision === "Permit") {
-                        if (!cache[token][action]) {
-                            cache[token][action] = [];
-                            cache[token][action].push(resource);
-                        } else if (cache[token][action] && cache[token][action].indexOf(resource) === -1) {
-                            cache[token][action].push(resource);
-                        }
+            } else {*/
+            cache[token] = {};
+            cache[token].date = new Date();
+            cache[token].userInfo = userInfo;
+
+            if (config.authorization.enabled) {
+                if (config.authorization.pdp === 'idm' && userInfo.authorization_decision === "Permit") {
+                    if (!cache[token][action]) {
+                        cache[token][action] = [];
+                        cache[token][action].push(resource);
+                    } else if (cache[token][action] && cache[token][action].indexOf(resource) === -1) {
+                        cache[token][action].push(resource);
                     }
                 }
-
-                callback(userInfo);
             }
-        }, function (status, e) {
-
-            /*if (status === 401) {
-
-                log.error('Error validating token. Proxy not authorized in keystone. Keystone authentication ...');   
-                authenticate (function (status, resp) {
-
-                    myToken = JSON.parse(resp).access.token.id;
-
-                    log.info('Success authenticating PEP proxy. Proxy Auth-token: ', myToken);
-                    checkToken(token, callback, callbackError);
-
-                }, function (status, e) {
-                    log.error('Error in IDM communication ', e);
-                    callbackError(503, 'Error in IDM communication');
-                });
-            } else {
-                callbackError(status, e);
-            }*/
 
+            callback(userInfo);
+            /*}*/
+        }, function (status, e) {
             log.error('Error in IDM communication ', e);
             callbackError(status, (e) ? JSON.parse(e) : undefined);
         });
     };
 
-    const checkApplication = function (appId) {
+    /*const checkApplication = function (appId) {
         log.debug('Token created in application: ', appId);
         log.debug('PEP Proxy application: ', config.pep.app_id);
         log.debug('PEP Proxy trusted_apps: ', config.pep.trusted_apps);
 
         if (appId === config.pep.app_id || config.pep.trusted_apps.indexOf(appId) !== -1) {return true;}
         return false;
-    }
+    }*/
 
 
     return {