Merge pull request #106 from IABTechLab/llp-UID2-3760-ssl-dev-experience

Create a dev testing site to make it easier to test various cross-domain and CSTG scenarios.

Author: lionell-pack-ttd

.gitignore

@@ -1,3 +1,4 @@
 node_modules
 dist
-lib
+lib
+ca

createCA.ts

@@ -0,0 +1,60 @@
+import { createCA, createCert } from 'mkcert';
+import { devDomains } from './localtest/siteDetails';
+import fs from 'node:fs/promises';
+
+const domains = devDomains;
+
+const caFolder = './ca/';
+const caFile = `${caFolder}ca.crt`;
+const caKey = `${caFolder}ca.key`;
+const certFile = `${caFolder}cert.crt`;
+const certKey = `${caFolder}cert.key`;
+
+const overwriteFileOptions = {
+  flag: 'w',
+};
+const failIfExistsFileOptions = {
+  flag: 'wx',
+};
+
+const fileExists = async (path) => !!(await fs.stat(path).catch((e) => false));
+const getOrCreateCA = async () => {
+  if (await fileExists(caFile)) {
+    console.log('Found existing CA, loading...');
+    return {
+      cert: await fs.readFile(caFile, { encoding: 'utf8' }),
+      key: await fs.readFile(caKey, { encoding: 'utf8' }),
+    };
+  } else {
+    console.log('Creating new CA...');
+    const ca = await createCA({
+      organization: 'UID2 local dev CA',
+      countryCode: 'AU',
+      state: 'NSW',
+      locality: 'Sydney',
+      validity: 3650,
+    });
+    await fs.mkdir(caFolder, { recursive: true });
+    await fs.writeFile(caFile, ca.cert, failIfExistsFileOptions);
+    await fs.writeFile(caKey, ca.key, failIfExistsFileOptions);
+    return ca;
+  }
+};
+
+async function createCerts() {
+  const ca = await getOrCreateCA();
+  console.log(`Creating a certificate for ${domains.join(', ')}`);
+  const cert = await createCert({
+    ca: { key: ca.key, cert: ca.cert },
+    domains,
+    validity: 3650,
+  });
+  console.log('Certificate created.');
+
+  await fs.writeFile(certFile, `${cert.cert}${ca.cert}`, overwriteFileOptions);
+  await fs.writeFile(certKey, cert.key, overwriteFileOptions);
+
+  console.log('Certificate saved.');
+}
+
+createCerts();

localtest/auth/auth.html

@@ -0,0 +1,13 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <title>UID2 local dev setup: Auth/login</title>
+    <%~ include("shared/googleFontTags.html") %> <%~ include("shared/uid2SdkTag.html") %>
+    <link href="../style.scss" rel="stylesheet" />
+    <link href="./auth.scss" rel="stylesheet" />
+    <script src="./auth.tsx" defer="defer"></script>
+  </head>
+  <body>
+    <div id="app"></div>
+  </body>
+</html>

localtest/auth/auth.scss

@@ -0,0 +1,31 @@
+.content {
+  background-color: aliceblue;
+  margin: 0 50px;
+  form {
+    width: auto;
+    display: flex;
+    flex-direction: column;
+    span {
+      margin: 0 20px 0 0;
+    }
+    div {
+      display: flex;
+      input {
+        flex-grow: 1;
+      }
+    }
+    button {
+      margin: 20px auto 0 auto;
+    }
+  }
+
+  .logged-in {
+    div {
+      display: flex;
+      gap: 20px;
+    }
+    .token {
+      word-break: break-all;
+    }
+  }
+}

localtest/auth/auth.tsx

@@ -0,0 +1,78 @@
+import { createApp } from '../shared/createApp';
+import { Layout } from '../shared/layout';
+import { setUid2Identity, useUid2Identity } from '../shared/uid2Identity';
+import type { Identity } from '../../src/exports';
+import { FormEventHandler, useState } from 'react';
+import { getEmailCookie, setEmailCookie } from '../shared/user';
+import { initUid2Sdk } from '../shared/uid2Helper';
+import { devSiteMap } from '../siteDetails';
+
+initUid2Sdk();
+const mainSiteUrl = devSiteMap.www.url;
+
+type LoggedInProps = Readonly<{ identity: Identity; email?: string }>;
+function LoggedIn({ identity, email }: LoggedInProps) {
+  return (
+    <div className='logged-in'>
+      <div>
+        <span>Email</span>
+        <span>
+          {!!email && email}
+          {!email && '<Not logged in>'}
+        </span>
+      </div>
+      <div>
+        <span>Token</span>
+        <span className='token'>{identity.advertising_token}</span>
+      </div>
+      <div>
+        <span>
+          <a href={mainSiteUrl}>Back to the main site</a>
+        </span>
+      </div>
+    </div>
+  );
+}
+
+type LoginFormProps = Readonly<{
+  setEmail: (email: string) => void;
+}>;
+function LoginForm({ setEmail }: LoginFormProps) {
+  const handleSubmit: FormEventHandler<HTMLFormElement> = async (e) => {
+    e.preventDefault();
+    const email = (e.currentTarget.elements as any).email.value;
+    if (email) {
+      console.log(`Sending CSTG request for ${email}...`);
+      await setUid2Identity(email);
+      console.log(`CSTG request for ${email} complete`);
+      setEmailCookie(email);
+      setEmail(email);
+    }
+  };
+  return (
+    <form onSubmit={handleSubmit}>
+      <div>
+        <span>Email</span>
+        <input type='text' id='email' />
+      </div>
+      <button type='submit'>Log in</button>
+    </form>
+  );
+}
+
+function Auth() {
+  const [email, setEmail] = useState(getEmailCookie());
+  const identity = useUid2Identity();
+  return (
+    <>
+      {!!identity && <LoggedIn identity={identity} email={email} />}
+      {!identity && <LoginForm setEmail={setEmail} />}
+    </>
+  );
+}
+
+createApp(
+  <Layout siteName='auth'>
+    <Auth />
+  </Layout>
+);

localtest/auth/logout.html

@@ -0,0 +1,12 @@
+<!DOCTYPE html>
+<html lang="en">
+  <head>
+    <title>UID2 local dev setup: Auth/logout</title>
+    <%~ include("shared/googleFontTags.html") %> <%~ include("shared/uid2SdkTag.html") %>
+    <link href="../style.scss" rel="stylesheet" />
+    <script src="./logout.ts"></script>
+  </head>
+  <body>
+    <div id="app"></div>
+  </body>
+</html>

localtest/auth/logout.ts

@@ -0,0 +1,14 @@
+import { UID2 } from '../../src/uid2Sdk';
+import { initUid2Sdk } from '../shared/uid2Helper';
+import { setEmailCookie } from '../shared/user';
+import { devSiteMap } from '../siteDetails';
+
+const mainSiteUrl = devSiteMap.www.url;
+
+initUid2Sdk((event) => {
+  if (event === 'InitCompleted') {
+    setEmailCookie('');
+    (window.__uid2 as UID2).disconnect();
+    window.location.replace(mainSiteUrl);
+  }
+});

localtest/configuration.md

@@ -0,0 +1,13 @@
+# Configuration
+
+## Changing the port
+
+This site runs on port 443 by default to give the most realistic setup possible. You can change this by updating the port in `./siteDetails.js`.
+
+## Stop the `localtest` npm task from opening a browser tab
+
+If you restart the server regularly but keep the tab open, you might not want the npm task to open the tab for you. To do this, comment out the `open` entry in `server.ts` - i.e. the following line:
+
+```
+open: devSiteMap['www'].url,
+```

localtest/overview.md

@@ -0,0 +1,64 @@
+# Overview
+
+Running the npm task `localtest` (`npm run localtest`) will start the server running on port 443. This is the default SSL port and you mustn't have anything else running on it. You can change this - see [configuration.md](./configuration.md).
+
+You can access the site from any of the domains listed in `./siteDetails.js`. For example, you can visit `https://www.uid2-local-dev-setup.com/`. All files built for any domain are available on all domains, however each domain will get a different default index file when you visit the URL with no path.
+
+## Folder layout
+
+### `./static/`
+
+All files in here are served as-is with no build pipeline. E.g. `thirdparty-script.js` is available on all domains - both of these URLs work fine:
+https://www.unrelated-third-party-test.com/thirdparty-script.js
+https://www.uid2-local-dev-setup.com/thirdparty-script.js
+
+### `./shared/`
+
+By convention, files imported to multiple sites go here. They are only used by the build process and aren't directly available via a URL.
+
+### Other folders (e.g. `./www/`, `./auth/`)
+
+Each of the folders defined in `./siteDetails.js` is a site (the site `name` property matches the folder). Given this entry in `siteDetails`:
+
+```
+  {
+    name: 'www',
+    domain: 'www.uid2-local-dev-setup.com',
+  },
+```
+
+Based on the name, it will look in `./www/` for files. A HTML file with the same name as the folder (in this case, `./www/www.html`) is the default index page for that domain.
+
+While you can access any file using any domain, please keep domain-specific files in the correct folder. Put files that you want to be served with no build step (e.g. images, shared JS libraries that you don't want built into a bundle) in `./static/`, and shared files that are imported or included into multiple sites in `./shared/`.
+
+## Build process & files
+
+Webpack is configured to use [html-bundler-webpack-plugin](https://github.com/webdiscus/html-bundler-webpack-plugin). It will treat every html file in one of the site folders as an entry-point.
+
+You can reference other files using relative paths, and webpack will build your bundles and update the URLs as needed.
+
+For example, this tag in `./www/www.html`:
+
+```html
+<script src="./www.tsx" defer="defer"></script>
+```
+
+Will result in `./www/www.tsx` being built (with all imported dependencies) to something like `www.bundle.js` and the script tag being updated to:
+
+```html
+<script src="www.bundle.js" defer="defer"></script>
+```
+
+The same applies for `.scss` files.
+
+## HTML templating
+
+`html-bundler-webpack-plugin` comes bundled with [eta.js](https://eta.js.org/) out of the box. It will be used to pre-process HTML files. You can provide data to the template in `./webpack.config.js` (make sure you get this one and not the webpack config in the root folder) - see the `data` value passed in to the `HtmlBundlerPlugin` constructor.
+
+For example, this is used to provide the correct port in absolute URLs if you choose to run on a port other than 443. Search for `urlPortSuffix` to see how it's provided to the template engine (in `./webpack.config.js`) and how it's injected into a page (in `./www/www.html`).
+
+## React
+
+There is a very basic React setup. You can use TypeScript and .tsx files as usual. `./shared/createApp.tsx` exports a `createApp` function that you can use to attach a component to an element that (by convention) must have the id `app`. See e.g. `./www/www.html` and `./www/www.tsx`.
+
+There is no router setup, although something like the React Browser Router should work if you need to install it. 404s will just serve up the default index file for the domain, which is important for React Router to work properly.

localtest/readme.md

@@ -0,0 +1,19 @@
+# UID2 Local Dev Setup
+
+This setup is intended to allow developers to easily run local TLS services with apparently "real" DNS names and locally valid certificates. This allows testing of a variety of scenarios, such as 1st-party related-domain cookies, CSTG, and iframe behaviour.
+
+## Getting started
+
+There are a few steps you need to take for this to work. Please see [setup.md](./setup.md) for details.
+
+## Overview
+
+For details about how to start the server, how the files & folders are laid out, how to use React, and HTML templating, see [overview.md](./overview.md).
+
+## Scenarios
+
+For information about the kinds of scenarios you can test, see [scenarios.md](./scenarios.md).
+
+## Configuration
+
+For information about other things you can configure, see [configuration.md](./configuration.md).