fix(portal-bff): use the real portal-admin dev port (4300) in admin-flow references

PR #129 baked `4201` into a few comments and test fixtures as the
admin SPA's dev port. The actual port wired in
`apps/portal-admin/project.json` `serve.options.port` is `4300` — the
Nx serve target listens on 4300 in dev. Aligning the references so a
contributor reading `.env.example` or the test fixtures sees the same
number their browser is hitting.

Touched:
- `apps/portal-bff/.env.example` — `ENTRA_ADMIN_POST_LOGOUT_REDIRECT_URI`
  default + the surrounding comment.
- `apps/portal-bff/src/config/check-cors-allowlist.ts` — stale
  doc-comment that pre-dated the portal-admin scaffolding.
- `auth.module.spec.ts`, `auth.controller.spec.ts`,
  `auth.service.spec.ts`, `admin-auth.controller.spec.ts`,
  `check-entra-config.spec.ts` — fixture `adminPostLogoutRedirectUri`
  values. Tests don't depend on the port; aligned for clarity only.

No behaviour change. 278 specs still pass.
This commit is contained in:
Julien Gautier
2026-05-14 15:28:32 +02:00
parent 392a32c0fe
commit 2604ed3efd
7 changed files with 11 additions and 9 deletions
@@ -16,7 +16,7 @@ const ENTRA: EntraConfig = {
redirectUri: 'http://localhost:3000/api/auth/callback',
postLogoutRedirectUri: 'http://localhost:4200/',
adminRedirectUri: 'http://localhost:3000/api/admin/auth/callback',
adminPostLogoutRedirectUri: 'http://localhost:4201/',
adminPostLogoutRedirectUri: 'http://localhost:4300/',
authority: 'https://login.microsoftonline.com/aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee',
};
@@ -17,7 +17,7 @@ const ENTRA: EntraConfig = {
redirectUri: 'http://localhost:3000/api/auth/callback',
postLogoutRedirectUri: 'http://localhost:4200/',
adminRedirectUri: 'http://localhost:3000/api/admin/auth/callback',
adminPostLogoutRedirectUri: 'http://localhost:4201/',
adminPostLogoutRedirectUri: 'http://localhost:4300/',
authority: 'https://login.microsoftonline.com/aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee',
};
+1 -1
View File
@@ -43,7 +43,7 @@ const VALID = {
ENTRA_REDIRECT_URI: 'http://localhost:3000/api/auth/callback',
ENTRA_POST_LOGOUT_REDIRECT_URI: 'http://localhost:4200/',
ENTRA_ADMIN_REDIRECT_URI: 'http://localhost:3000/api/admin/auth/callback',
ENTRA_ADMIN_POST_LOGOUT_REDIRECT_URI: 'http://localhost:4201/',
ENTRA_ADMIN_POST_LOGOUT_REDIRECT_URI: 'http://localhost:4300/',
// Well-formed but unreachable Redis URL — `ioredis` opens the
// socket lazily so the module compiles without any network access.
REDIS_URL: 'redis://default:test-pass@127.0.0.1:65535/0',
@@ -12,7 +12,7 @@ const ENTRA: EntraConfig = {
redirectUri: 'http://localhost:3000/api/auth/callback',
postLogoutRedirectUri: 'http://localhost:4200/',
adminRedirectUri: 'http://localhost:3000/api/admin/auth/callback',
adminPostLogoutRedirectUri: 'http://localhost:4201/',
adminPostLogoutRedirectUri: 'http://localhost:4300/',
authority: 'https://login.microsoftonline.com/aaaaaaaa-bbbb-cccc-dddd-eeeeeeeeeeee',
};
@@ -21,8 +21,9 @@
* Production should set `CORS_ALLOWED_ORIGINS` to the SPA / admin
* SPA's deploy origins (e.g.
* `https://portal.apf.example,https://admin.portal.apf.example`).
* Dev `.env` lists `http://localhost:4200` (and 4201 once
* portal-admin grows a dev server).
* Dev `.env` lists `http://localhost:4200` (portal-shell) and
* `http://localhost:4300` (portal-admin) — see
* apps/portal-admin/project.json `serve.options.port`.
*/
export function readCorsAllowlist(): readonly string[] {
const raw = process.env['CORS_ALLOWED_ORIGINS'];
@@ -8,7 +8,7 @@ const VALID = {
ENTRA_REDIRECT_URI: 'http://localhost:3000/api/auth/callback',
ENTRA_POST_LOGOUT_REDIRECT_URI: 'http://localhost:4200/',
ENTRA_ADMIN_REDIRECT_URI: 'http://localhost:3000/api/admin/auth/callback',
ENTRA_ADMIN_POST_LOGOUT_REDIRECT_URI: 'http://localhost:4201/',
ENTRA_ADMIN_POST_LOGOUT_REDIRECT_URI: 'http://localhost:4300/',
};
describe('assertEntraConfig', () => {