From aeace409c80fe6e92bd56bc27bf607359903f6fc Mon Sep 17 00:00:00 2001
From: rohanharikr <rohanharikumar80@gmail.com>
Date: Fri, 20 Dec 2024 21:25:43 +0000
Subject: [PATCH] Authz server check (#88)

* remove beta server

* validate authz servers
---
 src/App.svelte       |  8 +-------
 src/lib/constants.js |  6 ++----
 src/lib/validate.js  | 22 +++++++++-------------
 3 files changed, 12 insertions(+), 24 deletions(-)

diff --git a/src/App.svelte b/src/App.svelte
index 252c508..ede9221 100644
--- a/src/App.svelte
+++ b/src/App.svelte
@@ -1,6 +1,6 @@
 <script>
 	import { onMount } from 'svelte';
-	import { PARAMS, AUTHZ_SERVERS, BETA_SERVER } from '$lib/constants.js';
+	import { PARAMS, AUTHZ_SERVERS } from '$lib/constants.js';
 	import Header from '$components/Header.svelte';
 	import AuthorizationRequest from '$components/AuthorizationRequest.svelte';
 	import AuthorizationResponse from '$components/AuthorizationResponse.svelte';
@@ -90,7 +90,6 @@
 		if (params.has('id_token')) await processIdToken(params);
 		else if (params.has('code')) await processCode(params);
 		else if (params.has('error')) processError(params);
-		else if (params.has('beta')) selectBetaServer();
 
 		cleanUrl();
 		removeLoader();
@@ -263,11 +262,6 @@
 		authzResponse.url = params.toString();
 		showErrorNotification = true;
 	}
-
-	function selectBetaServer() {
-		selectedAuthzServer = BETA_SERVER;
-		dropdowns.server = true; // expand to show selected beta server
-	}
 </script>
 
 {#if mounted}
diff --git a/src/lib/constants.js b/src/lib/constants.js
index 72eecb8..25722d9 100644
--- a/src/lib/constants.js
+++ b/src/lib/constants.js
@@ -158,9 +158,7 @@ const PARAMS = {
 	HELLO_PARAM
 };
 
-const BETA_SERVER = 'https://wallet.hello-beta.net/authorize';
-
-const SERVERS = ['https://wallet.hello.coop/authorize', BETA_SERVER];
+const SERVERS = ['https://wallet.hello.coop/authorize'];
 
 const AUTHZ_SERVERS = {
 	SERVERS,
@@ -174,4 +172,4 @@ const AUTHZ_SERVERS = {
 	]
 };
 
-export { PARAMS, AUTHZ_SERVERS, BETA_SERVER, PROFILE_CLAIMS };
+export { PARAMS, AUTHZ_SERVERS, PROFILE_CLAIMS };
diff --git a/src/lib/validate.js b/src/lib/validate.js
index 050269f..0989c6b 100644
--- a/src/lib/validate.js
+++ b/src/lib/validate.js
@@ -62,19 +62,15 @@ function validateHelloParams({ param, protocolParams, helloParams, helloParamsVa
 	return true;
 }
 
-async function validateAuthzServer(_) {
-	// TBD CORS -- no way for browser to know for sure that a URL exists
-	// try {
-	//     const res = await fetch(url, {
-	//         method: 'HEAD', // Only fetch headers, no body
-	//         cache: 'no-cache' // To avoid using cached responses
-	//     });
-	//     return res.status === 200
-	// } catch (error) {
-	//     console.error('Failed to validate', url)
-	//     return false;
-	// }
-	return true;
+async function validateAuthzServer(url) {
+	const healthCheckUrl = new URL('/api/v1/health_check/playground', url);
+	try {
+		const res = await fetch(healthCheckUrl);
+		return res.status === 200;
+	} catch (error) {
+		console.warn('Failed to validate', healthCheckUrl);
+		return false;
+	}
 }
 
 export { validateScopes, validateProtocolParams, validateHelloParams, validateAuthzServer };