feat(react-journey): add react journey app

javascript/package.json

@@ -10,7 +10,7 @@
     "./central-login-oidc/",
     "./embedded-login/",
     "./embedded-login-davinci/",
-    "./reactjs-todo/",
+    "./react-journey/",
     "./reactjs-todo-davinci/",
     "./reactjs-todo/",
     "./todo-api/"
@@ -19,14 +19,15 @@
     "todo-api": "npm start --workspace todo-api",
     "angular-todo": "npm start --workspace angular-todo",
     "angular-todo-dv": "npm start --workspace angular-todo-davinci",
-    "reactjs-todo": "npm start --workspace reactjs-todo",
+    "react-journey": "npm start --workspace react-journey",
     "reactjs-todo-dv": "npm start --workspace reactjs-todo-davinci",
     "start:central-login-oidc": "npm start --workspace central-login-oidc",
     "start:embedded-login": "npm start --workspace embedded-login",
     "start:embedded-login-davinci": "npm run dev --workspace embedded-login-davinci",
     "start:angular-todo": "npm-run-all --parallel todo-api angular-todo",
     "start:angular-todo-dv": "npm-run-all --parallel todo-api angular-todo-dv",
     "start:reactjs-todo": "npm-run-all --parallel todo-api reactjs-todo",
+    "start:react-journey": "npm-run-all --parallel todo-api react-journey",
     "start:reactjs-todo-dv": "npm-run-all --parallel todo-api reactjs-todo-dv",
     "lint": "npm run lint --workspaces --if-present",
     "prepare": "husky install",

javascript/react-journey/.env.example

@@ -0,0 +1,20 @@
+# APP_URL=$APP_URL # not using this for preview-environment instead, we can use window.location.origin
+SERVER_URL=$SERVER_URL
+WELLKNOWN_URL=$WELLKNOWN_URL
+SCOPE=$SCOPE
+API_URL=$API_URL
+DEBUGGER_OFF=true
+DEVELOPMENT=$DEVELOPMENT
+JOURNEY_LOGIN=$JOURNEY_LOGIN
+JOURNEY_REGISTER=$JOURNEY_REGISTER
+PORT=$PORT
+REALM_PATH=$REALM_PATH
+WEB_OAUTH_CLIENT=$WEB_OAUTH_CLIENT
+INIT_PROTECT=$INIT_PROTECT  # a boolean which if true will initialize protect at app bootstrap time,
+                            # otherwise relies on the PingOneProtectInitialize callback for initialization
+PINGONE_ENV_ID=$PINGONE_ENV_ID  # required if INIT_PROTECT is true
+
+REST_OAUTH_CLIENT=$REST_OAUTH_CLIENT
+REST_OAUTH_SECRET=$REST_OAUTH_SECRET
+CENTRALIZED_LOGIN=$CENTRALIZED_LOGIN
+SERVER_TYPE=$SERVER_TYPE

javascript/react-journey/.eslintrc.js

@@ -0,0 +1,39 @@
+module.exports = {
+  env: {
+    browser: true,
+    es2021: true,
+  },
+  ignorePatterns: [
+    '**/node_modules/**',
+    '**/dist/**',
+    'public',
+    'playwright-report',
+    'test-results',
+  ],
+  extends: ['standard', 'plugin:react/recommended', 'prettier'],
+  overrides: [
+    {
+      env: {
+        node: true,
+      },
+      files: ['.eslintrc.{js,cjs}'],
+      parserOptions: {
+        sourceType: 'script',
+      },
+    },
+  ],
+  parserOptions: {
+    ecmaVersion: 'latest',
+    sourceType: 'module',
+  },
+  plugins: ['react'],
+  settings: {
+    react: {
+      version: 'detect',
+    },
+  },
+  rules: {
+    'react/prop-types': 'off',
+    'no-debugger': 'off',
+  },
+};

javascript/react-journey/.gitignore

@@ -0,0 +1,9 @@
+node_modules/
+/test-results/
+/playwright-report/
+/blob-report/
+/playwright/.cache/
+/test-results/
+/playwright-report/
+/blob-report/
+/playwright/.cache/

javascript/react-journey/README.md

@@ -0,0 +1,129 @@
+# React JS Journey Sample App
+
+## Disclaimers
+
+This sample code is provided "as is" and is not a supported product of Ping. It's purpose is solely to demonstrate how the Ping JavaScript SDK can be implemented within a React application. Also, this is not a demonstration of React itself or instructional for _how_ to build a React app. There are many aspects to routing, state management, tooling and other aspects to building a React app that are outside of the scope of this project. For information about creating a React app, [visit React's official documentation](https://reactjs.org/docs/create-a-new-react-app.html).
+
+## Requirements
+
+1. An instance of Ping's Access Manager (AM), either within a Ping's Advanced Identity Cloud tenant, your own private installation or locally installed on your computer
+2. Node >= 18.12.0 (recommended: install via [official package installer](https://nodejs.org/en/))
+3. Knowledge of using the Terminal/Command Line
+4. Ability to generate security certs (recommended: mkcert ([installation instructions here](https://github.com/FiloSottile/mkcert#installation))
+5. This project "cloned" to your computer
+
+## Setup
+
+Once you have the 5 requirements above met, we can build the project.
+
+### Setup Your AM Instance
+
+#### Configure CORS
+
+1. Allowed origins: `https://localhost:8443`
+2. Allowed methods: `GET` `POST`
+3. Allowed headers: `Content-Type` `X-Requested-With` X-Requested-Platform` `Accept-API-Version` `Authorization`
+4. Allow credentials: enable
+
+#### Create Your OAuth Clients
+
+1. Create a public (SPA) OAuth client for the web app: no secret, scopes of `openid profile email`, implicit consent enabled, and no "token authentication endpoint method".
+2. Create a confidential (Node.js) OAuth client for the API server: with a secret, default scope of `am-introspect-all-tokens`, and `client_secret_basic` as the "token authentication endpoint method".
+
+#### Create your Authentication Journeys/Trees
+
+1. Login
+2. Register
+
+Note: The sample app currently supports the following callbacks only:
+
+- NameCallback
+- PasswordCallback
+- ChoiceCallback
+- ValidatedCreateUsernameCallback
+- ValidatedCreatePasswordCallback
+- StringAttributeInputCallback
+- BooleanAttributeInputCallback
+- KbaCreateCallback
+- TermsAndConditionsCallback
+
+### Configure Your `.env` File
+
+Change the name of `.env.example` to `.env` and replace the bracketed values (e.g. `<<<helper-text>>>`) with your values.
+
+Example with annotations:
+
+```text
+SERVER_URL=<<<URL to your AM instance>>>
+APP_URL=https://localhost:8443 # in develop we do not use this variable for dynamic deployment reasons
+API_URL=http://localhost:9443
+DEBUGGER_OFF=false
+JOURNEY_LOGIN=Login
+JOURNEY_REGISTER=Registration
+REALM_PATH=<<<Realm path of AM>>>
+WEB_OAUTH_CLIENT=<<<Your Web OAuth client name/ID>>>
+```
+
+### Installing Dependencies and Run Build
+
+**Run from root of repo**: since this sample app uses npm's workspaces, we recommend running the npm commands from the root of the repo.
+
+```sh
+# Install all dependencies (no need to pass the -w option)
+npm install
+```
+
+### Run the Servers
+
+Now, run the below commands to start the processes needed for building the application and running the servers for both client and API server:
+
+```sh
+# In one terminal window, run the following watch command from the root of the repository
+npm run start:react-journey
+```
+
+Now, you should be able to visit `https://localhost:8443`, which is your web app or client (the Relying Party in OAuth terms). This client will make requests to your AM instance, (the Authorization Server in OAuth terms), which will be running on whatever domain you set, and `http://localhost:9443` as the REST API for your todos (the Resource Server).
+
+### Accept Cert Exceptions
+
+You will likely have to accept the security certificate exceptions for both your React app and the Node.js server. To accept the cert form the Node.js server, you can visit `http://localhost:9443/healthcheck` in your browser. Once you receive "OK", your Node.js server is running on the correct domain and port, and the cert is accepted.
+
+## Learn About Integration Touchpoints
+
+This project has a debugging statements that can be activated which causes the app to pause execution at each SDK integration point. It will have a comment above the `debugger` statement explaining the purpose of the integration.
+
+If you'd like to use this feature as a learning tool, open the developer tools of your browser and rerun the app locally. It will automatically pause at these points of integration.
+
+For local development, if you want to turn these debuggers off, you can set the environment variable of `DEBUGGER_OFF` to true.
+
+## Modifying This Project
+
+### React Client
+
+To modify the client portion of this project, you'll need to be familiar with the following React patterns:
+
+1. [Functional components and composition](https://reactjs.org/docs/components-and-props.html)
+2. [Hooks (including custom hooks)](https://reactjs.org/docs/hooks-intro.html)
+3. [Context API](https://reactjs.org/docs/hooks-reference.html#usecontext)
+4. [React Router](https://reactrouter.com/)
+
+You'll also want a [basic understanding of Webpack](https://webpack.js.org/concepts/) and the following:
+
+1. [Babel transformation for React](https://webpack.js.org/loaders/babel-loader/#root)
+2. [Plugins for Sass-to-CSS processing](https://webpack.js.org/loaders/sass-loader/#root)
+
+#### Styling and CSS
+
+We heavily leveraged [Twitter Bootstrap](https://getbootstrap.com/) and [it's utility classes](https://getbootstrap.com/docs/5.0/utilities/api/), but you will see classes with the prefix `cstm_`. These are custom classes, hence the `cstm` shorthand, and they are explicitly used to denote an additional style application on top of Bootstrap's styling.
+
+### REST API Server
+
+To modify the API server, you'll need a [basic understanding of Node](https://nodejs.org/en/about/) as well as the following things:
+
+1. [Express](https://expressjs.com/)
+2. [PouchDB](https://pouchdb.com/)
+3. [Superagent](https://www.npmjs.com/package/superagent)
+
+## TypeScript?
+
+The Ping JavaScript SDK is developed with TypeScript, so type definitions are available. This sample application does not utilize TypeScript, but if you'd like to see a version of this written in TypeScript, let us know.

javascript/react-journey/babel.config.js

@@ -0,0 +1,3 @@
+module.exports = {
+  presets: ['@babel/preset-react'],
+};

javascript/react-journey/client/README.md

@@ -0,0 +1,150 @@
+# React JS Todo Sample App
+
+## Disclaimers
+
+This sample code is provided "as is" and is not a supported product of Ping. It's purpose is solely to demonstrate how the Ping JavaScript SDK can be implemented within a React application. Also, this is not a demonstration of React itself or instructional for _how_ to build a React app. There are many aspects to routing, state management, tooling and other aspects to building a React app that are outside of the scope of this project. For information about creating a React app, [visit React's official documentation](https://reactjs.org/docs/create-a-new-react-app.html).
+
+## Requirements
+
+1. An instance of Ping's Access Manager (AM), either within a Ping's Advanced Identity Cloud tenant, your own private installation or locally installed on your computer
+2. Node >= 18.12.0 (recommended: install via [official package installer](https://nodejs.org/en/))
+3. Knowledge of using the Terminal/Command Line
+4. Ability to generate security certs (recommended: mkcert ([installation instructions here](https://github.com/FiloSottile/mkcert#installation))
+5. This project "cloned" to your computer
+
+## Setup
+
+Once you have the 5 requirements above met, we can build the project.
+
+### Setup Your AM Instance
+
+#### Configure CORS
+
+1. Allowed origins: `https://react.example.com:8443`
+2. Allowed methods: `GET` `POST`
+3. Allowed headers: `Content-Type` `X-Requested-With` `Accept-API-Version` `Authorization`
+4. Allow credentials: enable
+
+#### Create Your OAuth Clients
+
+1. Create a public (SPA) OAuth client for the web app: no secret, scopes of `openid profile email`, implicit consent enabled, and no "token authentication endpoint method".
+2. Create a confidential (Node.js) OAuth client for the API server: with a secret, default scope of `am-introspect-all-tokens`, and `client_secret_basic` as the "token authentication endpoint method".
+
+#### Create your Authentication Journeys/Trees
+
+1. Login
+2. Register
+
+Note: The sample app currently supports the following callbacks only:
+
+- NameCallback
+- PasswordCallback
+- ChoiceCallback
+- ValidatedCreateUsernameCallback
+- ValidatedCreatePasswordCallback
+- StringAttributeInputCallback
+- BooleanAttributeInputCallback
+- KbaCreateCallback
+- TermsAndConditionsCallback
+
+### Configure Your `.env` File
+
+Change the name of `.env.example` to `.env` and replace the bracketed values (e.g. `<<<helper-text>>>`) with your values.
+
+Example with annotations:
+
+```text
+SERVER_URL=<<<URL to your AM/ PingOne instance>>>
+APP_URL=https://react.example.com:8443 # in develop we do not use this variable for dynamic deployment reasons
+API_URL=https://api.example.com:9443
+DEBUGGER_OFF=false
+JOURNEY_LOGIN=Login
+JOURNEY_REGISTER=Registration
+REALM_PATH=<<<Realm path of AM>>>
+WEB_OAUTH_CLIENT=<<<Your Web OAuth client name/ID>>>
+```
+
+### Installing Dependencies and Run Build
+
+**Run from root of repo**: since this sample app uses npm's workspaces, we recommend running the npm commands from the root of the repo.
+
+```sh
+# Install all dependencies (no need to pass the -w option)
+npm install
+
+# run sample app project
+# only if you want to see the app build, the serve command will do this for you
+npm run build -w reactjs-todo # if in workspace root
+
+npm run build # if in the reactjs-todo folder
+```
+
+### Update Your `/etc/hosts` File
+
+Now you'll need to update your `hosts` (`/etc/hosts` if on a Mac) to allow for domain aliases:
+
+```sh
+sudo vim /etc/hosts
+```
+
+```text
+# hosts file aliases
+127.0.0.1 react.example.com api.example.com
+```
+
+### Run the Servers
+
+Now, run the below commands to start the processes needed for building the application and running the servers for both client and API server:
+
+```sh
+# In one terminal window, run the following watch command
+npm run start:reactjs-todo # only if in root
+
+npm start # if in reactjs-todo folder
+```
+
+Now, you should be able to visit `https://react.example.com:8443`, which is your web app or client (the Relying Party in OAuth terms). This client will make requests to your AM instance, (the Authorization Server in OAuth terms), which will be running on whatever domain you set, and `https://api.example.com:9443` as the REST API for your todos (the Resource Server).
+
+### Accept Cert Exceptions
+
+You will likely have to accept the security certificate exceptions for both your React app and the Node.js server. To accept the cert form the Node.js server, you can visit `https://api.example.com:9443/healthcheck` in your browser. Once you receive "OK", your Node.js server is running on the correct domain and port, and the cert is accepted.
+
+## Learn About Integration Touchpoints
+
+This project has a debugging statements that can be activated which causes the app to pause execution at each SDK integration point. It will have a comment above the `debugger` statement explaining the purpose of the integration.
+
+If you'd like to use this feature as a learning tool, open the developer tools of your browser and rerun the app locally. It will automatically pause at these points of integration.
+
+For local development, if you want to turn these debuggers off, you can set the environment variable of `DEBUGGER_OFF` to true.
+
+## Modifying This Project
+
+### React Client
+
+To modify the client portion of this project, you'll need to be familiar with the following React patterns:
+
+1. [Functional components and composition](https://reactjs.org/docs/components-and-props.html)
+2. [Hooks (including custom hooks)](https://reactjs.org/docs/hooks-intro.html)
+3. [Context API](https://reactjs.org/docs/hooks-reference.html#usecontext)
+4. [React Router](https://reactrouter.com/)
+
+You'll also want a [basic understanding of Webpack](https://webpack.js.org/concepts/) and the following:
+
+1. [Babel transformation for React](https://webpack.js.org/loaders/babel-loader/#root)
+2. [Plugins for Sass-to-CSS processing](https://webpack.js.org/loaders/sass-loader/#root)
+
+#### Styling and CSS
+
+We heavily leveraged [Twitter Bootstrap](https://getbootstrap.com/) and [it's utility classes](https://getbootstrap.com/docs/5.0/utilities/api/), but you will see classes with the prefix `cstm_`. These are custom classes, hence the `cstm` shorthand, and they are explicitly used to denote an additional style application on top of Bootstrap's styling.
+
+### REST API Server
+
+To modify the API server, you'll need a [basic understanding of Node](https://nodejs.org/en/about/) as well as the following things:
+
+1. [Express](https://expressjs.com/)
+2. [PouchDB](https://pouchdb.com/)
+3. [Superagent](https://www.npmjs.com/package/superagent)
+
+## TypeScript?
+
+The Ping JavaScript SDK is developed with TypeScript, so type definitions are available. This sample application does not utilize TypeScript, but if you'd like to see a version of this written in TypeScript, let us know.

javascript/react-journey/client/components/README.md

@@ -0,0 +1,3 @@
+# Components
+
+These are React based units of code that could potentially be used anywhere, to an extent. They are the units that compose a view. These could be actual React components or custom React hooks.