Skip to main content

Mobile Backend communication with Hybris

Mobile Backend calls Hybris in order to retrieve Hybris access token, customer details, reset password and get expired members.

When a customer is first logged in (Mobile login flow) it calls Hybris to authenticate customer with Caravane client, grant type password and customer credentials. Then the mobile backend relies on the generated JWT token that is shared and stored in the Mobile App and contains customer uid.

Customers Hybris access tokens or refresh tokens are not being saved. Any other call to Hybris is done with a Caravane OAuth token generated with grant type client_credentials, even the call is to get customer data or reset his password.

Calls to Hybris

LoginMutation

Login Mutation calls Hybris in order to authenticate the user, gets customer details and validate RCC membership.

  1. Authenticates the customer through https://www.rapha.cc/authorizationserver/oauth/token with Caravane client, grant_type: password and customer credentials.
  2. Get user data invoking UsersAPI getUser(email, true)
  3. Validate user membership to RCC invoking utils.ts validateMembership(hybrisUser). It checks Hybris user rccMemberShipEndDate and throws an error if customer has never been RCC or it is expired.
  4. Creates or updates database user and index it invoking createUserIfMissing(hybrisUser.customerUID, email, hybrisUser, context.prisma, context.dataSources.hybris)

More info: Mobile login flow

ResetPasswordMutation

Reset Password Mutation calls Hybris in order to get Caravane client Hybris token and request password reset with customer email.

  1. Authenticates the customer through https://www.rapha.cc/authorizationserver/oauth/token with Caravane client, grant_type: client_credentials.
  2. Resets customer password calling https://www.rapha.cc/raphacommercewebservices/v2/rapha/forgottenpasswordtokens?userId=${email}&access_token=${hybrisAccessToken}

UsersAPI

getUser(id: string, skipCache = false): Promise<HybrisUser> Gets Hybris user data from cache if available or calling Hybris endpoint with a static Hybris access token. Cache query can be skipped with skipCache flag.

  1. Gets Hybris access token from HYBRIS_AUTH_TOKEN environment variable (It might be a token for Caravane client).
  2. Gets Hybris user data calling https://www.rapha.cc/raphacommercewebservices/v2/rapha/users/${id}?access_token=${hybrisAccessToken}&fields=DEFAULT,rccMembershipNumber,rccMemberShipEndDate,rccMemberShipStartDate,rccChapter

If skipCache is set to true, apart from skipping cache query, it also clears the cache for the corresponding user url.

src/scripts/hide-ghosts.ts script

This script seems to process users in Mobile Database and expire those that are no longer RCC members.

/* README:
 * - Ensure you are connected to the prod db and prod redis clients.
 * - To run: yarn ts-node src/scripts/hide-ghosts.ts
 * - This script will run continuously and will update the expired members in the database.
 * - This script not re-activate members.
 */

It calls Hybris https://www.rapha.cc/raphacommercewebservices/v2/rapha/users/${missingMember}?access_token=${hybrisAccessToken}&fields=${fields} endpoint in order to retrieve Hybris users data. It uses a fixed token saved in the code that might be owned by Caravane client.

api/src/scripts/hides-ghosts.ts

Resources