access blocked on 403...still lots to do

2021-04-03 12:54:21 -07:00 · 2021-04-03 12:54:21 -07:00 · 246accb0b6
commit 246accb0b6
parent 2ef78f47a9
7 changed files with 149 additions and 81 deletions
--- a/README.md
+++ b/README.md
@ -22,6 +22,9 @@ Run `ng generate module module-name --route module-name --module app.module` to

 ## Build

+set you environment variables - set these via environment variables as found in set-env.ts
+// TODO create a .env file so people don't have to set these one-by-one
+
 Run `npm run build:dev` to build the project. The build artifacts will be stored in the `dist/` directory. Use the `build:prod` script for a production build.

 ## Running unit tests
--- a/src/app/_helpers/global-error-handler.ts
+++ b/src/app/_helpers/global-error-handler.ts
@ -3,6 +3,16 @@ import {LoggingService} from '@app/_services/logging.service';
 import {HttpErrorResponse} from '@angular/common/http';
 import {Router} from '@angular/router';

+// A generalized http repsonse error
+export class HttpError extends Error {
+  public status: number
+  constructor(message, status) {
+    super(message);
+    this.status = status;
+    this.name = 'HttpError';
+  }
+}
+
@Injectable()
 export class GlobalErrorHandler extends ErrorHandler {
  private sentencesForWarningLogging: string[] = [];
@ -14,13 +24,13 @@ export class GlobalErrorHandler extends ErrorHandler {
    super();
  }

-  handleError(error: any): void {
+  handleError(error: Error): void {
    this.logError(error);
    const message = error.message ? error.message : error.toString();

-    if (error.status) {
-      error = new Error(message);
-    }
+    // if (error.status) {
+    //   error = new Error(message);
+    // }

    const errorTraceString = `Error message:\n${message}.\nStack trace: ${error.stack}`;

--- a/src/app/_interceptors/error.interceptor.ts
+++ b/src/app/_interceptors/error.interceptor.ts
@ -20,29 +20,30 @@ export class ErrorInterceptor implements HttpInterceptor {
  ) {}

  intercept(request: HttpRequest<unknown>, next: HttpHandler): Observable<HttpEvent<unknown>> {
-    return next.handle(request).pipe(
-      catchError((err: HttpErrorResponse) => {
-        let errorMessage;
-        if (err.error instanceof ErrorEvent) {
-          // A client-side or network error occurred. Handle it accordingly.
-          errorMessage = `An error occurred: ${err.error.message}`;
-        } else {
-          // The backend returned an unsuccessful response code.
-          // The response body may contain clues as to what went wrong.
-          errorMessage = `Backend returned code ${err.status}, body was: ${JSON.stringify(err.error)}`;
-        }
-        this.loggingService.sendErrorLevelMessage(errorMessage, this, {error: err});
-        switch (err.status) {
-          case 401:  // unauthorized
-            this.router.navigateByUrl('/auth').then();
-            break;
-          case 403: // forbidden
-            location.reload(true);
-            break;
-        }
-        // Return an observable with a user-facing error message.
-        return throwError(err);
-      })
-    );
+    // return next.handle(request).pipe(
+    //   catchError((err: HttpErrorResponse) => {
+    //     let errorMessage;
+    //     if (err.error instanceof ErrorEvent) {
+    //       // A client-side or network error occurred. Handle it accordingly.
+    //       errorMessage = `An error occurred: ${err.error.message}`;
+    //     } else {
+    //       // The backend returned an unsuccessful response code.
+    //       // The response body may contain clues as to what went wrong.
+    //       errorMessage = `Backend returned code ${err.status}, body was: ${JSON.stringify(err.error)}`;
+    //     }
+    //     this.loggingService.sendErrorLevelMessage(errorMessage, this, {error: err});
+    //     switch (err.status) {
+    //       case 401:  // unauthorized
+    //         this.router.navigateByUrl('/auth').then();
+    //         break;
+    //       case 403: // forbidden
+    //         location.reload(true);
+    //         break;
+    //     }
+    //     // Return an observable with a user-facing error message.
+    //     return throwError(err);
+    //   })
+    // );
+    return next.handle(request);
  }
 }
--- a/src/app/_interceptors/logging.interceptor.ts
+++ b/src/app/_interceptors/logging.interceptor.ts
@ -18,20 +18,21 @@ export class LoggingInterceptor implements HttpInterceptor {
  ) {}

  intercept(request: HttpRequest<unknown>, next: HttpHandler): Observable<HttpEvent<unknown>> {
-    this.loggingService.sendInfoLevelMessage(request);
-    const startTime = Date.now();
-    let status: string;
+    return next.handle(request);
+  //   this.loggingService.sendInfoLevelMessage(request);
+  //   const startTime = Date.now();
+  //   let status: string;

-    return next.handle(request).pipe(tap(event => {
-      status = '';
-      if (event instanceof HttpResponse) {
-        status = 'succeeded';
-      }
-    }, error => status = 'failed'),
-      finalize(() => {
-      const elapsedTime = Date.now() - startTime;
-      const message = `${request.method} request for ${request.urlWithParams} ${status} in ${elapsedTime} ms`;
-      this.loggingService.sendInfoLevelMessage(message);
-    }));
+  //   return next.handle(request).pipe(tap(event => {
+  //     status = '';
+  //     if (event instanceof HttpResponse) {
+  //       status = 'succeeded';
+  //     }
+  //   }, error => status = 'failed'),
+  //     finalize(() => {
+  //     const elapsedTime = Date.now() - startTime;
+  //     const message = `${request.method} request for ${request.urlWithParams} ${status} in ${elapsedTime} ms`;
+  //     this.loggingService.sendInfoLevelMessage(message);
+  //   }));
  }
 }
--- a/src/app/_services/auth.service.ts
+++ b/src/app/_services/auth.service.ts
@ -1,12 +1,13 @@
 import { Injectable } from '@angular/core';
 import { hobaParseChallengeHeader } from '@src/assets/js/hoba.js';
 import { signChallenge } from '@src/assets/js/hoba-pgp.js';
-import {environment} from '@src/environments/environment';
-import {LoggingService} from '@app/_services/logging.service';
-import {MutableKeyStore, MutablePgpKeyStore} from '@app/_pgp';
-import {ErrorDialogService} from '@app/_services/error-dialog.service';
+import { environment } from '@src/environments/environment';
+import { LoggingService } from '@app/_services/logging.service';
+import { MutableKeyStore, MutablePgpKeyStore } from '@app/_pgp';
+import { ErrorDialogService } from '@app/_services/error-dialog.service';
 import { HttpClient } from '@angular/common/http';
-import {Observable } from 'rxjs';
+import { Observable } from 'rxjs';
+import { HttpError } from '@app/_helpers/global-error-handler';

@Injectable({
  providedIn: 'root'
@ -53,24 +54,28 @@ export class AuthService {
    xhr.send();
  }

-  sendResponse(hobaResponseEncoded): void {
-    const xhr = new XMLHttpRequest();
-    xhr.responseType = 'text';
-    xhr.open('GET', environment.cicMetaUrl + window.location.search.substring(1));
-    xhr.setRequestHeader('Authorization', 'HOBA ' + hobaResponseEncoded);
-    xhr.setRequestHeader('Content-Type', 'application/json');
-    xhr.setRequestHeader('x-cic-automerge', 'none');
-    xhr.addEventListener('load', (e) => {
-      if (xhr.status === 401) {
-        throw new Error('login rejected');
-      }
-      this.sessionToken = xhr.getResponseHeader('Token');
-      sessionStorage.setItem(btoa('CICADA_SESSION_TOKEN'), this.sessionToken);
-      this.sessionLoginCount++;
-      this.setState('Click button to log in');
-      return;
-    });
-    xhr.send();
+  //TODO renmae to send signed challenge and set session. Also seperate these responsibilities
+  sendResponse(hobaResponseEncoded): Promise<boolean> {
+    return new Promise((resolve, reject) => {
+      const xhr = new XMLHttpRequest();
+      xhr.responseType = 'text';
+      xhr.open('GET', environment.cicMetaUrl + window.location.search.substring(1));
+      xhr.setRequestHeader('Authorization', 'HOBA ' + hobaResponseEncoded);
+      xhr.setRequestHeader('Content-Type', 'application/json');
+      xhr.setRequestHeader('x-cic-automerge', 'none');
+      xhr.addEventListener('load', (e) => {
+        if (xhr.status !== 200) {
+            const error = new HttpError(xhr.statusText, xhr.status);
+            return reject(error);
+        }
+        this.sessionToken = xhr.getResponseHeader('Token');
+        sessionStorage.setItem(btoa('CICADA_SESSION_TOKEN'), this.sessionToken);
+        this.sessionLoginCount++;
+        this.setState('Click button to log in');
+        return resolve(true);
+      });
+      xhr.send();
+    })
  }

  getChallenge(): void {
@ -81,7 +86,7 @@ export class AuthService {
      if (xhr.status === 401) {
        const authHeader = xhr.getResponseHeader('WWW-Authenticate');
        const o = hobaParseChallengeHeader(authHeader);
-        await this.loginResponse(o);
+        this.loginResponse(o);
      }
    };
    xhr.send();
@ -108,12 +113,31 @@ export class AuthService {


  async loginResponse(o): Promise<any> {
-    try {
-      const r = await signChallenge(o.challenge, o.realm, environment.cicMetaUrl, this.mutableKeyStore);
-      this.sendResponse(r);
-    } catch (error) {
-      this.errorDialogService.openDialog({message: 'Incorrect key passphrase.'});
-    }
+    return new Promise(async(resolve, reject) => {
+      try {
+        const r = await signChallenge(o.challenge, 
+                                      o.realm, 
+                                      environment.cicMetaUrl, 
+                                      this.mutableKeyStore);
+        const sessionTokenResult = await this.sendResponse(r);
+      } catch (error) {
+        if (error instanceof HttpError) {
+          if (error.status === 403) {
+            this.errorDialogService.openDialog({ message: 'You are not authorized to use this system' })
+          }
+          if (error.status === 401) {
+            this.errorDialogService.openDialog({ message: 'Unable to authenticate with the service. ' + 
+                                                        'Please speak with the staff at Grassroots ' +
+                                                        'Economics for requesting access ' +
+                                                        'staff@grassrootseconomics.net.' })
+         
+          }
+        }
+        // TODO define this error
+        this.errorDialogService.openDialog({message: 'Incorrect key passphrase.'});
+        resolve(false);
+      }
+    });
  }

  loginView(): void {
@ -157,8 +181,16 @@ export class AuthService {
    return trustedUsers;
  }

-  getPublicKeys(): Observable<any> {
-    return this.httpClient.get(`${environment.publicKeysUrl}`, {responseType: 'text'});
+  async getPublicKeys(): Promise<any> {
+    const data = await fetch(environment.publicKeysUrl)
+      .then(res => {
+        if (!res.ok) {
+          //TODO does angular recommend an error interface?
+          throw Error(`${res.statusText} - ${res.status}`);
+        }
+        return res.text();
+      })
+    return data;
  }

  async getPrivateKeys(): Promise<void> {
--- a/src/app/app.component.ts
+++ b/src/app/app.component.ts
@ -21,12 +21,20 @@ export class AppComponent {
    private errorDialogService: ErrorDialogService
  ) {
    (async () => {
-      await this.authService.mutableKeyStore.loadKeyring();
-      this.authService.getPublicKeys()
-        .pipe(catchError(async (error) => {
-          this.loggingService.sendErrorLevelMessage('Unable to load trusted public keys.', this, {error});
-          this.errorDialogService.openDialog({message: 'Trusted keys endpoint can\'t be reached. Please try again later.'});
-      })).subscribe(this.authService.mutableKeyStore.importPublicKey);
+      try {
+        await this.authService.mutableKeyStore.loadKeyring();
+        // this.authService.getPublicKeys()
+        //   .pipe(catchError(async (error) => {
+        //     this.loggingService.sendErrorLevelMessage('Unable to load trusted public keys.', this, {error});
+        //     this.errorDialogService.openDialog({message: 'Trusted keys endpoint can\'t be reached. Please try again later.'});
+        // })).subscribe(this.authService.mutableKeyStore.importPublicKey);
+        const publicKeys = await this.authService.getPublicKeys()
+        await this.authService.mutableKeyStore.importPublicKey(publicKeys);
+      } catch(error) {
+        this.errorDialogService.openDialog({message: 'Trusted keys endpoint can\'t be reached. Please try again later.'});
+        // TODO do something to halt user progress...show a sad cicada page 🦗?
+      }
+      
    })();
    this.mediaQuery.addListener(this.onResize);
    this.onResize(this.mediaQuery);
--- a/src/environments/environment.ts
+++ b/src/environments/environment.ts
@ -1,3 +1,16 @@
+import {NgxLoggerLevel} from 'ngx-logger';
+
 export const environment = {
-  production: false
+  production: false,
+  bloxbergChainId: 8996,
+  logLevel: NgxLoggerLevel.ERROR,
+  serverLogLevel: NgxLoggerLevel.OFF,
+  loggingUrl: 'http://localhost:8000',
+  cicMetaUrl: 'https://meta.dev.grassrootseconomics.net',
+  publicKeysUrl: 'http://localhost:8080/.well-known/publickeys',
+  cicCacheUrl: 'https://cache.dev.grassrootseconomics.net',
+  web3Provider: 'ws://localhost:63546',
+  cicUssdUrl: 'https://ussd.dev.grassrootseconomics.net',
+  registryAddress: '0xAf1B487491073C2d49136Db3FD87E293302CF839',
+  trustedDeclaratorAddress: '0xEb3907eCad74a0013c259D5874AE7f22DcBcC95C'
 };