grassrootseconomics/cic-staff-client
5
0
Fork 0
Code Issues 26 Pull Requests Projects Releases Wiki Activity

Refactor auth http requests.

Browse Source
This commit is contained in:
Spencer Ofwiti 2021-05-15 13:42:46 +03:00
parent 8a6040cd85
commit ff17d3b02f
2 changed files with 68 additions and 58 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/app/_helpers/http-getter.ts
View File

@ -2,16 +2,14 @@ function HttpGetter(): void {}
HttpGetter.prototype.get = (filename) =>
new Promise((resolve, reject) => {
const xhr: XMLHttpRequest = new XMLHttpRequest();
xhr.addEventListener('load', (e) => {
if (xhr.status === 200) {
resolve(xhr.responseText);
return;
fetch(filename).then((response) => {
if (response.ok) {
resolve(response.json());
} else {
reject(`failed with status ${response.status} : ${response.statusText}`);
}
reject('failed with status ' + xhr.status + ': ' + xhr.statusText);
return;
});
xhr.open('GET', filename);
xhr.send();
});
export { HttpGetter };

112
src/app/_services/auth.service.ts
View File

@ -13,7 +13,6 @@ import { HttpError } from '@app/_helpers/global-error-handler';
})
export class AuthService {
sessionToken: any;
sessionLoginCount: number = 0;
mutableKeyStore: MutableKeyStore;
constructor(
@ -39,73 +38,84 @@ export class AuthService {
document.getElementById('state').innerHTML = s;
}
getWithToken(): void {
const xhr: XMLHttpRequest = new XMLHttpRequest();
xhr.responseType = 'text';
xhr.open('GET', environment.cicMetaUrl + window.location.search.substring(1));
xhr.setRequestHeader('Authorization', 'Bearer ' + this.sessionToken);
xhr.setRequestHeader('Content-Type', 'application/json');
xhr.setRequestHeader('x-cic-automerge', 'none');
xhr.addEventListener('load', (e) => {
if (xhr.status === 401) {
throw new Error('login rejected');
}
this.sessionLoginCount++;
this.setState('Click button to log in');
return;
getWithToken(): Promise<boolean> {
return new Promise((resolve, reject) => {
const headers = {
Authorization: 'Bearer ' + this.sessionToken,
'Content-Type': 'application/json;charset=utf-8',
'x-cic-automerge': 'none',
};
const options = {
headers,
};
fetch(environment.cicMetaUrl, options).then((response) => {
if (response.status === 401) {
return reject({
status: response.status,
statusText: response.statusText,
});
}
return resolve(true);
});
});
xhr.send();
}
// TODO rename to send signed challenge and set session. Also separate these responsibilities
sendResponse(hobaResponseEncoded: any): Promise<boolean> {
return new Promise((resolve, reject) => {
const xhr: XMLHttpRequest = new XMLHttpRequest();
xhr.responseType = 'text';
xhr.open('GET', environment.cicMetaUrl + window.location.search.substring(1));
xhr.setRequestHeader('Authorization', 'HOBA ' + hobaResponseEncoded);
xhr.setRequestHeader('Content-Type', 'application/json');
xhr.setRequestHeader('x-cic-automerge', 'none');
xhr.addEventListener('load', (e) => {
if (xhr.status !== 200) {
const error = new HttpError(xhr.statusText, xhr.status);
return reject(error);
const headers = {
Authorization: 'HOBA ' + hobaResponseEncoded,
'Content-Type': 'application/json;charset=utf-8',
'x-cic-automerge': 'none',
};
const options = {
headers,
};
fetch(environment.cicMetaUrl, options).then((response) => {
if (response.status === 401) {
return reject({
status: response.status,
statusText: response.statusText,
});
}
this.sessionToken = xhr.getResponseHeader('Token');
this.sessionToken = response.headers.get('Token');
sessionStorage.setItem(btoa('CICADA_SESSION_TOKEN'), this.sessionToken);
this.sessionLoginCount++;
this.setState('Click button to log in');
return resolve(true);
});
xhr.send();
});
}
getChallenge(): void {
const xhr: XMLHttpRequest = new XMLHttpRequest();
xhr.responseType = 'arraybuffer';
xhr.open('GET', environment.cicMetaUrl + window.location.search.substring(1));
xhr.onload = async (e) => {
if (xhr.status === 401) {
const authHeader = xhr.getResponseHeader('WWW-Authenticate');
const o = hobaParseChallengeHeader(authHeader);
this.loginResponse(o);
}
};
xhr.send();
getChallenge(): Promise<any> {
return new Promise((resolve, reject) => {
fetch(environment.cicMetaUrl).then(async (response) => {
if (response.status === 401) {
const authHeader: string = response.headers.get('WWW-Authenticate');
return resolve(hobaParseChallengeHeader(authHeader));
}
if (!response.ok) {
return reject({
status: response.status,
statusText: response.statusText,
});
}
});
});
}
login(): boolean {
async login(): Promise<boolean> {
if (this.sessionToken !== undefined) {
try {
this.getWithToken();
return true;
const response: boolean = await this.getWithToken();
return response === true;
} catch (e) {
this.loggingService.sendErrorLevelMessage('Login token failed', this, { error: e });
}
} else {
try {
this.getChallenge();
const o = await this.getChallenge();
const response: boolean = await this.loginResponse(o);
return response === true;
} catch (e) {
this.loggingService.sendErrorLevelMessage('Login challenge failed', this, { error: e });
}
@ -122,15 +132,15 @@ export class AuthService {
environment.cicMetaUrl,
this.mutableKeyStore
);
const sessionTokenResult: boolean = await this.sendResponse(r);
const response: boolean = await this.sendResponse(r);
resolve(response);
} catch (error) {
if (error instanceof HttpError) {
if (error.status === 403) {
this.errorDialogService.openDialog({
message: 'You are not authorized to use this system',
});
}
if (error.status === 401) {
} else if (error.status === 401) {
this.errorDialogService.openDialog({
message:
'Unable to authenticate with the service. ' +
@ -139,9 +149,10 @@ export class AuthService {
'staff@grassrootseconomics.net.',
});
}
} else {
// TODO define this error
this.errorDialogService.openDialog({ message: 'Incorrect key passphrase.' });
}
// TODO define this error
this.errorDialogService.openDialog({ message: 'Incorrect key passphrase.' });
resolve(false);
}
});
@ -183,6 +194,7 @@ export class AuthService {
logout(): void {
sessionStorage.removeItem(btoa('CICADA_SESSION_TOKEN'));
localStorage.removeItem(btoa('CICADA_PRIVATE_KEY'));
this.sessionToken = undefined;
window.location.reload();
}