Security provider for UX-Client-Login

Use ODL provided oauth2/token for UX clients Change-Id: I9f9ae931fc5e74dc13076bd23551d163c0685606 Issue-ID: SDNC-648 Signed-off-by: Herbert Eiselt <herbert.eiselt@highstreet-technologies.com>
author: Herbert Eiselt <herbert.eiselt@highstreet-technologies.com> 2019-03-12 18:00:21 +0100
committer: Herbert Eiselt <herbert.eiselt@highstreet-technologies.com> 2019-03-12 18:01:06 +0100
commit: 2d4424c28ac35763ef44c42ae2f01664d42b268c (patch)
tree: 4e6ebdc2e57c1c8f2c91d3ec094b340c89dfe5c5 /sdnr/wt/odlux/framework/src/services
parent: caf781999351fc6a3e2acb5b2fe47fe04a291d2d (diff)
3 files changed, 58 insertions, 17 deletions
diff --git a/sdnr/wt/odlux/framework/src/services/authenticationService.ts b/sdnr/wt/odlux/framework/src/services/authenticationService.ts
index 5e6fc81a8..42ce061f1 100644
--- a/sdnr/wt/odlux/framework/src/services/authenticationService.ts
+++ b/sdnr/wt/odlux/framework/src/services/authenticationService.ts
@@ -1,14 +1,34 @@
-function timeout(ms:number) {
-  return new Promise(resolve => setTimeout(resolve, ms));
+import { requestRest, formEncode } from "./restService";
+import { AuthToken } from "../models/authentication";
+
+type AuthTokenResponse = {
+  access_token: string;
+  token_type: string;
+  expires_in: number;
 }
 
+
 class AuthenticationService {
-  public async authenticateUser(email: string, password: string) : Promise<string | null> {
-    await timeout(650);
-    if (email === "max@odlux.com" && password === "geheim") {
-      return "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJPRExVWCIsImlhdCI6MTUzODQ2NDMyMCwiZXhwIjoxNTcwMDAwMzIwLCJhdWQiOiJsb2NhbGhvc3QiLCJzdWIiOiJsb2NhbGhvc3QiLCJmaXJzdE5hbWUiOiJNYXgiLCJsYXN0TmFtZSI6Ik11c3Rlcm1hbm4iLCJlbWFpbCI6Im1heEBvZGx1eC5jb20iLCJyb2xlIjpbInVzZXIiLCJhZG1pbiJdfQ.9e5hDi2uxmIXNwHkJoScBZsHBk0jQ8CcZ7YIcZhDtuI"
-    }
-    return null;
+  public async authenticateUser(email: string, password: string, scope: string): Promise<AuthToken | null> {
+    const result = await requestRest<string>(`oauth2/token`, {
+      method: "POST",
+      headers: {
+        'Content-Type': 'application/x-www-form-urlencoded'
+      },
+      body: formEncode({
+        grant_type: "password",
+        username: email,
+        password: password,
+        scope: scope
+      })
+    }, false);
+    const resultObj: AuthTokenResponse| null = result && JSON.parse(result);
+    return resultObj && {
+      username: email,
+      access_token: resultObj.access_token,
+      token_type: resultObj.token_type,
+      expires: (new Date().valueOf()) + (resultObj.expires_in * 1000)
+    } || null;
   }
 }
 
diff --git a/sdnr/wt/odlux/framework/src/services/notificationService.ts b/sdnr/wt/odlux/framework/src/services/notificationService.ts
index 242a6c03b..76132f843 100644
--- a/sdnr/wt/odlux/framework/src/services/notificationService.ts
+++ b/sdnr/wt/odlux/framework/src/services/notificationService.ts
@@ -1,6 +1,6 @@
 import * as X2JS from 'x2js';
 
-const socketUrl = [ location.protocol === 'https:' ? 'wss://' : 'ws://', 'admin', ':', 'admin', '@', location.hostname, ':',location.port,'/websocket'].join('');
+const socketUrl = [location.protocol === 'https:' ? 'wss://' : 'ws://', 'admin', ':', 'admin', '@', location.hostname, ':', location.port, '/websocket'].join('');
 const subscriptions: { [scope: string]: SubscriptionCallback[] } = { };
 
 export interface IFormatedMessage {
@@ -29,7 +29,7 @@ function formatData(event: MessageEvent) : IFormatedMessage | undefined {
 export function subscribe<TMessage extends IFormatedMessage = IFormatedMessage>(scope: string | string[], callback: SubscriptionCallback<TMessage>): Promise<boolean> {
   return socketReady.then((notificationSocket) => {
     const scopes = scope instanceof Array ? scope : [scope];
-    
+
     // send all new scopes to subscribe
     const newScopesToSubscribe: string[] = scopes.reduce((acc: string[], cur: string) => {
       const currentCallbacks = subscriptions[cur];
@@ -102,7 +102,7 @@ const connect = (): Promise<WebSocket> => {
           const callbacks = subscriptions[formated.notifType];
           if (callbacks) {
             callbacks.forEach(cb => {
-              // ensure all callbacks will be called 
+              // ensure all callbacks will be called
               try {
                 return cb(formated);
               } catch (reason) {
diff --git a/sdnr/wt/odlux/framework/src/services/restService.ts b/sdnr/wt/odlux/framework/src/services/restService.ts
index 83c005c13..cfa8ec159 100644
--- a/sdnr/wt/odlux/framework/src/services/restService.ts
+++ b/sdnr/wt/odlux/framework/src/services/restService.ts
@@ -1,8 +1,19 @@
+import { ApplicationStore } from "../store/applicationStore";
+import { ReplaceAction } from "../actions/navigationActions";
 
 const baseUri = `${ window.location.origin }`;
-const absUrlPattern = /^https?:\/\//;  
+const absUrlPattern = /^https?:\/\//;
+let applicationStore: ApplicationStore | null = null;
 
-export async function requestRest<TData>(path: string = '', init: RequestInit = {}, authenticate: boolean = false):  Promise<TData|false|null> {
+export const startRestService = (store: ApplicationStore) => {
+  applicationStore = store;
+};
+
+export const formEncode = (params: { [key: string]: string | number }) => Object.keys(params).map((key) => {
+  return encodeURIComponent(key) + '=' + encodeURIComponent(params[key].toString());
+}).join('&');
+
+export async function requestRest<TData>(path: string = '', init: RequestInit = {}, authenticate: boolean = true):  Promise<TData|false|null> {
   const isAbsUrl = absUrlPattern.test(path);
   const uri = isAbsUrl ? path : (baseUri) + ('/' + path).replace(/\/{2,}/i, '/');
   init.headers = {
@@ -11,13 +22,23 @@ export async function requestRest<TData>(path: string = '', init: RequestInit =
     'Accept': 'application/json',
     ...init.headers
   };
-  if (!isAbsUrl && authenticate) {
-    init.headers = {
+  if (!isAbsUrl && authenticate && applicationStore) {
+    const { state: { framework: { authenticationState: { user } } } } = applicationStore;
+    // do not request if the user is not valid
+    if (!user || !user.isValid) {
+      return null;
+    }
+    (init.headers = {
       ...init.headers,
-      'Authorization': 'Basic YWRtaW46S3A4Yko0U1hzek0wV1hsaGFrM2VIbGNzZTJnQXc4NHZhb0dHbUp2VXkyVQ=='
-    };
+      'Authorization':  `${user.tokenType} ${user.token}`
+      //'Authorization': 'Basic YWRtaW46YWRtaW4='
+    });
   }
   const result = await fetch(uri, init);
+  if (result.status === 401 || result.status === 403) {
+    applicationStore && applicationStore.dispatch(new ReplaceAction(`/login?returnTo=${applicationStore.state.framework.navigationState.pathname}`));
+    return null;
+  }
   const contentType = result.headers.get("Content-Type") || result.headers.get("content-type");
   const isJson = contentType && contentType.toLowerCase().startsWith("application/json");
   try {
author	Herbert Eiselt <herbert.eiselt@highstreet-technologies.com>	2019-03-12 18:00:21 +0100
committer	Herbert Eiselt <herbert.eiselt@highstreet-technologies.com>	2019-03-12 18:01:06 +0100
commit	2d4424c28ac35763ef44c42ae2f01664d42b268c (patch)
tree	4e6ebdc2e57c1c8f2c91d3ec094b340c89dfe5c5 /sdnr/wt/odlux/framework/src/services
parent	caf781999351fc6a3e2acb5b2fe47fe04a291d2d (diff)