datahub/datahub-web/@datahub/shared/addon/services/aad-sso.ts

import Service from '@ember/service';
import { ApiResponseStatus } from '@datahub/utils/api/shared';
import { action } from '@ember/object';
import { inject as service } from '@ember/service';
import Session from 'ember-simple-auth/services/session';
import { EmberCookieService } from 'ember-cookies';
/**
 * SSO Service for UI for ember simple auth
 */
export default class AadSso extends Service {
  /**
   * Session Service to check the redirect logic after login
   */
  @service
  session!: Session;

  /**
   * Ember Cookies service to write 'ember_simple_auth-redirectTarget'
   * that will be used to redirect after a successful login (MSAL changes the page)
   */
  @service
  cookies!: EmberCookieService;

  /**
   * API endpoint for login
   */
  authRedirectUrl = '/sso';

  /**
   * API endpoint to check auth status
   */
  validateTokenUrl = '/validate-token';

  /**
   * Will invoke validate token. If API returns 401 means that the user is not authorized.
   */
  @action
  async validateToken(): Promise<void> {
    const { status } = await fetch(this.validateTokenUrl);
    if (status === ApiResponseStatus.UnAuthorized) {
      throw new Error(`${ApiResponseStatus.UnAuthorized}`);
    }
    return;
  }

  /**
   * Will authenticate by just validating the token. If the user is not authenticated, it will redirected to
   * MSAL login page by default.
   * @param redirectToAAD
   */
  async authenticate(redirectToAAD = true): Promise<void> {
    try {
      return await this.validateToken();
    } catch {
      if (redirectToAAD) {
        const { authRedirectUrl } = this;
        if (this.session.attemptedTransition) {
          const transition = (this.session.attemptedTransition as unknown) as { intent: { url: string } };
          this.cookies.write('ember_simple_auth-redirectTarget', transition.intent.url);
        }
        window.location.replace(authRedirectUrl);
      }
      throw new Error('Not Authenticated');
    }
  }
  /**
   * Will check if we have the redirect cookie for ember-simple-auth
   */
  hasRedirectCookie(): boolean {
    return !!this.cookies.read('ember_simple_auth-redirectTarget');
  }
}

declare module '@ember/service' {
  // eslint-disable-next-line @typescript-eslint/interface-name-prefix
  interface Registry {
    'aad-sso': AadSso;
  }
}
feat(frontend): update datahub-web client UI code (#1806) * Releases updated version of datahub-web client UI code * Fix typo in yarn lock * Change yarn lock to match yarn registry directories * Previous commit missed some paths * Even more changes to yarnlock missing in previous commit * Include codegen file for typings * Add files to get parity for datahub-web and current OS datahub-midtier * Add in typo fix from previous commit - change to proper license * Implement proper OS fix for person entity picture url * Workarounds for open source DH issues * Fixes institutional memory api and removes unopensourced tabs for datasets * Fixes search dataset deprecation and user search issue as a result of changes * Remove internal only options in the avatar menu 2020-08-26 15:44:50 -07:00			`import Service from '@ember/service';`
			`import { ApiResponseStatus } from '@datahub/utils/api/shared';`
			`import { action } from '@ember/object';`
			`import { inject as service } from '@ember/service';`
			`import Session from 'ember-simple-auth/services/session';`
			`import { EmberCookieService } from 'ember-cookies';`
			`/**`
			`* SSO Service for UI for ember simple auth`
			`*/`
			`export default class AadSso extends Service {`
			`/**`
			`* Session Service to check the redirect logic after login`
			`*/`
			`@service`
			`session!: Session;`

			`/**`
			`* Ember Cookies service to write 'ember_simple_auth-redirectTarget'`
			`* that will be used to redirect after a successful login (MSAL changes the page)`
			`*/`
			`@service`
			`cookies!: EmberCookieService;`

			`/**`
			`* API endpoint for login`
			`*/`
			`authRedirectUrl = '/sso';`

			`/**`
			`* API endpoint to check auth status`
			`*/`
			`validateTokenUrl = '/validate-token';`

			`/**`
			`* Will invoke validate token. If API returns 401 means that the user is not authorized.`
			`*/`
			`@action`
			`async validateToken(): Promise<void> {`
			`const { status } = await fetch(this.validateTokenUrl);`
			`if (status === ApiResponseStatus.UnAuthorized) {`
			throw new Error(`${ApiResponseStatus.UnAuthorized}`);
			`}`
			`return;`
			`}`

			`/**`
			`* Will authenticate by just validating the token. If the user is not authenticated, it will redirected to`
			`* MSAL login page by default.`
			`* @param redirectToAAD`
			`*/`
			`async authenticate(redirectToAAD = true): Promise<void> {`
			`try {`
			`return await this.validateToken();`
			`} catch {`
			`if (redirectToAAD) {`
			`const { authRedirectUrl } = this;`
			`if (this.session.attemptedTransition) {`
			`const transition = (this.session.attemptedTransition as unknown) as { intent: { url: string } };`
			`this.cookies.write('ember_simple_auth-redirectTarget', transition.intent.url);`
			`}`
			`window.location.replace(authRedirectUrl);`
			`}`
			`throw new Error('Not Authenticated');`
			`}`
			`}`
			`/**`
			`* Will check if we have the redirect cookie for ember-simple-auth`
			`*/`
			`hasRedirectCookie(): boolean {`
			`return !!this.cookies.read('ember_simple_auth-redirectTarget');`
			`}`
			`}`

			`declare module '@ember/service' {`
			`// eslint-disable-next-line @typescript-eslint/interface-name-prefix`
			`interface Registry {`
			`'aad-sso': AadSso;`
			`}`
			`}`