-
Notifications
You must be signed in to change notification settings - Fork 90
/
fetch.js
119 lines (111 loc) · 4.51 KB
/
fetch.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
/*
* Copyright (c) Microsoft Corporation. All rights reserved.
* Licensed under the MIT License.
*/
/**
* This method calls the Graph API by utilizing the graph client instance.
* @param {String} username
* @param {Array} scopes
* @param {String} uri
* @param {String} interactionType
* @param {Object} myMSALObj
* @returns
*/
const callGraph = async (username, scopes, uri, interactionType, myMSALObj) => {
const account = myMSALObj.getAccountByUsername(username);
try {
let response = await getGraphClient({
account: account,
scopes: scopes,
interactionType: interactionType,
})
.api(uri)
.responseType('raw')
.get();
response = await handleClaimsChallenge(account, response, uri);
if (response && response.error === 'claims_challenge_occurred') throw response.error;
updateUI(response, uri);
} catch (error) {
if (error === 'claims_challenge_occurred') {
const resource = new URL(uri).hostname;
const claims =
account &&
getClaimsFromStorage(`cc.${msalConfig.auth.clientId}.${account.idTokenClaims.oid}.${resource}`)
? window.atob(
getClaimsFromStorage(
`cc.${msalConfig.auth.clientId}.${account.idTokenClaims.oid}.${resource}`
)
)
: undefined; // e.g {"access_token":{"xms_cc":{"values":["cp1"]}}}
let request = {
account: account,
scopes: scopes,
claims: claims,
};
switch (interactionType) {
case msal.InteractionType.Popup:
await myMSALObj.acquireTokenPopup({
...request,
redirectUri: '/redirect',
});
break;
case msal.InteractionType.Redirect:
await myMSALObj.acquireTokenRedirect(request);
break;
default:
await myMSALObj.acquireTokenRedirect(request);
break;
}
} else if (error.toString().includes('404')) {
return updateUI(null, uri);
} else {
console.log(error);
}
}
}
/**
* This method inspects the HTTPS response from a fetch call for the "www-authenticate header"
* If present, it grabs the claims challenge from the header and store it in the localStorage
* For more information, visit: https://docs.microsoft.com/en-us/azure/active-directory/develop/claims-challenge#claims-challenge-header-format
* @param {object} response
* @returns response
*/
const handleClaimsChallenge = async (account, response, apiEndpoint) => {
if (response.status === 200) {
return response.json();
} else if (response.status === 401) {
if (response.headers.get('WWW-Authenticate')) {
const authenticateHeader = response.headers.get('WWW-Authenticate');
const claimsChallenge = parseChallenges(authenticateHeader);
/**
* This method stores the claim challenge to the session storage in the browser to be used when acquiring a token.
* To ensure that we are fetching the correct claim from the storage, we are using the clientId
* of the application and oid (user’s object id) as the key identifier of the claim with schema
* cc.<clientId>.<oid>.<resource.hostname>
*/
addClaimsToStorage(
claimsChallenge.claims,
`cc.${msalConfig.auth.clientId}.${account.idTokenClaims.oid}.${new URL(apiEndpoint).hostname}`
);
return { error: 'claims_challenge_occurred', payload: claimsChallenge.claims };
}
throw new Error(`Unauthorized: ${response.status}`);
} else {
throw new Error(`Something went wrong with the request: ${response.status}`);
}
};
/**
* This method parses WWW-Authenticate authentication headers
* @param header
* @return {Object} challengeMap
*/
const parseChallenges = (header) => {
const schemeSeparator = header.indexOf(' ');
const challenges = header.substring(schemeSeparator + 1).split(', ');
const challengeMap = {};
challenges.forEach((challenge) => {
const [key, value] = challenge.split('=');
challengeMap[key.trim()] = window.decodeURI(value.replace(/(^"|"$)/g, ''));
});
return challengeMap;
}