Skip to content

Commit

Permalink
feat(auth-interceptor) allow to pass credentials by domain, based on …
Browse files Browse the repository at this point in the history
…regex (#816)

* feat(auth-interceptor) allow to pass credentials by domain, based on regex

* wip

* wip

Co-authored-by: Pierre-Étienne Lord <[email protected]>
  • Loading branch information
pelord and Pierre-Étienne Lord authored Apr 8, 2021
1 parent 3d53ed7 commit c9362d2
Show file tree
Hide file tree
Showing 2 changed files with 37 additions and 2 deletions.
32 changes: 31 additions & 1 deletion packages/auth/src/lib/shared/auth.interceptor.ts
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ import { Md5 } from 'ts-md5';

import { ConfigService } from '@igo2/core';
import { TokenService } from './token.service';
import { WithCredentialsOptions } from './auth.interface';

@Injectable({
providedIn: 'root'
Expand All @@ -24,16 +25,27 @@ export class AuthInterceptor implements HttpInterceptor {
return trustHosts;
}

private get hostsWithCredentials(): WithCredentialsOptions[] {
return this.config.getConfig('auth.hostsWithCredentials') || [];
}

constructor(
private config: ConfigService,
private tokenService: TokenService,
private http: HttpClient
) {}

intercept(
req: HttpRequest<any>,
originalReq: HttpRequest<any>,
next: HttpHandler
): Observable<HttpEvent<any>> {
const withCredentials = this.handleHostsWithCredentials(originalReq.url);
let req = originalReq.clone();
if (withCredentials) {
req = originalReq.clone({
withCredentials
});
}
this.refreshToken();
const token = this.tokenService.get();
const element = document.createElement('a');
Expand Down Expand Up @@ -72,6 +84,12 @@ export class AuthInterceptor implements HttpInterceptor {
}

interceptXhr(xhr, url: string): boolean {
const withCredentials = this.handleHostsWithCredentials(url);
if (withCredentials) {
xhr.withCredentials = withCredentials;
return true;
}

this.refreshToken();
const element = document.createElement('a');
element.href = url;
Expand All @@ -84,6 +102,18 @@ export class AuthInterceptor implements HttpInterceptor {
return true;
}

private handleHostsWithCredentials(reqUrl: string) {
let withCredentials = false;
for (const hostWithCredentials of this.hostsWithCredentials) {
const domainRegex = new RegExp(hostWithCredentials.domainRegFilters);
if (domainRegex.test(reqUrl)) {
withCredentials = hostWithCredentials.withCredentials !== undefined ? hostWithCredentials.withCredentials : undefined;
break;
}
}
return withCredentials;
}

refreshToken() {
const jwt = this.tokenService.decode();
const currentTime = new Date().getTime() / 1000;
Expand Down
7 changes: 6 additions & 1 deletion packages/auth/src/lib/shared/auth.interface.ts
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ export interface AuthMicrosoftOptions {
}

export interface AuthOptions {
url: string;
url?: string;
tokenKey: string;
allowAnonymous?: boolean;
loginRoute?: string;
Expand All @@ -31,7 +31,12 @@ export interface AuthOptions {
microsoft?: AuthMicrosoftOptions;
trustHosts?: string[];
profilsGuard?: string[];
hostsWithCredentials?: WithCredentialsOptions[];
}
export interface WithCredentialsOptions {
withCredentials?: boolean;
domainRegFilters?: string;
}

export interface User {
source?: string;
Expand Down

0 comments on commit c9362d2

Please sign in to comment.