From c9362d248d9240574e00c232f55d7f6e7c398775 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pierre-=C3=89tienne=20Lord?= <7397743+pelord@users.noreply.github.com> Date: Thu, 8 Apr 2021 12:25:56 -0400 Subject: [PATCH] feat(auth-interceptor) allow to pass credentials by domain, based on regex (#816) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * feat(auth-interceptor) allow to pass credentials by domain, based on regex * wip * wip Co-authored-by: Pierre-Étienne Lord --- .../auth/src/lib/shared/auth.interceptor.ts | 32 ++++++++++++++++++- .../auth/src/lib/shared/auth.interface.ts | 7 +++- 2 files changed, 37 insertions(+), 2 deletions(-) diff --git a/packages/auth/src/lib/shared/auth.interceptor.ts b/packages/auth/src/lib/shared/auth.interceptor.ts index 6fbdf6e935..8171fe92d1 100644 --- a/packages/auth/src/lib/shared/auth.interceptor.ts +++ b/packages/auth/src/lib/shared/auth.interceptor.ts @@ -11,6 +11,7 @@ import { Md5 } from 'ts-md5'; import { ConfigService } from '@igo2/core'; import { TokenService } from './token.service'; +import { WithCredentialsOptions } from './auth.interface'; @Injectable({ providedIn: 'root' @@ -24,6 +25,10 @@ export class AuthInterceptor implements HttpInterceptor { return trustHosts; } + private get hostsWithCredentials(): WithCredentialsOptions[] { + return this.config.getConfig('auth.hostsWithCredentials') || []; + } + constructor( private config: ConfigService, private tokenService: TokenService, @@ -31,9 +36,16 @@ export class AuthInterceptor implements HttpInterceptor { ) {} intercept( - req: HttpRequest, + originalReq: HttpRequest, next: HttpHandler ): Observable> { + const withCredentials = this.handleHostsWithCredentials(originalReq.url); + let req = originalReq.clone(); + if (withCredentials) { + req = originalReq.clone({ + withCredentials + }); + } this.refreshToken(); const token = this.tokenService.get(); const element = document.createElement('a'); @@ -72,6 +84,12 @@ export class AuthInterceptor implements HttpInterceptor { } interceptXhr(xhr, url: string): boolean { + const withCredentials = this.handleHostsWithCredentials(url); + if (withCredentials) { + xhr.withCredentials = withCredentials; + return true; + } + this.refreshToken(); const element = document.createElement('a'); element.href = url; @@ -84,6 +102,18 @@ export class AuthInterceptor implements HttpInterceptor { return true; } + private handleHostsWithCredentials(reqUrl: string) { + let withCredentials = false; + for (const hostWithCredentials of this.hostsWithCredentials) { + const domainRegex = new RegExp(hostWithCredentials.domainRegFilters); + if (domainRegex.test(reqUrl)) { + withCredentials = hostWithCredentials.withCredentials !== undefined ? hostWithCredentials.withCredentials : undefined; + break; + } + } + return withCredentials; + } + refreshToken() { const jwt = this.tokenService.decode(); const currentTime = new Date().getTime() / 1000; diff --git a/packages/auth/src/lib/shared/auth.interface.ts b/packages/auth/src/lib/shared/auth.interface.ts index 471905a135..34604935ef 100644 --- a/packages/auth/src/lib/shared/auth.interface.ts +++ b/packages/auth/src/lib/shared/auth.interface.ts @@ -19,7 +19,7 @@ export interface AuthMicrosoftOptions { } export interface AuthOptions { - url: string; + url?: string; tokenKey: string; allowAnonymous?: boolean; loginRoute?: string; @@ -31,7 +31,12 @@ export interface AuthOptions { microsoft?: AuthMicrosoftOptions; trustHosts?: string[]; profilsGuard?: string[]; + hostsWithCredentials?: WithCredentialsOptions[]; } +export interface WithCredentialsOptions { + withCredentials?: boolean; + domainRegFilters?: string; + } export interface User { source?: string;