infra-geo-ouverte · pelord · Dec 6, 2023 · Dec 4, 2023 · Dec 4, 2023 · Dec 5, 2023
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -90,7 +90,7 @@
     "jspdf": "^2.5.1",
     "jspdf-autotable": "^3.5.29",
     "jszip": "^3.10.1",
-    "jwt-decode": "^2.2.0",
+    "jwt-decode": "^4.0.0",
     "moment": "^2.29.4",
     "ngx-color": "^9.0.0",
     "ngx-indexed-db": "^11.0.2",

diff --git a/packages/auth/package.json b/packages/auth/package.json
@@ -28,7 +28,7 @@
     }
   },
   "dependencies": {
-    "jwt-decode": "^2.2.0",
+    "jwt-decode": "^4.0.0",
     "ts-cacheable": "^1.0.6",
     "ts-md5": "^1.3.0",
     "tslib": "^2.6.0"

diff --git a/packages/auth/src/lib/shared/admin.guard.ts b/packages/auth/src/lib/shared/admin.guard.ts
@@ -21,8 +21,7 @@ export class AdminGuard {
   ) {}
 
   canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot) {
-    const token = this.authService.decodeToken();
-    if (token && token.user && token.user.isAdmin) {
+    if (this.authService.isAdmin) {
       return true;
     }
 

diff --git a/packages/auth/src/lib/shared/auth.interceptor.ts b/packages/auth/src/lib/shared/auth.interceptor.ts
@@ -78,13 +78,8 @@ export class AuthInterceptor implements HttpInterceptor {
       headers: req.headers.set('Authorization', authHeader)
     });
 
-    const tokenDecoded: any = this.tokenService.decode();
-    if (
-      authReq.params.get('_i') === 'true' &&
-      tokenDecoded &&
-      tokenDecoded.user &&
-      tokenDecoded.user.sourceId
-    ) {
+    const tokenDecoded = this.tokenService.decode();
+    if (authReq.params.get('_i') === 'true' && tokenDecoded?.user?.sourceId) {
       const hashUser = Md5.hashStr(tokenDecoded.user.sourceId) as string;
       authReq = authReq.clone({
         params: authReq.params.set('_i', hashUser)

diff --git a/packages/auth/src/lib/shared/auth.interface.ts b/packages/auth/src/lib/shared/auth.interface.ts
@@ -1,5 +1,6 @@
-import { MsalGuardConfiguration } from '@azure/msal-angular';
 import { BaseUser } from '@igo2/core';
+
+import { MsalGuardConfiguration } from '@azure/msal-angular';
 import { BrowserAuthOptions } from '@azure/msal-browser';
 
 export interface AuthInternOptions {
@@ -102,7 +103,7 @@ export interface User extends BaseUser {
   sourceId?: string;
   locale?: string;
   isExpired?: boolean;
-  admin?: boolean;
+  isAdmin?: boolean;
   defaultContextId?: string;
 }
 

diff --git a/packages/auth/src/lib/shared/auth.service.ts b/packages/auth/src/lib/shared/auth.service.ts
@@ -10,6 +10,7 @@ import { catchError, tap } from 'rxjs/operators';
 import { globalCacheBusterNotifier } from 'ts-cacheable';
 
 import { AuthOptions, IInfosUser, User } from './auth.interface';
+import { IgoJwtPayload } from './token.interface';
 import { TokenService } from './token.service';
 
 @Injectable({
@@ -108,11 +109,11 @@ export class AuthService {
     return this.tokenService.get();
   }
 
-  decodeToken() {
+  decodeToken(): IgoJwtPayload | null {
     if (this.isAuthenticated()) {
       return this.tokenService.decode();
     }
-    return false;
+    return;
   }
 
   goToRedirectUrl() {
@@ -163,7 +164,7 @@ export class AuthService {
 
   get isAdmin(): boolean {
     const token = this.decodeToken();
-    if (token && token.user && token.user.isAdmin) {
+    if (token?.user?.isAdmin) {
       return true;
     }
     return false;

diff --git a/packages/auth/src/lib/shared/index.ts b/packages/auth/src/lib/shared/index.ts
@@ -1,4 +1,5 @@
 export * from './token.service';
+export * from './token.interface';
 export * from './auth.service';
 export * from './auth.interface';
 export * from './auth.interceptor';

diff --git a/packages/auth/src/lib/shared/token.interface.ts b/packages/auth/src/lib/shared/token.interface.ts
@@ -0,0 +1,7 @@
+import { JwtPayload } from 'jwt-decode';
+
+import { User } from './auth.interface';
+
+export interface IgoJwtPayload extends JwtPayload {
+  user: User;
+}
diff --git a/packages/auth/src/lib/shared/token.service.ts b/packages/auth/src/lib/shared/token.service.ts
@@ -2,9 +2,10 @@ import { Injectable, Injector } from '@angular/core';
 
 import { ConfigService } from '@igo2/core';
 
-import jwtDecode from 'jwt-decode';
+import { jwtDecode } from 'jwt-decode';
 
 import { AuthOptions } from './auth.interface';
+import { IgoJwtPayload } from './token.interface';
 
 @Injectable({
   providedIn: 'root'
@@ -31,12 +32,12 @@ export class TokenService {
     return localStorage.getItem(this.tokenKey);
   }
 
-  decode() {
+  decode(): IgoJwtPayload {
     const token = this.get();
     if (!token) {
       return;
     }
-    return jwtDecode(token);
+    return jwtDecode(token) satisfies IgoJwtPayload;
   }
 
   isExpired() {

diff --git a/packages/auth/src/public_api.ts b/packages/auth/src/public_api.ts
@@ -13,6 +13,7 @@ export * from './lib/shared/auth.interceptor';
 export * from './lib/shared/auth.interface';
 export * from './lib/shared/auth-microsoft.provider';
 export * from './lib/shared/protected.directive';
+export * from './lib/shared/token.interface';
 export * from './lib/shared/token.service';
 export * from './lib/shared/auth-storage.interface';
 export * from './lib/shared/auth-storage.service';

diff --git a/packages/context/src/lib/share-map/share-map/share-map-api.component.ts b/packages/context/src/lib/share-map/share-map/share-map-api.component.ts
@@ -33,7 +33,7 @@ export class ShareMapApiComponent implements OnInit {
   ngOnInit(): void {
     this.auth.authenticate$.subscribe((auth) => {
       const decodeToken = this.auth.decodeToken();
-      this.userId = decodeToken.user ? decodeToken.user.id : undefined;
+      this.userId = decodeToken?.user?.id.toString();
       this.buildForm();
     });
   }

diff --git a/packages/core/src/lib/analytics/shared/analytics.interface.ts b/packages/core/src/lib/analytics/shared/analytics.interface.ts
@@ -1,7 +1,13 @@
+import { BaseUser } from '../../user/user.interface';
+
 export type AnalyticsProvider = 'matomo';
 
 export interface AnalyticsOptions {
   provider?: AnalyticsProvider;
   url?: string;
   id?: string;
 }
+
+export interface AnalyticsBaseUser extends BaseUser {
+  sourceId?: string | number;
+}
diff --git a/packages/core/src/lib/analytics/shared/analytics.service.ts b/packages/core/src/lib/analytics/shared/analytics.service.ts
@@ -1,7 +1,7 @@
 import { Injectable } from '@angular/core';
 
 import { ConfigService } from '../../config/config.service';
-import { AnalyticsOptions } from './analytics.interface';
+import { AnalyticsBaseUser, AnalyticsOptions } from './analytics.interface';
 
 @Injectable({
   providedIn: 'root'
@@ -45,15 +45,10 @@ export class AnalyticsService {
     })();
   }
 
-  public setUser(
-    user?: {
-      id: number;
-      sourceId?: string;
-      firstName?: string;
-      lastName?: string;
-    },
-    profils?: string[]
-  ) {
+  /**
+   * Pass `null` to unset the user.
+   */
+  public setUser(user: AnalyticsBaseUser | null, profils?: string[]) {
     if (this.options.provider === 'matomo') {
       if (!user) {
         this.paq.push(['resetUserId']);

diff --git a/packages/integration/src/lib/analytics/analytics-listener.service.ts b/packages/integration/src/lib/analytics/analytics-listener.service.ts
@@ -48,15 +48,15 @@ export class AnalyticsListenerService {
 
   listenUser() {
     this.authService.authenticate$.subscribe(() => {
-      const tokenDecoded = this.authService.decodeToken() || {};
-      if (tokenDecoded.user) {
+      const tokenDecoded = this.authService.decodeToken();
+      if (tokenDecoded?.user) {
         this.authService
           .getProfils()
           .subscribe((profils) =>
             this.analyticsService.setUser(tokenDecoded.user, profils.profils)
           );
       } else {
-        this.analyticsService.setUser();
+        this.analyticsService.setUser(null);
       }
     });
   }