npm - @descope/angular-sdk - Versions diffs - 0.0.0-next-a6b67f6a-20231228 → 0.0.0-next-cc7eda17-20231228 - Mend

@descope/angular-sdk 0.0.0-next-a6b67f6a-20231228 → 0.0.0-next-cc7eda17-20231228

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (110) hide show

package/projects/angular-sdk/src/lib/services/descope-auth.service.spec.ts ADDED Viewed

@@ -0,0 +1,264 @@
+import { TestBed } from '@angular/core/testing';
+import { DescopeAuthService } from './descope-auth.service';
+import createSdk from '@descope/web-js-sdk';
+import mocked = jest.mocked;
+import { DescopeAuthConfig } from '../types/types';
+import { of, take, toArray } from 'rxjs';
+jest.mock('@descope/web-js-sdk');
+describe('DescopeAuthService', () => {
+	let service: DescopeAuthService;
+	let mockedCreateSdk: jest.Mock;
+	let windowSpy: jest.SpyInstance;
+	const onSessionTokenChangeSpy = jest.fn();
+	const onUserChangeSpy = jest.fn();
+	const getSessionTokenSpy = jest.fn();
+	const getRefreshTokenSpy = jest.fn();
+	const getJwtPermissionsSpy = jest.fn();
+	const getJwtRolesSpy = jest.fn();
+	const meSpy = jest.fn();
+	const refreshSpy = jest.fn();
+	const mockConfig: DescopeAuthConfig = {
+		projectId: 'someProject'
+	};
+	beforeEach(() => {
+		mockedCreateSdk = mocked(createSdk);
+		windowSpy = jest.spyOn(window, 'window', 'get');
+		mockedCreateSdk.mockReturnValue({
+			onSessionTokenChange: onSessionTokenChangeSpy,
+			onUserChange: onUserChangeSpy,
+			getSessionToken: getSessionTokenSpy,
+			getRefreshToken: getRefreshTokenSpy,
+			getJwtPermissions: getJwtPermissionsSpy,
+			getJwtRoles: getJwtRolesSpy,
+			me: meSpy,
+			refresh: refreshSpy
+		});
+		onSessionTokenChangeSpy.mockImplementation((fn) => fn());
+		onUserChangeSpy.mockImplementation((fn) => fn());
+		TestBed.configureTestingModule({
+			providers: [
+				DescopeAuthConfig,
+				{ provide: DescopeAuthConfig, useValue: mockConfig }
+			]
+		});
+		service = TestBed.inject(DescopeAuthService);
+	});
+	afterEach(() => {
+		getSessionTokenSpy.mockReset();
+		getRefreshTokenSpy.mockReset();
+		getJwtPermissionsSpy.mockReset();
+		getJwtRolesSpy.mockReset();
+	});
+	it('should be created', () => {
+		expect(service).toBeTruthy();
+		expect(mockedCreateSdk).toHaveBeenCalledWith(
+			expect.objectContaining(mockConfig)
+		);
+		expect(onSessionTokenChangeSpy).toHaveBeenCalled();
+		expect(onUserChangeSpy).toHaveBeenCalled();
+	});
+	describe('getSessionToken', () => {
+		it('should call getSessionToken from sdk', () => {
+			const token = 'abcd';
+			getSessionTokenSpy.mockReturnValueOnce(token);
+			const result = service.getSessionToken();
+			expect(getSessionTokenSpy).toHaveBeenCalled();
+			expect(result).toStrictEqual(token);
+		});
+		it('should warn when using getSessionToken in non browser environment', () => {
+			const warnSpy = jest.spyOn(console, 'warn');
+			windowSpy.mockImplementationOnce(() => undefined);
+			service.getSessionToken();
+			expect(warnSpy).toHaveBeenCalledWith(
+				'Get session token is not supported in SSR'
+			);
+			expect(getSessionTokenSpy).not.toHaveBeenCalled();
+		});
+	});
+	describe('getRefreshToken', () => {
+		it('should call getRefreshToken from sdk', () => {
+			const token = 'abcd';
+			getRefreshTokenSpy.mockReturnValueOnce(token);
+			const result = service.getRefreshToken();
+			expect(getRefreshTokenSpy).toHaveBeenCalled();
+			expect(result).toStrictEqual(token);
+		});
+		it('should warn when using getRefreshToken in non browser environment', () => {
+			const warnSpy = jest.spyOn(console, 'warn');
+			windowSpy.mockImplementationOnce(() => undefined);
+			service.getRefreshToken();
+			expect(warnSpy).toHaveBeenCalledWith(
+				'Get refresh token is not supported in SSR'
+			);
+			expect(getRefreshTokenSpy).not.toHaveBeenCalled();
+		});
+	});
+	describe('getJwtPermissions', () => {
+		it('should return permissions for token from sdk', () => {
+			const permissions = ['edit'];
+			getJwtPermissionsSpy.mockReturnValueOnce(permissions);
+			const result = service.getJwtPermissions('token');
+			expect(getJwtPermissionsSpy).toHaveBeenCalledWith('token', undefined);
+			expect(result).toStrictEqual(permissions);
+		});
+		it('should return empty array and log error when there is no token', () => {
+			const errorSpy = jest.spyOn(console, 'error');
+			getSessionTokenSpy.mockReturnValueOnce(null);
+			const result = service.getJwtPermissions();
+			expect(errorSpy).toHaveBeenCalledWith(
+				'Could not get JWT Permissions - not authenticated'
+			);
+			expect(getJwtPermissionsSpy).not.toHaveBeenCalled();
+			expect(result).toStrictEqual([]);
+		});
+	});
+	describe('getJwtRoles', () => {
+		it('should return roles for token from sdk', () => {
+			const roles = ['admin'];
+			getJwtRolesSpy.mockReturnValueOnce(roles);
+			const result = service.getJwtRoles('token');
+			expect(getJwtRolesSpy).toHaveBeenCalledWith('token', undefined);
+			expect(result).toStrictEqual(roles);
+		});
+		it('should return empty array and log error when there is no token', () => {
+			const errorSpy = jest.spyOn(console, 'error');
+			getSessionTokenSpy.mockReturnValueOnce(null);
+			const result = service.getJwtRoles();
+			expect(errorSpy).toHaveBeenCalledWith(
+				'Could not get JWT Roles - not authenticated'
+			);
+			expect(getJwtRolesSpy).not.toHaveBeenCalled();
+			expect(result).toStrictEqual([]);
+		});
+	});
+	describe('refreshSession', () => {
+		it('correctly handle descopeSession stream when session is successfully refreshed', (done: jest.DoneCallback) => {
+			refreshSpy.mockReturnValueOnce(
+				of({ ok: true, data: { sessionJwt: 'newToken' } })
+			);
+			// Taking 4 values from stream: first is initial value, next 3 are the result of refreshSession
+			service.session$.pipe(take(4), toArray()).subscribe({
+				next: (result) => {
+					expect(result.slice(1)).toStrictEqual([
+						{
+							isAuthenticated: false,
+							isSessionLoading: true,
+							sessionToken: undefined
+						},
+						{
+							isAuthenticated: true,
+							isSessionLoading: true,
+							sessionToken: 'newToken'
+						},
+						{
+							isAuthenticated: true,
+							isSessionLoading: false,
+							sessionToken: 'newToken'
+						}
+					]);
+					expect(service.isAuthenticated()).toBeTruthy();
+					done();
+				},
+				error: (err) => {
+					done.fail(err);
+				}
+			});
+			service.refreshSession().subscribe();
+		});
+		it('correctly handle descopeSession stream when refresh session failed', (done: jest.DoneCallback) => {
+			refreshSpy.mockReturnValueOnce(
+				of({ ok: false, data: { sessionJwt: 'newToken' } })
+			);
+			// Taking 4 values from stream: first is initial value, next 3 are the result of refreshSession
+			service.session$.pipe(take(4), toArray()).subscribe({
+				next: (result) => {
+					expect(result.slice(1)).toStrictEqual([
+						{
+							isAuthenticated: false,
+							isSessionLoading: true,
+							sessionToken: undefined
+						},
+						{
+							isAuthenticated: false,
+							isSessionLoading: true,
+							sessionToken: ''
+						},
+						{
+							isAuthenticated: false,
+							isSessionLoading: false,
+							sessionToken: ''
+						}
+					]);
+					expect(service.isAuthenticated()).toBeFalsy();
+					done();
+				},
+				error: (err) => {
+					done.fail(err);
+				}
+			});
+			service.refreshSession().subscribe();
+		});
+	});
+	describe('refreshUser', () => {
+		it('correctly handle descopeUser stream when user is successfully refreshed', (done: jest.DoneCallback) => {
+			meSpy.mockReturnValueOnce(of({ ok: true, data: { name: 'test' } }));
+			// Taking 4 values from stream: first is initial value, next 3 are the result of refreshUser
+			service.user$.pipe(take(4), toArray()).subscribe({
+				next: (result) => {
+					expect(result.slice(1)).toStrictEqual([
+						{ isUserLoading: true, user: undefined },
+						{ isUserLoading: true, user: { name: 'test' } },
+						{ isUserLoading: false, user: { name: 'test' } }
+					]);
+					done();
+				},
+				error: (err) => {
+					done.fail(err);
+				}
+			});
+			service.refreshUser().subscribe();
+		});
+		it('correctly handle descopeUser stream when refresh session failed', (done: jest.DoneCallback) => {
+			meSpy.mockReturnValueOnce(of({ ok: false }));
+			// Taking 3 values from stream: first is initial value, next 2 are the result of refreshUser
+			service.user$.pipe(take(3), toArray()).subscribe({
+				next: (result) => {
+					expect(result.slice(1)).toStrictEqual([
+						{ isUserLoading: true, user: undefined },
+						{ isUserLoading: false, user: undefined }
+					]);
+					done();
+				},
+				error: (err) => {
+					done.fail(err);
+				}
+			});
+			service.refreshUser().subscribe();
+		});
+	});
+});

package/projects/angular-sdk/src/lib/services/descope-auth.service.ts ADDED Viewed

@@ -0,0 +1,176 @@
+import { Injectable } from '@angular/core';
+import type { UserResponse } from '@descope/web-js-sdk';
+import createSdk from '@descope/web-js-sdk';
+import { BehaviorSubject, finalize, Observable, tap } from 'rxjs';
+import { observabilify, Observablefied } from '../utils/helpers';
+import { baseHeaders, isBrowser } from '../utils/constants';
+import { DescopeAuthConfig } from '../types/types';
+type DescopeSDK = ReturnType<typeof createSdk>;
+type AngularDescopeSDK = Observablefied<DescopeSDK>;
+export interface DescopeSession {
+	isAuthenticated: boolean;
+	isSessionLoading: boolean;
+	sessionToken: string | null;
+}
+export type DescopeUser = { user?: UserResponse; isUserLoading: boolean };
+@Injectable({
+	providedIn: 'root'
+})
+export class DescopeAuthService {
+	public descopeSdk: AngularDescopeSDK;
+	private readonly sessionSubject: BehaviorSubject<DescopeSession>;
+	private readonly userSubject: BehaviorSubject<DescopeUser>;
+	readonly session$: Observable<DescopeSession>;
+	readonly user$: Observable<DescopeUser>;
+	constructor(config: DescopeAuthConfig) {
+		this.descopeSdk = observabilify<DescopeSDK>(
+			createSdk({
+				...config,
+				persistTokens: isBrowser() as true,
+				autoRefresh: isBrowser() as true,
+				baseHeaders
+			})
+		);
+		this.sessionSubject = new BehaviorSubject<DescopeSession>({
+			isAuthenticated: false,
+			isSessionLoading: false,
+			sessionToken: ''
+		});
+		this.session$ = this.sessionSubject.asObservable();
+		this.userSubject = new BehaviorSubject<DescopeUser>({
+			isUserLoading: false
+		});
+		this.user$ = this.userSubject.asObservable();
+		this.descopeSdk.onSessionTokenChange(this.setSession.bind(this));
+		this.descopeSdk.onUserChange(this.setUser.bind(this));
+	}
+	refreshSession() {
+		const beforeRefreshSession = this.sessionSubject.value;
+		this.sessionSubject.next({
+			...beforeRefreshSession,
+			isSessionLoading: true
+		});
+		return this.descopeSdk.refresh().pipe(
+			tap((data) => {
+				const afterRequestSession = this.sessionSubject.value;
+				if (data.ok && data.data) {
+					this.sessionSubject.next({
+						...afterRequestSession,
+						sessionToken: data.data.sessionJwt,
+						isAuthenticated: !!data.data.sessionJwt
+					});
+				} else {
+					this.sessionSubject.next({
+						...afterRequestSession,
+						sessionToken: '',
+						isAuthenticated: false
+					});
+				}
+			}),
+			finalize(() => {
+				const afterRefreshSession = this.sessionSubject.value;
+				this.sessionSubject.next({
+					...afterRefreshSession,
+					isSessionLoading: false
+				});
+			})
+		);
+	}
+	refreshUser() {
+		const beforeRefreshUser = this.userSubject.value;
+		this.userSubject.next({
+			...beforeRefreshUser,
+			isUserLoading: true
+		});
+		return this.descopeSdk.me().pipe(
+			tap((data) => {
+				const afterRequestUser = this.userSubject.value;
+				if (data.data) {
+					this.userSubject.next({
+						...afterRequestUser,
+						user: {
+							...data.data
+						}
+					});
+				}
+			}),
+			finalize(() => {
+				const afterRefreshUser = this.userSubject.value;
+				this.userSubject.next({
+					...afterRefreshUser,
+					isUserLoading: false
+				});
+			})
+		);
+	}
+	getSessionToken() {
+		if (isBrowser()) {
+			return (
+				this.descopeSdk as AngularDescopeSDK & {
+					getSessionToken: () => string | null;
+				}
+			).getSessionToken();
+		}
+		console.warn('Get session token is not supported in SSR');
+		return '';
+	}
+	getRefreshToken() {
+		if (isBrowser()) {
+			return (
+				this.descopeSdk as AngularDescopeSDK & {
+					getRefreshToken: () => string | null;
+				}
+			).getRefreshToken();
+		}
+		this.descopeSdk.getJwtPermissions;
+		console.warn('Get refresh token is not supported in SSR');
+		return '';
+	}
+	getJwtPermissions(token = this.getSessionToken(), tenant?: string) {
+		if (token === null) {
+			console.error('Could not get JWT Permissions - not authenticated');
+			return [];
+		}
+		return this.descopeSdk.getJwtPermissions(token, tenant);
+	}
+	getJwtRoles(token = this.getSessionToken(), tenant?: string) {
+		if (token === null) {
+			console.error('Could not get JWT Roles - not authenticated');
+			return [];
+		}
+		return this.descopeSdk.getJwtRoles(token, tenant);
+	}
+	isAuthenticated() {
+		return this.sessionSubject.value.isAuthenticated;
+	}
+	private setSession(sessionToken: string | null) {
+		const currentSession = this.sessionSubject.value;
+		this.sessionSubject.next({
+			sessionToken,
+			isAuthenticated: !!sessionToken,
+			isSessionLoading: currentSession.isSessionLoading
+		});
+	}
+	private setUser(user: UserResponse) {
+		const currentUser = this.userSubject.value;
+		this.userSubject.next({
+			isUserLoading: currentUser.isUserLoading,
+			user
+		});
+	}
+}

package/projects/angular-sdk/src/lib/services/descope.interceptor.spec.ts ADDED Viewed

@@ -0,0 +1,102 @@
+import { TestBed } from '@angular/core/testing';
+import {
+	HttpTestingController,
+	provideHttpClientTesting
+} from '@angular/common/http/testing';
+import {
+	HttpClient,
+	provideHttpClient,
+	withInterceptors
+} from '@angular/common/http';
+import { of } from 'rxjs';
+import { DescopeAuthService } from './descope-auth.service';
+import { DescopeAuthConfig } from '../types/types';
+import createSdk from '@descope/web-js-sdk';
+import { descopeInterceptor } from './descope.interceptor';
+import mocked = jest.mocked;
+jest.mock('@descope/web-js-sdk');
+describe('DescopeInterceptor', () => {
+	let authService: DescopeAuthService;
+	let httpTestingController: HttpTestingController;
+	let httpClient: HttpClient;
+	let mockedCreateSdk: jest.Mock;
+	beforeEach(() => {
+		mockedCreateSdk = mocked(createSdk);
+		mockedCreateSdk.mockReturnValue({
+			onSessionTokenChange: jest.fn(),
+			onUserChange: jest.fn()
+		});
+		TestBed.configureTestingModule({
+			providers: [
+				DescopeAuthService,
+				{
+					provide: DescopeAuthConfig,
+					useValue: { pathsToIntercept: ['/api'], projectId: 'test' }
+				},
+				provideHttpClient(withInterceptors([descopeInterceptor])),
+				provideHttpClientTesting()
+			]
+		});
+		authService = TestBed.inject(DescopeAuthService);
+		httpTestingController = TestBed.inject(HttpTestingController);
+		httpClient = TestBed.inject(HttpClient);
+	});
+	afterEach(() => {
+		httpTestingController.verify();
+	});
+	it('should intercept requests for specified paths', () => {
+		jest.spyOn(authService, 'getSessionToken').mockReturnValue('fakeToken');
+		httpClient.get('/api/data').subscribe();
+		httpClient.get('/other').subscribe();
+		const req1 = httpTestingController.expectOne('/api/data');
+		const req2 = httpTestingController.expectOne('/other');
+		expect(req1.request.headers.get('Authorization')).toEqual(
+			'Bearer fakeToken'
+		);
+		expect(req2.request.headers.get('Authorization')).toEqual(null);
+		req1.flush({});
+		req2.flush({});
+	});
+	it('should refresh token and retry request on 401 or 403 error', () => {
+		jest.spyOn(authService, 'getSessionToken').mockReturnValue(null);
+		const refreshSessionSpy = jest
+			.spyOn(authService, 'refreshSession')
+			.mockReturnValue(of({ ok: true, data: { sessionJwt: 'newToken' } }));
+		httpClient.get('/api/data').subscribe();
+		const req = httpTestingController.expectOne('/api/data');
+		expect(req.request.headers.get('Authorization')).toEqual('Bearer newToken');
+		expect(refreshSessionSpy).toHaveBeenCalled();
+		req.flush({}, { status: 401, statusText: 'Not authorized' });
+	});
+	it('should throw an error if refreshing the session fails', () => {
+		jest.spyOn(authService, 'getSessionToken').mockReturnValue(null);
+		jest
+			.spyOn(authService, 'refreshSession')
+			.mockReturnValue(of({ ok: false, data: undefined }));
+		httpClient.get('/api/data').subscribe({
+			next: () => {},
+			error: (error) => {
+				expect(error.message).toEqual('Could not refresh session!');
+			},
+			complete: () => {}
+		});
+		httpTestingController.expectNone('/api/data');
+	});
+});

package/projects/angular-sdk/src/lib/services/descope.interceptor.ts ADDED Viewed

@@ -0,0 +1,76 @@
+import { inject } from '@angular/core';
+import {
+	HttpErrorResponse,
+	HttpHandlerFn,
+	HttpInterceptorFn,
+	HttpRequest
+} from '@angular/common/http';
+import { throwError } from 'rxjs';
+import { catchError, switchMap } from 'rxjs/operators';
+import { DescopeAuthService } from './descope-auth.service';
+import { DescopeAuthConfig } from '../types/types';
+export const descopeInterceptor: HttpInterceptorFn = (request, next) => {
+	const config = inject(DescopeAuthConfig);
+	const authService = inject(DescopeAuthService);
+	function refreshAndRetry(
+		request: HttpRequest<unknown>,
+		next: HttpHandlerFn,
+		error?: HttpErrorResponse
+	) {
+		return authService.refreshSession().pipe(
+			switchMap((refreshed) => {
+				if (refreshed.ok && refreshed.data) {
+					const requestWithRefreshedToken = addTokenToRequest(
+						request,
+						refreshed.data?.sessionJwt
+					);
+					return next(requestWithRefreshedToken);
+				} else {
+					return throwError(
+						() => error ?? new Error('Could not refresh session!')
+					);
+				}
+			})
+		);
+	}
+	function shouldIntercept(request: HttpRequest<unknown>): boolean {
+		return (
+			(config.pathsToIntercept?.length === 0 ||
+				config.pathsToIntercept?.some((path) => request.url.includes(path))) ??
+			true
+		);
+	}
+	function addTokenToRequest(
+		request: HttpRequest<unknown>,
+		token: string
+	): HttpRequest<unknown> {
+		return request.clone({
+			setHeaders: {
+				Authorization: `Bearer ${token}`
+			}
+		});
+	}
+	if (shouldIntercept(request)) {
+		const token = authService.getSessionToken();
+		if (!token) {
+			return refreshAndRetry(request, next);
+		}
+		const requestWithToken = addTokenToRequest(request, token);
+		return next(requestWithToken).pipe(
+			catchError((error: HttpErrorResponse) => {
+				if (error.status === 401 || error.status === 403) {
+					return refreshAndRetry(request, next, error);
+				} else {
+					return throwError(() => error);
+				}
+			})
+		);
+	} else {
+		return next(request);
+	}
+};

package/projects/angular-sdk/src/lib/types/types.ts ADDED Viewed

@@ -0,0 +1,10 @@
+import { ILogger } from '@descope/web-component';
+export class DescopeAuthConfig {
+	projectId = '';
+	baseUrl?: string;
+	sessionTokenViaCookie?: boolean;
+	pathsToIntercept?: string[];
+}
+export type { ILogger };

package/projects/angular-sdk/src/lib/utils/constants.ts ADDED Viewed

@@ -0,0 +1,8 @@
+import { environment } from '../../environment';
+export const baseHeaders = {
+	'x-descope-sdk-name': 'angular',
+	'x-descope-sdk-version': environment.buildVersion
+};
+export const isBrowser = () => typeof window !== 'undefined';