@gandalan/weblibs 1.2.0 → 1.3.0

package/README.md

@@ -1,42 +1,32 @@
 # WebLibs for Gandalan JS/TS/Svelte projects
 
-## IDAS API mit JavaScript/TypeScript verwenden
-
+## Initialize Fluent IDAS API + local API
+Example:
 ```js
-import { IDASFactory } from '@gandalan/weblibs';
-let idas = IDASFactory.create();
-```
+import { fetchEnvConfig, fluentApi, fluentIdasAuthManager } from '@gandalan/weblibs';
 
-IDAS ab Version 1.0.0 verwendet JWT-Token für die Authentifizierung mit WebAPI.
+async function initializeAuthAndApi() {
+    const appToken = 'your-app-token';
+    const envConfig = await fetchEnvConfig('dev'); // Replace 'dev' with your desired environment
 
-Danach z.B. Zugriff auf die Mandant-Guid:
+    const authManager = await fluentIdasAuthManager(appToken, envConfig.idas).init();
+    if (!authManager) {
+        return; // init() has redirected to login.
+    }
 
-```js
-let mandantGuid = await idas.then(i => i.mandantGuid);
+    globalThis.idas = fluentApi(envConfig.idas, authManager);   // IDAS-API instance
+    globalThis.api = fluentApi("/api/", authManager);           // Local API instance
+}
 ```
 
-Datenzugriffe erfolgen über die Objekte innerhalb der IDAS-Klasse
+## Usage samples
 
 ```js
-let loader = Promise.all([
-    idas.
-      .then(i => i.mandanten.getAll())
-      .then(d => mandanten = d.sort((a,b) => a.Name.localeCompare(b.Name)))
-      .catch(e => error = e),
-    idas
-      .then(i => i.rollen.getAll())
-      .then(d => rollen = d.sort((a,b) => a.Name.localeCompare(b.Name)))
-      .catch(e => error = e)
-])
-      .then(_ => setMandant(mandantGuid));
-```
-
-der hier eingeführte `loader` kann mit dem `{#await}`-Svelte-Konstrukt verwendet werden:
+// Example IDAS API usage
+const responseIdas = await globalThis.idas.get('mandanten');
+console.log(responseIdas[0].Name);
 
-```js
-{#await loader}
-    <progress />
-{:then}
- ...
-{/await}
+// Example local API usage
+const responseApi = await globalThis.api.get('some-endpoint');
+console.log(responseApi);
 ```

package/api/fluentApi.js

@@ -1,157 +1,29 @@
-import { jwtDecode } from "jwt-decode";
 import { restClient } from "./fluentRestClient";
-import { authBuilder } from "./fluentAuthBuilder";
-
-/**
- * @typedef {Object} EnvironmentConfig
- * @property {string} name - The environment name.
- * @property {string} version - The version number.
- * @property {string} cms - The CMS URL.
- * @property {string} idas - The IDAS API URL.
- * @property {string} store - The store API URL.
- * @property {string} docs - The documentation URL.
- * @property {string} notify - The notification service URL.
- * @property {string} feedback - The feedback service URL.
- * @property {string} helpcenter - The help center URL.
- * @property {string} reports - The reports service URL.
- * @property {string} webhookService - The webhook service URL.
- */
-
-/**
- * buffer for environment data
- * @private
- * @type {Object.<string, EnvironmentConfig>}
- */
-const envs = {};
-
-/**
- * configure the time before token expiry to renew
- * @type {number}
- */
-const JWT_SAFE_RENEWAL = 30; // seconds before token expiry to renew
-
-/**
- * fetches the environment data from the hub
- * @export
- * @async
- * @param {string} [env="", env="dev", env="staging", env="produktiv"]
- * @returns {Promise<EnvironmentConfig>}
- */
-export async function fetchEnv(env = "") {
-    if (!(env in envs)) {
-        const hubUrl = `https://connect.idas-cloudservices.net/api/Endpoints?env=${env}`;
-        console.log("fetching env", hubUrl);
-        const r = await fetch(hubUrl);
-        const data = await r.json();
-        envs[env] = data;
-    }
-    return envs[env];
-}
-
-/** 
- * @typedef {Object} JwtTokenExt
- * @property {string} id
- * @property {string} refreshToken
-*/
-
-/**
- * decode the JWT token and return the refresh token
- * @export
- * @param {string} token
- * @returns {string}
- */
-export function getRefreshToken(token) {
-    const decoded = /** @type {JwtTokenExt} */(jwtDecode(token));
-    return decoded.refreshToken;
-}
-
-/**
- * check if the token is still valid
- * - checks the expiry date and the JWT_SAFE_RENEWAL buffer
- * 
- *  @export
- * @param {string} token
- * @returns {boolean}
- */
-export function isTokenValid(token) 
-{
-    try
-    {
-        const decoded = jwtDecode(token);
-        if (!decoded || !decoded.exp) 
-            throw new Error("Invalid token");
-        return (decoded.exp - JWT_SAFE_RENEWAL > Date.now() / 1000);
-    }
-    catch {
-        return false;
-    }
-}
 
 /**
  * @typedef {Object} FluentApi
  * @property {string} baseUrl - The base URL for API requests.
- * @property {string} authUrl - The authentication URL.
- * @property {string} env - The environment setting.
- * @property {string} appToken - The application token.
- * @property {string} storageEntry - The storage entry.
- * @property {string} token - The JWT token for authorization.
- * @property {string} refreshToken - The refresh token.
- * @property {function(EnvironmentConfig) : FluentApi} useEnvironment - Sets the environment and returns the FluentApi object.
- * @property {function(string) : FluentApi} useAppToken - Sets the application token and returns the FluentApi object.
+ * @property {FluentAuthManager} authManager - The authentication manager.
  * @property {function(string) : FluentApi} useBaseUrl - Sets the base URL for API requests and returns the FluentApi object.
- * @property {function(string) : FluentApi} useAuthUrl - Sets the authentication URL and returns the FluentApi object.
- * @property {function(string) : FluentApi} useToken - Sets the JWT token for authorization and returns the FluentApi object.
- * @property {function(string) : FluentApi} useRefreshToken - Sets the refresh token and returns the FluentApi object.
- * @property {function() : FluentApi} useGlobalAuth - Uses global authentication tokens and returns the FluentApi object.
+ * @property {function(FluentAuthManager) : FluentApi} useAuthManager - Sets the auth manager and returns the FluentApi object.
  * @property {function(string) : object|Array<any>} get - Async function to perform GET requests.
  * @property {function(string, object|null) : object|Array<any>} put - Async function to perform PUT requests with a payload.
  * @property {function(string, object|null) : object|Array<any>} post - Async function to perform POST requests with a payload.
  * @property {function(string) : object|Array<any>} delete - Async function to perform DELETE requests.
- * @property {Function} ensureAuthenticated - Ensures the user is authenticated before making a request.
- * @property {Function} ensureBaseUrlIsSet - Ensures the base URL is set before making a request.
- * @property {Function} redirectToLogin - Redirects to the login page.
  */
 
 /**
- * Builds a client to communicate with the IDAS api in a fluent syntax
- * 
- * @return {FluentApi}
+ * Builds a client to communicate with the IDAS or local API using fluent syntax.
+ *
+ * @return {FluentApi} A configured API client instance.
  */
 export function createApi() {
     return {
+        authManager: {},
         baseUrl: "",
-        authUrl: "",
-        env: "",
-        appToken: "",
-        storageEntry: "",
-        token: "",
-        refreshToken: "",
-
-        /**
-         * set the environment to use
-         * 
-         * @param {EnvironmentConfig} env 
-         * @return {FluentApi}
-         */
-        useEnvironment(env = {}) { 
-            this.env = env; 
-            this.baseUrl = env.idas;
-            this.authUrl = env.idas;
-            return this; 
-        },
-
-        /**
-         * set the app token to use
-         *
-         * @param {string} [newApptoken=""]
-         * @return {FluentApi}
-         */
-        useAppToken(newApptoken = "") {
-            this.appToken = newApptoken; return this;
-        },
 
         /**
-         * set the base URL for API requests
+         * Sets the base URL for API requests.
          *
          * @param {string} [url=""]
          * @return {FluentApi}
@@ -162,96 +34,59 @@ export function createApi() {
         },
 
         /**
-         * set the authentication URL
-         *
-         * @param {string} [url=""]
-         * @return {FluentApi}
-         */
-        useAuthUrl(url = "") {
-            this.authUrl = url; return this;
-        },
-
-        /**
-         * set the JWT token for authorization
-         *
-         * @param {string} [jwtToken=""]
-         * @return {FluentApi}
-         */
-        useToken(jwtToken = "") {
-            this.token = jwtToken; return this;
-        },
-
-        /**
-         * set the refresh token
-         *
-         * @param {string} [storedRefreshToken=""]
-         * @return {FluentApi}
-         */
-        useRefreshToken(storedRefreshToken = "") {
-            this.refreshToken = storedRefreshToken; return this;
-        },
-        
-        /**
-         * tell the client to use the global authentication tokens
+         * Sets the authentication manager.
          *
+         * @param {FluentAuthManager} authManager
          * @return {FluentApi}
          */
-        useGlobalAuth() {
-            // eslint-disable-next-line no-undef 
-            this.token = globalThis.idasTokens.token; 
-            // eslint-disable-next-line no-undef
-            this.refreshToken = globalThis.idasTokens.refreshToken; 
-            // eslint-disable-next-line no-undef
-            this.appToken = globalThis.idasTokens.appToken;
+        useAuthManager(authManager) {
+            this.authManager = authManager;
             return this;
         },
-        
+
         /**
-         * GET request, ensure authenticated if needed
-         *
-         * @async
-         * @param {string} [url=""]
-         * @param {boolean} [auth=true]
-         * @returns {Promise<Object>}
-         */
+          * Sends a GET request, ensuring authentication if needed.
+          *
+          * @async
+          * @param {string} [url=""]
+          * @param {boolean} [auth=true]
+          * @returns {Promise<Object>}
+          */
         async get(url = "", auth = true) {
-            if (auth) 
-                await this.ensureAuthenticated();
-            return restClient().useBaseUrl(this.baseUrl).useToken(this.token).get(url);
+            await this.preCheck(auth);
+            return await this.createRestClient().get(url);
         },
 
         /**
-         * PUT request, ensure authenticated if needed
-         *
-         * @async
-         * @param {string} [url=""]
-         * @param {Object} [payload={}]
-         * @param {boolean} [auth=true]
-         * @returns {Promise<Object>}
-         */
+          * Sends a PUT request with a payload, ensuring authentication if needed.
+          *
+          * @async
+          * @param {string} [url=""]
+          * @param {Object} [payload={}]
+          * @param {boolean} [auth=true]
+          * @returns {Promise<Object>}
+          */
         async put(url = "", payload = {}, auth = true) {
-            if (auth) 
-                await this.ensureAuthenticated();
-            return restClient().useBaseUrl(this.baseUrl).useToken(this.token).put(url, payload);
+            await this.preCheck(auth);
+            return await this.createRestClient().put(url, payload);
         },
 
         /**
-         * POST request, ensure authenticated if needed
-         *
-         * @async
-         * @param {string} [url=""]
-         * @param {Object} [payload={}]
-         * @param {boolean} [auth=true]
-         * @returns {Promise<Object>}
-         */
+          * Sends a POST request with a payload, ensuring authentication if needed.
+          *
+          * @async
+          * @param {string} [url=""]
+          * @param {Object} [payload={}]
+          * @param {boolean} [auth=true]
+          * @returns {Promise<Object>}
+          */
         async post(url = "", payload = {}, auth = true) {
-            if (auth) 
-                await this.ensureAuthenticated();
-            return restClient().useBaseUrl(this.baseUrl).useToken(this.token).post(url, payload);
+            await this.preCheck(auth);
+            return await this.createRestClient().post(url, payload);
         },
-        
+
         /**
-         * DELETE request, ensure authenticated if needed
+         * Sends a DELETE request, ensuring authentication if needed.
          *
          * @async
          * @param {string} [url=""]
@@ -259,71 +94,51 @@ export function createApi() {
          * @returns {Promise<Object>}
          */
         async delete(url = "", auth = true) {
-            if (auth) 
-                await this.ensureAuthenticated();
-            return restClient().useBaseUrl(this.baseUrl).useToken(this.token).delete(url);
+            await this.preCheck(auth);
+            return await this.createRestClient().delete(url);
         },
 
         /**
-         * Ensure the user is authenticated before making a request
+         * Creates the REST client instance with the current configuration.
          *
-         * @async
          * @private
+         * @returns {FluentRestClient}
          */
-        async ensureAuthenticated() {
-            if (this.token && isTokenValid(this.token))
-                return;
-
-            try {
-                const temptoken = await authBuilder()
-                    .useAppToken(this.appToken)
-                    .useBaseUrl(this.authUrl || this.env.idas)
-                    .useToken(this.token)
-                    .useRefreshToken(this.refreshToken)
-                    .authenticate() || "";
-
-                if (!temptoken) {
-                    throw new Error("not authenticated");
-                }
+        createRestClient() {
+            return restClient().useBaseUrl(this.baseUrl).useToken(this.authManager?.token);
+        },
 
-                this.token = temptoken;
-                this.refreshToken = getRefreshToken(temptoken);
-                // eslint-disable-next-line no-undef
-                globalThis.idasTokens.token = this.token;
-                // eslint-disable-next-line no-undef
-                globalThis.idasTokens.refreshToken = this.refreshToken;
-                // eslint-disable-next-line no-undef
-                globalThis.idasTokens.userInfo = jwtDecode(this.token);
-                localStorage.setItem("idas-refresh-token", this.refreshToken);
-            } catch (e) {
-                //this.redirectToLogin();
-                console.error("not authenticated", e);
+        /**
+         * Ensures the user is authenticated before making a request.
+         *
+         * @private
+         * @async
+         * @param {boolean} [auth=true]
+         * @returns {void}
+         */
+        async preCheck(auth = true) {
+            if (auth && this.authManager) {
+                await this.authManager.ensureAuthenticated();
             }
         }
     };
 }
 
 /**
- * Default setup for IDAS
+ * Sets up a client for API requests.
  *
- * @export
- * @param {string} [appToken=""]
- * @return {FluentApi}
- */
-export function idasApi(appToken = "") {
-    return createApi()
-        .useGlobalAuth()
-        .useAppToken(appToken);
-}
-
-/**
- * Default setup for local API
+ * - Requests will be sent to the url provided.
+ * - Example usage:
+ *   const api = fluentApi("https://jsonplaceholder.typicode.com/todos/", null);
+ *   api.get("1"); // Sends a GET request to https://jsonplaceholder.typicode.com/todos/1.
  *
  * @export
- * @return {FluentApi}
+ * @param {string} url - The base URL for API requests.
+ * @param {FluentAuthManager} authManager - The authentication manager instance.
+ * @return {FluentApi} Configured API instance for local use.
  */
-export function localApi() {
+export function fluentApi(url, authManager) {
     return createApi()
-        .useGlobalAuth()
-        .useBaseUrl("api");
+        .useAuthManager(authManager)
+        .useBaseUrl(url);
 }

package/api/fluentAuthManager.js

@@ -0,0 +1,291 @@
+import { jwtDecode } from "jwt-decode";
+import validator from "validator";
+import { popRefreshTokenFromUrl } from "./fluentAuthUtils";
+
+/**
+ * @typedef {Object} FluentAuthManager
+ * @property {string} appToken - The application token.
+ * @property {string} authUrl - The authentication URL.
+ * @property {string} token - The JWT token for authorization.
+ * @property {string} refreshToken - The refresh token.
+ * @property {object} userInfo - The user information.
+ * @property {function(string) : FluentAuthManager} useAppToken - Sets the application token and returns the FluentApi object.
+ * @property {function(string) : FluentAuthManager} useBaseUrl - Sets the base URL for authentication and returns the FluentApi object.
+ * @property {function(string|null) : FluentAuthManager} useToken - Sets the JWT token and returns the FluentApi object. Only intended for usage with Service Tokens.
+ * @property {function(string|null) : FluentAuthManager} useRefreshToken - Sets the refresh token and returns the FluentApi object.
+ * @property {function} ensureAuthenticated - Ensures the user is authenticated before making a request.
+ * @property {function() : string} authenticate - Authenticates the user with username and password, or refreshes the token.
+ * @property {function():Promise<FluentAuthManager|null>} init - Returns promise for authManager. Returns null if not authenticated.
+ * @property {function(string,string) : string} login - Logs in with the provided credentials.
+ * @property {function} tryRefreshToken - Attempts to refresh the authentication token using the refresh token.
+ * @property {function} updateUserSession - Updates the user session with the new token.
+ * @property {function} redirectToLogin - Redirects to the login page.
+ */
+
+/**
+ * Creates a new FluentAuthManager
+*
+ * @export
+ * @returns {FluentAuthManager}
+ */
+export function createAuthManager() {
+    return {
+        appToken: "",
+        authUrl: "",
+        token: "",
+        refreshToken: "",
+        userInfo: {},
+
+        /**
+         * app token to use for authentication
+         *
+         * @param {string} [appToken=""]
+         * @returns {FluentAuthManager}
+         */
+        useAppToken(appToken = "") {
+            if (!validator.isUUID(appToken)) {
+                console.error("AppToken is not valid GUID");
+                return null;
+            }
+            this.appToken = appToken;
+            return this;
+        },
+
+        /**
+         * set the authentication URL
+         *
+         * @param {string} [url=""]
+         * @return {FluentAuthManager}
+         */
+        useBaseUrl(url = "") {
+            this.authUrl = url;
+            return this;
+        },
+
+        /**
+         * set the JWT token for authorization
+         *
+         * @param {string} [jwtToken=""]
+         * @return {FluentAuthManager}
+         */
+        useToken(jwtToken = "") {
+            this.token = jwtToken;
+            return this;
+        },
+
+        /**
+         * set the refresh token
+         *
+         * @param {string} [storedRefreshToken=""]
+         * @return {FluentAuthManager}
+         */
+        useRefreshToken(storedRefreshToken = "") {
+            this.refreshToken = storedRefreshToken;
+            return this;
+        },
+
+        /**
+         * Ensure the user is authenticated before making a request
+         *
+         * @async
+         * @private
+         */
+        async ensureAuthenticated() {
+            if (this.token && isTokenValid(this.token))
+                return;
+
+            try {
+                await this.authenticate();
+            } catch (e) {
+                // no redirect to login, because we're in a request
+                console.error("not authenticated", e);
+            }
+        },
+
+        /**
+         * Authenticates the user with the JWT token or refreshes the token with
+         * the refreshToken set before.
+         *
+         * @throws {Error} if JWT token and refreshToken are not set or both are invalid
+         * @return {string} the JWT token
+         */
+        async authenticate() { // benutzt bei existierendem JWT oder RefreshToken, wenn keins vorhanden ERROR
+            console.log("authenticating:", this.token ? `token set, exp: ${jwtDecode(this.token).exp - (Date.now() / 1000)}` : "no token,", this.refreshToken, this.appToken);
+
+            if (this.token && isTokenValid(this.token))
+                return;
+
+            if (this.token && !this.refreshToken)
+                this.refreshToken = getRefreshToken(this.token);
+
+            if (!this.refreshToken) {
+                throw new Error("not authenticated");
+            }
+
+            try {
+                const temptoken = await this.tryRefreshToken(this.refreshToken);
+                this.updateUserSession(temptoken);
+            } catch {
+                // if refresh failed
+                // - current token should still be valid for a while
+                // - or user has invalid (refresh) token and needs to login/refresh manually
+            }
+        },
+
+        /**
+         * Initializes the authentication object. Before calling, set the token and refresh token if available.
+         * If the token is not set, the refresh token will be used to try to refresh the token.
+         * If the token is not valid, the user will be redirected to the login page.
+         * If tokens are valid, they will be stored in this instance of the FluentAuthManager.
+         *
+         * Side effect if refreshToken is not set: tries to get the refreshToken from the URL or localStorage.
+         *
+         * @async
+         * @return {Promise<FluentAuthManager> | null} the FluentAuthManager or null if not authenticated
+         */
+        async init() {
+            if (!this.refreshToken) {
+                this.refreshToken = popRefreshTokenFromUrl() || localStorage.getItem("idas-refresh-token");
+            }
+
+            if (!this.token && this.refreshToken) {
+                this.token = await this.tryRefreshToken(this.refreshToken);
+            }
+
+            if (this.token && isTokenValid(this.token)) {
+                this.updateUserSession(this.token);
+                return this;
+            }
+
+            if (!isTokenValid(this.token)) {
+                this.redirectToLogin();
+                return null;
+            }
+            return this;
+        },
+
+        /**
+         * Login with credentials and return the JWT token
+         * @param {string} username
+         * @param {string} password
+         * @return {string} the JWT token
+         */
+        async login(username = "", password = "") {
+            if (username && password) {
+                const payload = { "Email": username, "Password": password, "AppToken": this.appToken };
+                const res = await fetch(`${this.authUrl}/LoginJwt`,
+                    { method: "POST", body: JSON.stringify(payload), headers: { "Content-Type": "application/json" } });
+                this.updateUserSession((await res.json()));
+                return;
+            }
+            throw new Error("not authenticated");
+        },
+
+        /**
+         * try to refresh the JWT token by using the refreshToken
+         * @async
+         * @private
+         * @param {string} [refreshToken=""]
+         * @returns {unknown}
+         */
+        async tryRefreshToken(refreshToken = "") {
+            const payload = { "Token": refreshToken };
+            const res = await fetch(`${this.authUrl}LoginJwt/Refresh`,
+                {
+                    method: "PUT",
+                    body: JSON.stringify(payload),
+                    headers: { "Content-Type": "application/json" },
+                });
+            return res.ok ? await res.json() : null;
+        },
+
+        /**
+         * update the user session with the new token
+         * @private
+         * @param {string} token
+         * @returns {void}
+         */
+        updateUserSession(token) {
+            if (token) {
+                this.token = token;
+                this.refreshToken = getRefreshToken(token);
+                this.userInfo = jwtDecode(this.token);
+                localStorage.setItem("idas-refresh-token", this.refreshToken);
+            }
+        },
+
+        /**
+         * Redirect to the login page
+         * @private
+         */
+        redirectToLogin() {
+            if (!window) {
+                return;
+            }
+
+            const redirectAfterAuth = new URL(window.location.href).origin;
+            let redirectUrl = `${redirectAfterAuth}?t=%token%`;
+            const url = new URL(this.authUrl);
+            url.pathname = "/Session";
+            url.search = `?a=${this.appToken}&r=${encodeURIComponent(redirectUrl)}`;
+            let loginUrl = url.toString();
+            window.location.href = loginUrl;
+        }
+    };
+}
+
+/**
+ * configure the time before token expiry to renew
+ * @type {number}
+ */
+const JWT_SAFE_RENEWAL = 30; // seconds before token expiry to renew
+
+/**
+ * @typedef {Object} JwtTokenExt
+ * @property {string} id
+ * @property {string} refreshToken
+*/
+
+/**
+ * decode the JWT token and return the refresh token
+ * @export
+ * @param {string} token
+ * @returns {string}
+ */
+export function getRefreshToken(token) {
+    const decoded = /** @type {JwtTokenExt} */(jwtDecode(token));
+    return decoded.refreshToken;
+}
+
+/**
+ * check if the token is still valid
+ * - checks the expiry date and the JWT_SAFE_RENEWAL buffer
+ *
+ *  @export
+ * @param {string} token
+ * @returns {boolean}
+ */
+export function isTokenValid(token) {
+    try {
+        const decoded = jwtDecode(token);
+        if (!decoded || !decoded.exp)
+            throw new Error("Invalid token");
+        return (decoded.exp - JWT_SAFE_RENEWAL > Date.now() / 1000);
+    }
+    catch {
+        return false;
+    }
+}
+
+/**
+ * create a new FluentAuthManager with the provided tokens
+ * @export
+ * @param {string} appToken
+ * @param {string} authBaseUrl
+ * @returns {FluentAuthManager}
+ */
+export function fluentIdasAuthManager(appToken, authBaseUrl) {
+    return createAuthManager()
+        .useAppToken(appToken)
+        .useBaseUrl(authBaseUrl)
+}

package/api/fluentAuthUtils.js

@@ -0,0 +1,15 @@
+/**
+ * Gets idas refresh token from the URL if it exists and removes it from the URL.
+ *
+ * @returns {string|null} The refresh token or null if it does not exist.
+ */
+export function popRefreshTokenFromUrl() {
+    const url = new URL(window.location.href);
+    const refreshToken = url.searchParams.get("t");
+    if (refreshToken) {
+        url.searchParams.delete("t");
+        window.history.replaceState({}, document.title, url);
+        return refreshToken;
+    }
+    return null;
+}

package/api/fluentEnvUtils.js

@@ -0,0 +1,40 @@
+/**
+ * @typedef {Object} EnvironmentConfig
+ * @property {string} name - The environment name.
+ * @property {string} version - The version number.
+ * @property {string} cms - The CMS URL.
+ * @property {string} idas - The IDAS API URL.
+ * @property {string} store - The store API URL.
+ * @property {string} docs - The documentation URL.
+ * @property {string} notify - The notification service URL.
+ * @property {string} feedback - The feedback service URL.
+ * @property {string} helpcenter - The help center URL.
+ * @property {string} reports - The reports service URL.
+ * @property {string} webhookService - The webhook service URL.
+ */
+
+/**
+ * buffer for environment data
+ * @private
+ * @type {Object.<string, EnvironmentConfig>}
+ */
+const envConfigs = {};
+
+/**
+ * Fetches the environment data from the hub.
+ *
+ * @export
+ * @async
+ * @param {string} [envConfig=""] - The environment name (e.g., "dev", "staging", "produktiv").
+ * @returns {Promise<EnvironmentConfig>}
+ */
+export async function fetchEnvConfig(envConfig = "") {
+    if (!(envConfig in envConfigs)) {
+        const hubUrl = `https://connect.idas-cloudservices.net/api/Endpoints?env=${envConfig}`;
+        console.log("fetching env", hubUrl);
+        const r = await fetch(hubUrl);
+        const data = await r.json();
+        envConfigs[envConfig] = data;
+    }
+    return envConfigs[envConfig];
+}

package/index.js

@@ -1,8 +1,10 @@
 import { IDASFactory } from "./api/IDAS";
 import { RESTClient } from "./api/RESTClient";
 import { initIDAS } from "./api/authUtils";
-export { IDASFactory, RESTClient, initIDAS };
+export { IDASFactory, initIDAS, RESTClient };
 
-export { createApi as api, idasApi, fetchEnv, getRefreshToken } from "./api/fluentApi";
-export { authBuilder } from "./api/fluentAuthBuilder";
+export { createApi, fluentApi } from "./api/fluentApi";
+export { createAuthManager, fluentIdasAuthManager } from "./api/fluentAuthManager";
+export { fetchEnvConfig } from "./api/fluentEnvUtils";
 export { restClient } from "./api/fluentRestClient";
+

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@gandalan/weblibs",
-  "version": "1.2.0",
+  "version": "1.3.0",
   "description": "WebLibs for Gandalan JS/TS/Svelte projects",
   "keywords": [
     "gandalan"
@@ -22,7 +22,7 @@
   },
   "dependencies": {
     "@mdi/js": "^7.4.47",
-    "axios": "^1.7.7",
+    "axios": "^1.7.8",
     "jwt-decode": "^4.0.0",
     "validator": "^13.12.0"
   },

package/api/fluentAuthBuilder.js

@@ -1,203 +0,0 @@
-import { jwtDecode } from "jwt-decode";
-import { isTokenValid, getRefreshToken } from "./fluentApi";
-import validator from "validator";
-
-/**
- * @typedef {Object} FluentAuth
- * @property {string} authUrl - The authentication URL.
- * @property {string} appToken - The application token.
- * @property {string} token - The JWT token.
- * @property {string} refreshToken - The refresh token.
- * @property {function(string) : FluentAuth} useAppToken - Sets the application token and returns the FluentApi object.
- * @property {function(string) : FluentAuth} useBaseUrl - Sets the base URL for authentication and returns the FluentApi object.
- * @property {function(string|null) : FluentAuth} useToken - Sets the JWT token and returns the FluentApi object.
- * @property {function(string|null) : FluentAuth} useRefreshToken - Sets the refresh token and returns the FluentApi object.
- * @property {function() : string} authenticate - Authenticates the user with username and password, or refreshes the token.
- * @property {Function} tryRefreshToken - Attempts to refresh the authentication token using the refresh token.
- * @property {Function} redirectToLogin - Redirects to the login page.
- * @property {Function} init - Initializes the authentication object.
- * @property {function(string,string) : string} login - Logs in with the provided credentials.
- */
-
-/**
- * Builds an authentication object
- *
- * @export
- * @returns {FluentAuth}
- */
-export function authBuilder() {
-    return {
-        authUrl: "",
-        appToken: "",
-        token: "",
-        refreshToken: "",
-
-        /**
-         * app token to use for authentication
-         *
-         * @param {string} [appToken=""]
-         * @returns {FluentAuth}
-         */
-        useAppToken(appToken = "") {
-            if (!validator.isUUID(appToken)) {
-                console.error("AppToken is not valid GUID");
-                return null;
-            }
-
-            this.appToken = appToken; return this;
-        },
-
-        /**
-         * base URL for authentication
-         *
-         * @param {string} [authUrl=""]
-         * @returns {FluentAuth}
-         */
-        useBaseUrl(authUrl = "") {
-            this.authUrl = authUrl; return this;
-        },
-
-        /**
-         * token to use for authentication
-         *
-         * @param {string} [jwtToken=""]
-         * @returns {FluentAuth}
-         */
-        useToken(jwtToken = "") {
-            this.token = jwtToken; return this;
-        },
-
-        /**
-         * sets the refresh token to use
-         * @param {string} a refresh token (UUID v4 format)
-         * @returns {FluentAuth}
-         */
-        useRefreshToken(storedRefreshToken = "") {
-            this.refreshToken = storedRefreshToken; return this;
-        },
-
-        /**
-         * Authenticates the user with the JWT token or refreshes the token with
-         * the refreshToken set before
-         * @return {string} the JWT token
-         */
-        async authenticate() {
-            console.log("authenticating:", this.token ? `token set, exp: ${jwtDecode(this.token).exp - (Date.now() / 1000)}` : "no token,", this.refreshToken, this.appToken);
-
-            if (this.token && isTokenValid(this.token))
-                return this.token;
-
-            if (this.token && !this.refreshToken)
-                this.refreshToken = getRefreshToken(this.token);
-
-            if (this.refreshToken) {
-                try {
-                    const temptoken = await this.tryRefreshToken(this.refreshToken);
-                    if (temptoken) {
-                        this.token = temptoken;
-                        this.refreshToken = getRefreshToken(temptoken);
-                    }
-                } catch {
-                    // if refresh failed, we'll return the current token
-                    // - should still be valid for a while
-                }
-                return this.token;
-            }
-
-            throw new Error("not authenticated");
-        },
-
-        /**
-         * Login with credentials and return the JWT token
-         * @param {string} username
-         * @param {string} password
-         * @return {string} the JWT token
-         */
-        async login(username = "", password = "")
-        {
-            if (username && password) {
-                const payload = { "Email": username, "Password": password, "AppToken": this.appToken };
-                const res = await fetch(`${this.authUrl}/LoginJwt`,
-                    { method: "POST", body: JSON.stringify(payload), headers: { "Content-Type": "application/json" } });
-                const temptoken = await res.json();
-                if (temptoken) {
-                    this.token = temptoken;
-                    this.refreshToken = getRefreshToken(temptoken);
-                    return this.token;
-                }
-            }
-            throw new Error("not authenticated");
-        },
-
-        /**
-         * try to refresh the JWT token by using the refreshToken
-         * @async
-         * @private
-         * @param {string} [refreshToken=""]
-         * @returns {unknown}
-         */
-        async tryRefreshToken(refreshToken = "") {
-            const payload = { "Token": refreshToken };
-            const res = await fetch(`${this.authUrl}LoginJwt/Refresh`,
-                {
-                    method: "PUT",
-                    body: JSON.stringify(payload),
-                    headers: { "Content-Type": "application/json" },
-                });
-            return res.ok ? await res.json() : null;
-        },
-
-        /**
-         * Initializes the authentication object. Before calling, set the token and refresh token if available.
-         * If the token is not set, the refresh token will be used to try to refresh the token.
-         * If the token is not valid, the user will be redirected to the login page.
-         * If tokens are valid, they will be stored in the global variable idasTokens.
-         */
-        async init()
-        {
-            if (!this.token && this.refreshToken)
-            {
-                this.token = await this.tryRefreshToken(this.refreshToken);
-            }
-
-            if (this.token && isTokenValid(this.token))
-            {
-                this.refreshToken = getRefreshToken(this.token);
-                localStorage.setItem("idas-refresh-token", this.refreshToken);
-            }
-
-            if (!isTokenValid(this.token))
-            {
-                this.redirectToLogin();
-            }
-
-            let userInfo = {};
-            if (this.token)
-            {
-                userInfo = jwtDecode(this.token);
-            }
-            // eslint-disable-next-line no-undef
-            globalThis.idasTokens = { token: this.token, refreshToken: this.refreshToken, appToken: this.appToken, userInfo };
-        },
-
-        /**
-         * Redirect to the login page
-         * @private
-         */
-        redirectToLogin() {
-            if (!window) {
-                return;
-            }
-
-            const redirectAfterAuth = new URL(window.location.href).origin;
-            //let redirectUrl = `${redirectAfterAuth}?r=%target%&j=%jwt%&m=%mandant%`;
-            //redirectUrl = redirectUrl.replace("%target%", encodeURIComponent(window.location.href));
-            let redirectUrl = `${redirectAfterAuth}?t=%token%`;
-            const url = new URL(this.authUrl);
-            url.pathname = "/Session";
-            url.search = `?a=${this.appToken}&r=${encodeURIComponent(redirectUrl)}`;
-            let loginUrl = url.toString();
-            window.location.href = loginUrl;
-        }
-    };
-}