@mapcreator/api 5.0.0-alpha.87 → 5.0.0-alpha.89

package/src/api/choropleth.ts

@@ -1,14 +1,6 @@
-import { type ApiError, type ApiSuccess, type Flatten, type Revivers, getSearchParams, request } from '../utils.js';
-
-import type { RequireAtLeastOne } from 'type-fest';
+import { type ApiError, type ApiSuccess, Flatten, Revivers, getSearchParams, request } from '../utils.js';
 import type { Polygon } from 'geojson';
-
-export const boundingBoxRevivers: Revivers<
-  { data: { bounding_box: string } } & Omit<ApiSuccess, 'data'> | ApiError,
-  { boundingBox: Polygon }
-> = {
-  boundingBox: (data: { bounding_box: string }) => JSON.parse(data.bounding_box) as Polygon,
-};
+import { RequireAtLeastOne } from 'type-fest';
 
 export type ApiSearchPoint = {
   lat: number;
@@ -22,6 +14,23 @@ export type ApiSearchBounds = {
   max_lng: number;
 };
 
+type ApiSingleOrGroupedArea = {
+  id: number;
+  title: string;
+  subtitle: string;
+  svg_preview: string;
+  bounding_box: string;
+  is_group: boolean;
+  vector_source: string | null;
+  source_layer: string | null;
+  feature_id: number | null;
+  properties: Record<string, string> | null;
+};
+
+type ApiSingleOrGroupedAreaArray = {
+  data: ApiSingleOrGroupedArea[];
+} & Omit<ApiSuccess, 'data'> | ApiError;
+
 type SingleOrGroupedAreaBase = {
   id: number;
   title: string;
@@ -38,51 +47,14 @@ export type GroupedArea = SingleOrGroupedAreaBase & {
 // TODO don't export this once search on click is out
 export type SingleArea = SingleOrGroupedAreaBase & {
   isGroup: false;
-  properties: Record<string, string>;
   vectorSource: string;
   sourceLayer: string;
   featureId: number;
+  properties: Record<string, string>;
 };
 
-export type SingleOrGroupedArea = {
-  id: number;
-  title: string;
-  subtitle: string;
-  svgPreview: string;
-  boundingBox: Polygon;
-  isGroup: boolean;
-  properties: Record<string, string> | null;
-  vectorSource: string | null;
-  sourceLayer: string | null;
-  featureId: number | null;
-};
-
-export type ApiSingleOrGroupedArea = {
-  data: {
-    id: number;
-    title: string;
-    subtitle: string;
-    svg_preview: string;
-    bounding_box: string;
-    is_group: boolean;
-    properties: string | null;
-    vector_source: string | null;
-    source_layer: string | null;
-    feature_id: number | null;
-  };
-} & Omit<ApiSuccess, 'data'> | ApiError;
-
-export type ApiSingleOrGroupedAreaData = Flatten<Exclude<ApiSingleOrGroupedArea, ApiError>['data']>;
-
-export const singleOrGroupedAreaRevivers: Revivers<ApiSingleOrGroupedArea, SingleOrGroupedArea> = {
-  ...boundingBoxRevivers,
-  properties: (data: ApiSingleOrGroupedAreaData) =>
-    (data.properties != null ? JSON.parse(data.properties) as Record<string, string> : null),
-};
+export type SingleOrGroupedArea = SingleArea | GroupedArea;
 
-/**
- * TODO When SAGA search on click is implemented, remove mode and make searchBounds required
- */
 export async function searchSingleOrGroupedAreas(
   language: string,
   search: RequireAtLeastOne<{
@@ -92,22 +64,29 @@ export async function searchSingleOrGroupedAreas(
   }>,
   mode: 'polygon' | 'group' | 'both' = 'both',
 ): Promise<SingleOrGroupedArea[]> {
-  const pathname = '/v1/choropleth/polygons/search';
-  const query = getSearchParams({
-    language,
-    ...search.searchBounds,
-    ...(search.query && { query: search.query }),
-    ...(search.searchPoint && { point: search.searchPoint }),
-    mode,
+  /**
+   * TODO When SAGA search on click is implemented, remove mode and make searchBounds required
+   */
+  return request<ApiSingleOrGroupedAreaArray, SingleOrGroupedArea>(
+    `/v1/choropleth/polygons/search?${getSearchParams({
+      language,
+      ...search.searchBounds,
+      ...(search.query && { query: search.query }),
+      ...(search.searchPoint && { point: search.searchPoint }),
+      mode,
+    })}`,
+  ).then(result => {
+    result.forEach(
+      elem => {
+        elem.boundingBox = JSON.parse(elem.boundingBox as unknown as string) as Polygon;
+        if (!elem.isGroup) {
+          elem.properties = JSON.parse(elem.properties as unknown as string) as Record<string, string>;
+        }
+      },
+    );
+
+    return result;
   });
-  const path = `${pathname}?${query}`;
-  const options = { revivers: singleOrGroupedAreaRevivers };
-
-  type ApiSingleOrGroupedAreaArray = {
-    data: ApiSingleOrGroupedAreaData[];
-  } & Omit<ApiSuccess, 'data'> | ApiError;
-
-  return request<ApiSingleOrGroupedAreaArray, SingleOrGroupedArea>(path, null, null, options);
 }
 
 export type GroupedAreaChild = {
@@ -135,7 +114,7 @@ type ApiGroupedAreaChild = {
 export type ApiGroupedAreaChildData = Flatten<Exclude<ApiGroupedAreaChild, ApiError>['data']>;
 
 export const groupedAreaChildRevivers: Revivers<ApiGroupedAreaChild, GroupedAreaChild> = {
-  ...boundingBoxRevivers,
+  boundingBox: (data: ApiGroupedAreaChildData) => JSON.parse(data.bounding_box) as Polygon,
   properties: (data: ApiGroupedAreaChildData) => JSON.parse(data.properties) as Record<string, string>,
 };
 
@@ -145,84 +124,9 @@ export async function groupedAreaChildren(groupId: number, language: string): Pr
   const path = `${pathname}?${query}`;
   const options = { revivers: groupedAreaChildRevivers };
 
-  type ApiApiGroupedAreaChildArray = {
+  type ApiGroupedAreaChildArray = {
     data: ApiGroupedAreaChildData[];
   } & Omit<ApiSuccess, 'data'> | ApiError;
 
-  return request<ApiApiGroupedAreaChildArray, GroupedAreaChild>(path, null, null, options);
-}
-
-export type MatchedGroup = {
-  id: number;
-  sml: number;
-  childrenCount: number;
-  matchField: string;
-  boundingBox: Polygon;
-  property: string;
-  name: string;
-};
-
-export type ApiMatchedGroup = {
-  data: {
-    id: number;
-    sml: number;
-    children_count: number;
-    match_field: string;
-    bounding_box: string;
-    property: string;
-    name: string;
-  };
-} & Omit<ApiSuccess, 'data'> | ApiError;
-
-export type ApiMatchedGroupData = Flatten<Exclude<ApiMatchedGroup, ApiError>['data']>;
-
-export async function getGroupsByDataSample(
-  sample: Record<string, string[]>,
-  language: string,
-  rowCount: number,
-): Promise<MatchedGroup[]> {
-  const path = `/v1/choropleth/groups/sample`;
-  const options = { revivers: boundingBoxRevivers };
-
-  type ApiMatchedGroupArray = {
-    data: ApiMatchedGroupData[];
-  } & Omit<ApiSuccess, 'data'> | ApiError;
-
-  return request<ApiMatchedGroupArray, MatchedGroup>(path, { sample, language, row_count: rowCount }, null, options);
-}
-
-export type BoundPolygon = {
-  index: number;
-  inputName: string;
-  id: number;
-  sml: number;
-  name: string;
-};
-
-export type ApiBoundPolygon = {
-  data: {
-    index: number;
-    input_name: string;
-    id: number;
-    sml: number;
-    name: string;
-  };
-} & Omit<ApiSuccess, 'data'> | ApiError;
-
-export type ApiBoundPolygonData = Flatten<Exclude<ApiBoundPolygon, ApiError>['data']>;
-
-export async function getBoundPolygons(
-  groupId: number,
-  property: string,
-  data: string[],
-  language: string,
-): Promise<BoundPolygon[]> {
-  const path = `/v1/choropleth/groups/bind`;
-  const body = { group_id: groupId, property, data, language };
-
-  type ApiBoundPolygonArray = {
-    data: ApiBoundPolygonData[];
-  } & Omit<ApiSuccess, 'data'> | ApiError;
-
-  return request<ApiBoundPolygonArray, BoundPolygon>(path, body);
+  return request<ApiGroupedAreaChildArray, GroupedAreaChild>(path, null, null, options);
 }

package/src/api/font.ts

@@ -1,4 +1,12 @@
-import { type ApiCommonData, type ApiError, type ApiSuccess, type Flatten, type Revivers, getSearchParams, request } from '../utils.js';
+import {
+  type ApiCommonData,
+  type ApiError,
+  type ApiSuccess,
+  type Flatten,
+  type Revivers,
+  getSearchParams,
+  request,
+} from '../utils.js';
 
 export type Font = {
   id: number;

package/src/api/insetMap.ts

@@ -1,4 +1,4 @@
-import { apiHost, authenticate, token } from '../oauth.js';
+import { apiHost, authenticate, getAuthorizationHeaders, token } from '../oauth.js';
 import {
   APIError,
   type ApiCommonData,
@@ -63,10 +63,9 @@ export async function getInsetMap(insetMapId: number): Promise<InsetMap> {
 
 export async function getInsetMapTopoJson<TopoJSON>(insetMapId: number): Promise<TopoJSON> {
   const href = `${apiHost}/v1/inset-maps/${insetMapId}/json`;
-  const headers = { Accept: 'application/json', ...(token ? { Authorization: token.toString() } : null) };
-  const response = await fetch(href, { headers }).catch((error: Error) => {
-    throw new NetworkError(error?.message ?? error);
-  });
+  const headers = getAuthorizationHeaders('GET');
+  const response = await fetch(href, { headers, ...!token && { credentials: 'include' } })
+    .catch((error: Error) => { throw new NetworkError(error?.message ?? error) });
 
   if (response.ok) {
     return response.json().catch(() => {

package/src/api/jobRevision.ts

@@ -1,5 +1,5 @@
+import { apiHost, authenticate, getAuthorizationHeaders, token } from '../oauth.js';
 import { type ApiLayerData, type Layer, layerRevivers } from './layer.js';
-import { apiHost, authenticate, token } from '../oauth.js';
 import type { ApiMapstyleSetData } from './mapstyleSet.js';
 import type { ApiLanguageData } from './language.js';
 import {
@@ -221,10 +221,9 @@ export async function getJobRevisionOutput(jobId: number): Promise<JobRevisionOu
   await createJobRevisionBuild(jobId);
 
   const href = `${apiHost}/v1/jobs/${jobId}/revisions/${lastJobRevision}/result/output`;
-  const headers = { ...(token ? { Authorization: token.toString() } : null) };
-  const response = await fetch(href, { headers }).catch((error: Error) => {
-    throw new NetworkError(error?.message ?? error);
-  });
+  const headers = getAuthorizationHeaders('GET');
+  const response = await fetch(href, { headers, ...!token && { credentials: 'include' } })
+    .catch((error: Error) => { throw new NetworkError(error?.message ?? error) });
 
   if (response.ok) {
     const blob = await response.blob().catch(() => {

package/src/api/mapstyleSet.ts

@@ -1,4 +1,13 @@
-import type { ApiCommonData, ApiError, ApiSuccess, Flatten, Revivers } from '../utils.js';
+import {
+  type ApiCommonData,
+  type ApiError,
+  type ApiSuccess,
+  type Flatten,
+  type Revivers,
+  defaultListHeader,
+  getSearchParams,
+  request,
+} from '../utils.js';
 
 export type MapstyleSet = {
   id: number;
@@ -46,3 +55,16 @@ export const mapstyleSetRevivers: Revivers<ApiMapstyleSet, MapstyleSet> = {
   order: undefined,
   custom_settings: undefined,
 };
+
+export async function listMapstyleSets(jobTypeId?: number): Promise<MapstyleSet[]> {
+  const pathname = `/v1/mapstyles/sets`;
+  const query = jobTypeId !== undefined ? getSearchParams({ search: { job_type_id: jobTypeId } }) : null;
+  const path = query ? `${pathname}?${query}` : pathname;
+  const options = { revivers: mapstyleSetRevivers };
+
+  type ApiMapstyleSetArray = {
+    data: ApiMapstyleSetData[];
+  } & Omit<ApiSuccess, 'data'> | ApiError;
+
+  return request<ApiMapstyleSetArray, MapstyleSet>(path, null, defaultListHeader, options);
+}

package/src/oauth.ts

@@ -8,27 +8,19 @@ export let token: {
   toString: () => string;
 } | null = null;
 
-let apiClientId = '';
 let callbackUrl = '';
-let oauthScopes = ['*'];
 
-const anchorParams = ['access_token', 'token_type', 'expires_in', 'state'];
-
-const storagePrefix = '_m4n_';
-const statePrefix = 'oauth_state_';
-const storageName = 'api_token';
-
-const dummyTokenExpires = new Date('2100-01-01T01:00:00');
+/**
+ * Cleanup of previously used data. The code part can be removed in a while.
+ */
+for (let i = 0; i < window.localStorage.length; ++i) {
+  const key = window.localStorage.key(i);
 
-interface AnchorToken {
-  access_token: string;
-  token_type: string;
-  expires_in: string;
-  state: string;
+  if (key?.startsWith('_m4n_')) {
+    window.localStorage.removeItem(key);
+  }
 }
 
-const titleCase = (str: unknown): string => String(str).toLowerCase().replace(/\b\w/g, c => c.toUpperCase());
-
 /**
  * Setup internal structures to use dummy authentication flow
  *
@@ -40,9 +32,9 @@ export function initDummyFlow(apiUrl: string, oauthToken: string): void {
 
   apiHost = apiUrl.replace(/\/+$/, '');
   token = {
-    type: titleCase(parts[0]),
+    type: parts[0].toLowerCase().replace(/\b\w/g, c => c.toUpperCase()),
     token: parts[1],
-    expires: dummyTokenExpires,
+    expires: new Date('2100-01-01T01:00:00'),
 
     toString(): string {
       return `${this.type} ${this.token}`;
@@ -54,261 +46,39 @@ export function initDummyFlow(apiUrl: string, oauthToken: string): void {
  * Setup internal structures to use implicit authentication flow
  *
  * @param {string} apiUrl - Full API URL
- * @param {string} clientId - OAuth client id
  * @param {string} [redirectUrl] - Callback URL
- * @param {string[]} [scopes] - A list of required scopes
  */
-export function initImplicitFlow(apiUrl: string, clientId: string, redirectUrl = '', scopes = ['*']): void {
+export function initImplicitFlow(apiUrl: string, redirectUrl = ''): void {
   apiHost = apiUrl.replace(/\/+$/, '');
 
-  apiClientId = String(clientId);
   callbackUrl = String(redirectUrl || window.location.href.split('#')[0]);
-  oauthScopes = scopes;
-
-  {
-    const key = `${storagePrefix}${storageName}`;
-    const data = window.localStorage.getItem(key);
-
-    if (data) {
-      try {
-        const obj = JSON.parse(data) as { type?: unknown; token?: unknown; expires?: unknown };
-
-        if (
-          typeof obj.type === 'string' &&
-          typeof obj.token === 'string' &&
-          typeof obj.expires === 'string' &&
-          new Date(obj.expires) > new Date()
-        ) {
-          token = {
-            type: titleCase(obj.type),
-            token: obj.token,
-            expires: new Date(obj.expires),
-
-            toString(): string {
-              return `${this.type} ${this.token}`;
-            },
-          };
-        } else {
-          window.localStorage.removeItem(key);
-        }
-      } catch (e) {
-        /* */
-      }
-    }
-  }
-
-  {
-    const obj = getAnchorToken();
-
-    if (isAnchorToken(obj)) {
-      // We'll not go there if anchor contains error and/or message
-      // This means that anchor parameters will be preserved for the next processing
-      cleanAnchorParams();
-
-      const expires = new Date(Date.now() + Number(obj.expires_in) * 1000);
-
-      if (isValidState(obj.state) && expires > new Date()) {
-        token = {
-          type: titleCase(obj.token_type),
-          token: obj.access_token,
-          expires,
-
-          toString(): string {
-            return `${this.type} ${this.token}`;
-          },
-        };
-
-        const key = `${storagePrefix}${storageName}`;
-        const data = { type: token.type, token: token.token, expires: expires.toUTCString() };
-
-        window.localStorage.setItem(key, JSON.stringify(data));
-      } else {
-        // TODO: add some logic to handle this
-        // throw Error('Invalid state in url');
-      }
-    }
-  }
 
-  if (authenticated()) {
-    const href = sessionStorage.getItem('redirect-url');
+  const href = sessionStorage.getItem('redirect-url');
 
-    if (href) {
-      sessionStorage.removeItem('redirect-url');
-      window.history.replaceState(null, document.title, href);
-    }
+  if (href) {
+    sessionStorage.removeItem('redirect-url');
+    window.history.replaceState(null, document.title, href);
   }
 }
 
-export async function authenticate(): Promise<string> | never {
+export async function authenticate(): Promise<never> {
   return new Promise(() => {
-    if (anchorContainsError()) {
-      console.error(getError());
-      cleanAnchorParams();
-    }
-
-    forget();
-
     sessionStorage.setItem('redirect-url', window.location.href);
-    window.location.assign(buildRedirectUrl());
+    window.location.assign(`${apiHost}/login?${new URLSearchParams({ redirect_uri: callbackUrl })}`);
   });
 }
 
-export function authenticated(): boolean {
-  return token != null && token.expires > new Date() && (
-    token.expires.valueOf() === dummyTokenExpires.valueOf() ||
-    !!window.localStorage.getItem(`${storagePrefix}${storageName}`)
-  );
-}
-
-export async function logout(): Promise<void> {
-  if (token) {
-    await fetch(`${apiHost}/oauth/logout`, {
-      method: 'POST',
-      headers: {
-        Accept: 'application/json',
-        Authorization: token.toString(),
-      },
-    });
-  }
-
-  forget();
-}
-
-function forget(): void {
-  for (let i = 0; i < window.localStorage.length; ++i) {
-    const key = window.localStorage.key(i);
-
-    if (key?.startsWith(storagePrefix)) {
-      window.localStorage.removeItem(key);
-    }
-  }
-
-  token = null;
-}
-
-function buildRedirectUrl(): string {
-  const queryParams = new URLSearchParams({
-    client_id: apiClientId,
-    redirect_uri: callbackUrl,
-    response_type: 'token',
-    scope: oauthScopes.join(' '),
-    state: generateState(),
-  });
-
-  return `${apiHost}/oauth/authorize?${queryParams}`;
-}
-
-function getAnchorQuery(): string {
-  return window.location.hash.replace(/^#\/?/, '');
-}
-
-function getAnchorParams(): Record<string, unknown> {
-  const query = getAnchorQuery();
-  // eslint-disable-next-line @stylistic/padding-line-between-statements,@typescript-eslint/no-unsafe-return
-  return Object.fromEntries(query.split('&').map(pair => pair.split('=').map(decodeURIComponent)));
-}
-
-function getAnchorToken(): Partial<AnchorToken> {
-  const params = getAnchorParams();
-
-  return Object.fromEntries(Object.entries(params).filter(([key]) => anchorParams.includes(key)));
-}
-
-function isAnchorToken(anchorToken: Partial<AnchorToken>): anchorToken is AnchorToken {
-  const queryKeys = Object.keys(anchorToken);
-
-  return anchorParams.every(key => queryKeys.includes(key));
-}
-
-function cleanAnchorParams(): void {
-  const query = window.location.hash.replace(/^#\/?/, '');
-  const targets = [...anchorParams, 'error', 'message'];
-  const newHash = query
-    .split('&')
-    .filter(pair => !targets.includes(decodeURIComponent(pair.split('=')[0])))
-    .join('&');
-
-  if (newHash) {
-    window.location.hash = newHash;
-  } else {
-    const { origin, pathname, search } = window.location;
-
-    window.history.replaceState(null, document.title, `${origin}${pathname}${search}`);
-  }
-}
-
-function isValidState(state: string): boolean {
-  const key = `${storagePrefix}${statePrefix}${state}`;
-  const found = window.localStorage.getItem(key) != null;
-
-  if (found) {
-    window.localStorage.removeItem(key);
-  }
-
-  return found;
-}
-
-function anchorContainsError(): boolean {
-  return 'error' in getAnchorParams();
-}
+// eslint-disable-next-line @typescript-eslint/naming-convention
+type AuthHeaders = { Authorization: string } | { 'X-XSRF-Token': string } | undefined;
 
-function generateState(): string {
-  // @ts-expect-error TS2365
-  // eslint-disable-next-line @typescript-eslint/restrict-plus-operands
-  const state = (([1e7] + -1e3 + -4e3 + -8e3 + -1e11) as string).replace(
-    /[018]/g, // @ts-expect-error TS2362
-    c => (c ^ ((Math.random() * 256) & (0x0f >>> (c >>> 2)))).toString(16),
-  );
-  const key = `${storagePrefix}${statePrefix}${state}`;
+export function getAuthorizationHeaders(method: 'GET' | 'HEAD' | 'POST' | 'PUT' | 'DELETE' | 'PATCH'): AuthHeaders {
+  const cookie = !token && method !== 'GET' && method !== 'HEAD'
+    ? document.cookie.split(/ *; */).find(pair => pair.startsWith('XSRF-TOKEN'))?.split('=')[1]
+    : undefined;
 
-  window.localStorage.setItem(key, `${Date.now()}`);
-
-  return state;
-}
-
-class OAuthError extends Error {
-  error: string;
-
-  constructor(message: string, error: unknown) {
-    super(message);
-
-    this.error = String(error);
-  }
-
-  toString(): string {
-    let error = this.error;
-
-    if (error.includes('_')) {
-      error = error.replace('_', ' ').replace(/^./, c => c.toUpperCase());
-    }
-
-    return this.message ? `${error}: ${this.message}` : error;
-  }
-}
-
-function getError(): OAuthError {
-  const params = getAnchorParams();
-
-  return params.message
-    ? new OAuthError(params.message as string, params.error)
-    : new OAuthError(titleCase(params.error), params.error);
-}
-
-/**
- * Our goal is to support even obsolete platforms (ES2017+ / Node.js 8.10+).
- * This is a small polyfill for possibly missing method used in our codebase.
- */
-if (!Object.fromEntries) { // eslint-disable-next-line arrow-body-style
-  Object.fromEntries = <T = never>(entries: Iterable<readonly [string | number, T]>): { [k: string]: T } => {
-    return Array.from(entries).reduce<{ [k: string]: T }>(
-      (object, entry) => {
-        if (!Array.isArray(entry)) {
-          throw new TypeError(`Iterator value ${entry as unknown as string} is not an entry object.`);
-        }
-        object[`${entry[0]}`] = entry[1];
-
-        return object;
-      }, {}
-    );
-  };
+  return token
+    ? { Authorization: token.toString() }
+    : cookie
+      ? { 'X-XSRF-Token': decodeURIComponent(cookie) }
+      : undefined;
 }

package/src/utils.ts

@@ -1,5 +1,5 @@
+import { apiHost, authenticate, getAuthorizationHeaders, token } from './oauth.js';
 import type { CamelCasedProperties, SnakeCasedProperties } from 'type-fest';
-import { apiHost, authenticate, token } from './oauth.js';
 
 export type Flatten<Type> = Type extends Array<infer Item> ? Item : Type;
 
@@ -233,7 +233,6 @@ function getRequestInit<I extends ApiCommon, O extends Record<string, unknown>>(
   extraHeaders?: Record<string, string> | null,
   extraOptions?: ExtraOptions<I, O>,
 ): RequestInit {
-  const authorization = token ? { Authorization: token.toString() } : null;
   let contentType = null as { 'Content-Type': string } | null;
 
   if (body !== undefined) {
@@ -259,10 +258,11 @@ function getRequestInit<I extends ApiCommon, O extends Record<string, unknown>>(
     }
   }
 
-  const headers = { Accept: 'application/json', ...authorization, ...contentType, ...extraHeaders };
   const method = extraOptions?.method ?? (body != null ? 'POST' : 'GET'); // don't touch `!=` please
+  const authorization = getAuthorizationHeaders(method);
+  const headers = { Accept: 'application/json', ...authorization, ...contentType, ...extraHeaders };
 
-  return { body, headers, method } as RequestInit;
+  return { body, headers, method, ...!token && { credentials: 'include' } } as RequestInit;
 }
 
 interface Context<I extends ApiCommon, O extends Record<string, unknown>> {