@meshmakers/shared-auth 2.0.2304-13005 → 2.0.2304-23001
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +24 -28
- package/esm2020/lib/authorize.guard.mjs +46 -46
- package/esm2020/lib/authorize.interceptor.mjs +63 -60
- package/esm2020/lib/authorize.service.mjs +134 -134
- package/esm2020/lib/login-menu/login-menu.component.mjs +35 -35
- package/esm2020/lib/shared-auth.module.mjs +44 -44
- package/esm2020/meshmakers-shared-auth.mjs +4 -4
- package/esm2020/public-api.mjs +9 -9
- package/fesm2015/meshmakers-shared-auth.mjs +297 -292
- package/fesm2015/meshmakers-shared-auth.mjs.map +1 -1
- package/fesm2020/meshmakers-shared-auth.mjs +289 -286
- package/fesm2020/meshmakers-shared-auth.mjs.map +1 -1
- package/index.d.ts +5 -5
- package/lib/authorize.guard.d.ts +16 -16
- package/lib/authorize.interceptor.d.ts +15 -15
- package/lib/authorize.service.d.ts +46 -46
- package/lib/login-menu/login-menu.component.d.ts +17 -17
- package/lib/shared-auth.module.d.ts +13 -13
- package/package.json +9 -4
- package/public-api.d.ts +5 -5
|
@@ -10,310 +10,315 @@ import { CommonModule } from '@angular/common';
|
|
|
10
10
|
import { HttpClientModule } from '@angular/common/http';
|
|
11
11
|
import * as i2$1 from '@angular/router';
|
|
12
12
|
|
|
13
|
-
class AuthorizeOptions {
|
|
14
|
-
}
|
|
15
|
-
class AuthorizeService {
|
|
16
|
-
constructor(authorizeOptions, oauthService) {
|
|
17
|
-
this.authorizeOptions = authorizeOptions;
|
|
18
|
-
this.oauthService = oauthService;
|
|
19
|
-
this.isAuthenticated = new BehaviorSubject(false);
|
|
20
|
-
this.isAdmin = new BehaviorSubject(false);
|
|
21
|
-
this.isDeveloper = new BehaviorSubject(false);
|
|
22
|
-
this.isManager = new BehaviorSubject(false);
|
|
23
|
-
this.authority = new BehaviorSubject(null);
|
|
24
|
-
this.accessToken = new BehaviorSubject(null);
|
|
25
|
-
this.user = new BehaviorSubject(null);
|
|
26
|
-
this.isInitialized = new BehaviorSubject(false);
|
|
27
|
-
this.isInitializing = new BehaviorSubject(false);
|
|
28
|
-
console.debug("AuthorizeService::created");
|
|
29
|
-
this.getUser().subscribe(s => {
|
|
30
|
-
this.isAuthenticated.next(!!s);
|
|
31
|
-
this.isAdmin.next(!!s && (s.role.includes("Administrators")));
|
|
32
|
-
this.isDeveloper.next(!!s && (s.role.includes("Developers")));
|
|
33
|
-
this.isManager.next(!!s && s.role.includes("Managers"));
|
|
34
|
-
});
|
|
35
|
-
this.oauthService.events.subscribe(e => {
|
|
36
|
-
// tslint:disable-next-line:no-console
|
|
37
|
-
console.debug('oauth/oidc event', e);
|
|
38
|
-
});
|
|
39
|
-
this.oauthService.events
|
|
40
|
-
.pipe(filter(e => e.type === 'session_terminated'))
|
|
41
|
-
.subscribe(_ => {
|
|
42
|
-
// tslint:disable-next-line:no-console
|
|
43
|
-
console.debug('Your session has been terminated!');
|
|
44
|
-
});
|
|
45
|
-
this.oauthService.events
|
|
46
|
-
.pipe(filter(e => e.type === 'token_received'))
|
|
47
|
-
.subscribe(_ => {
|
|
48
|
-
this.loadUser();
|
|
49
|
-
});
|
|
50
|
-
this.oauthService.events
|
|
51
|
-
.pipe(filter(e => e.type === 'logout'))
|
|
52
|
-
.subscribe(_ => {
|
|
53
|
-
this.accessToken.next(null);
|
|
54
|
-
this.user.next(null);
|
|
55
|
-
});
|
|
56
|
-
}
|
|
57
|
-
getRoles() {
|
|
58
|
-
return this.getUser().pipe(map(u => u.role));
|
|
59
|
-
}
|
|
60
|
-
getServiceUris() {
|
|
61
|
-
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
|
|
85
|
-
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
|
|
97
|
-
|
|
98
|
-
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
103
|
-
|
|
104
|
-
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
this.oauthService.
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
this.
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
this.
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
i0.ɵɵ
|
|
138
|
-
|
|
139
|
-
|
|
140
|
-
|
|
141
|
-
|
|
142
|
-
|
|
143
|
-
|
|
13
|
+
class AuthorizeOptions {
|
|
14
|
+
}
|
|
15
|
+
class AuthorizeService {
|
|
16
|
+
constructor(authorizeOptions, oauthService) {
|
|
17
|
+
this.authorizeOptions = authorizeOptions;
|
|
18
|
+
this.oauthService = oauthService;
|
|
19
|
+
this.isAuthenticated = new BehaviorSubject(false);
|
|
20
|
+
this.isAdmin = new BehaviorSubject(false);
|
|
21
|
+
this.isDeveloper = new BehaviorSubject(false);
|
|
22
|
+
this.isManager = new BehaviorSubject(false);
|
|
23
|
+
this.authority = new BehaviorSubject(null);
|
|
24
|
+
this.accessToken = new BehaviorSubject(null);
|
|
25
|
+
this.user = new BehaviorSubject(null);
|
|
26
|
+
this.isInitialized = new BehaviorSubject(false);
|
|
27
|
+
this.isInitializing = new BehaviorSubject(false);
|
|
28
|
+
console.debug("AuthorizeService::created");
|
|
29
|
+
this.getUser().subscribe(s => {
|
|
30
|
+
this.isAuthenticated.next(!!s);
|
|
31
|
+
this.isAdmin.next(!!s && (s.role.includes("Administrators")));
|
|
32
|
+
this.isDeveloper.next(!!s && (s.role.includes("Developers")));
|
|
33
|
+
this.isManager.next(!!s && s.role.includes("Managers"));
|
|
34
|
+
});
|
|
35
|
+
this.oauthService.events.subscribe(e => {
|
|
36
|
+
// tslint:disable-next-line:no-console
|
|
37
|
+
console.debug('oauth/oidc event', e);
|
|
38
|
+
});
|
|
39
|
+
this.oauthService.events
|
|
40
|
+
.pipe(filter(e => e.type === 'session_terminated'))
|
|
41
|
+
.subscribe(_ => {
|
|
42
|
+
// tslint:disable-next-line:no-console
|
|
43
|
+
console.debug('Your session has been terminated!');
|
|
44
|
+
});
|
|
45
|
+
this.oauthService.events
|
|
46
|
+
.pipe(filter(e => e.type === 'token_received'))
|
|
47
|
+
.subscribe(_ => {
|
|
48
|
+
this.loadUser();
|
|
49
|
+
});
|
|
50
|
+
this.oauthService.events
|
|
51
|
+
.pipe(filter(e => e.type === 'logout'))
|
|
52
|
+
.subscribe(_ => {
|
|
53
|
+
this.accessToken.next(null);
|
|
54
|
+
this.user.next(null);
|
|
55
|
+
});
|
|
56
|
+
}
|
|
57
|
+
getRoles() {
|
|
58
|
+
return this.getUser().pipe(map(u => u != null ? u.role : new Array()));
|
|
59
|
+
}
|
|
60
|
+
getServiceUris() {
|
|
61
|
+
var _a;
|
|
62
|
+
return (_a = this.authorizeOptions.wellKnownServiceUris) !== null && _a !== void 0 ? _a : null;
|
|
63
|
+
}
|
|
64
|
+
getAuthority() {
|
|
65
|
+
return this.authority;
|
|
66
|
+
}
|
|
67
|
+
getIsAuthenticated() {
|
|
68
|
+
return this.isAuthenticated;
|
|
69
|
+
}
|
|
70
|
+
getIsAdmin() {
|
|
71
|
+
return this.isAdmin;
|
|
72
|
+
}
|
|
73
|
+
getIsDeveloper() {
|
|
74
|
+
return this.isDeveloper;
|
|
75
|
+
}
|
|
76
|
+
getIsManager() {
|
|
77
|
+
return this.isManager;
|
|
78
|
+
}
|
|
79
|
+
getAccessToken() {
|
|
80
|
+
return this.accessToken;
|
|
81
|
+
}
|
|
82
|
+
getUser() {
|
|
83
|
+
return this.user;
|
|
84
|
+
}
|
|
85
|
+
login() {
|
|
86
|
+
this.oauthService.initImplicitFlow();
|
|
87
|
+
}
|
|
88
|
+
logout() {
|
|
89
|
+
this.oauthService.logOut(false);
|
|
90
|
+
}
|
|
91
|
+
initialize() {
|
|
92
|
+
var _a;
|
|
93
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
94
|
+
console.debug("AuthorizeService::initialize::started");
|
|
95
|
+
if (yield firstValueFrom(this.isInitializing)) {
|
|
96
|
+
return;
|
|
97
|
+
}
|
|
98
|
+
if (yield firstValueFrom(this.isInitialized)) {
|
|
99
|
+
return;
|
|
100
|
+
}
|
|
101
|
+
this.isInitializing.next(true);
|
|
102
|
+
const config = {
|
|
103
|
+
responseType: 'code',
|
|
104
|
+
issuer: this.authorizeOptions.issuer,
|
|
105
|
+
redirectUri: this.authorizeOptions.redirectUri,
|
|
106
|
+
postLogoutRedirectUri: this.authorizeOptions.postLogoutRedirectUri,
|
|
107
|
+
clientId: this.authorizeOptions.clientId,
|
|
108
|
+
scope: this.authorizeOptions.scope,
|
|
109
|
+
showDebugInformation: this.authorizeOptions.showDebugInformation,
|
|
110
|
+
sessionChecksEnabled: this.authorizeOptions.sessionChecksEnabled
|
|
111
|
+
};
|
|
112
|
+
this.oauthService.configure(config);
|
|
113
|
+
this.oauthService.setStorage(localStorage);
|
|
114
|
+
yield this.oauthService.loadDiscoveryDocumentAndTryLogin();
|
|
115
|
+
this.oauthService.setupAutomaticSilentRefresh();
|
|
116
|
+
if (this.oauthService.hasValidAccessToken()) {
|
|
117
|
+
this.loadUser();
|
|
118
|
+
}
|
|
119
|
+
this.authority.next((_a = this.authorizeOptions.issuer) !== null && _a !== void 0 ? _a : null);
|
|
120
|
+
this.isInitializing.next(false);
|
|
121
|
+
this.isInitialized.next(true);
|
|
122
|
+
console.debug("AuthorizeService::initialize::done");
|
|
123
|
+
});
|
|
124
|
+
}
|
|
125
|
+
loadUser() {
|
|
126
|
+
const claims = this.oauthService.getIdentityClaims();
|
|
127
|
+
if (!claims) {
|
|
128
|
+
console.error("claims where null when loading identity claims");
|
|
129
|
+
return;
|
|
130
|
+
}
|
|
131
|
+
const user = claims;
|
|
132
|
+
const accessToken = this.oauthService.getAccessToken();
|
|
133
|
+
this.user.next(user);
|
|
134
|
+
this.accessToken.next(accessToken);
|
|
135
|
+
}
|
|
136
|
+
}
|
|
137
|
+
AuthorizeService.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: AuthorizeService, deps: [{ token: AuthorizeOptions }, { token: i1.OAuthService }], target: i0.ɵɵFactoryTarget.Injectable });
|
|
138
|
+
AuthorizeService.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: AuthorizeService });
|
|
139
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: AuthorizeService, decorators: [{
|
|
140
|
+
type: Injectable
|
|
141
|
+
}], ctorParameters: function () {
|
|
142
|
+
return [{ type: AuthorizeOptions, decorators: [{
|
|
143
|
+
type: Inject,
|
|
144
|
+
args: [AuthorizeOptions]
|
|
145
|
+
}] }, { type: i1.OAuthService }];
|
|
144
146
|
} });
|
|
145
147
|
|
|
146
|
-
class LoginMenuComponent {
|
|
147
|
-
constructor(authorizeService) {
|
|
148
|
-
this.authorizeService = authorizeService;
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
this.isAuthenticated.subscribe(x => {
|
|
157
|
-
console.log(`isAuthenticated changed to ${x} (iframe ${isIFrame})`);
|
|
158
|
-
});
|
|
159
|
-
}
|
|
160
|
-
login() {
|
|
161
|
-
this.authorizeService.login();
|
|
162
|
-
}
|
|
163
|
-
logout() {
|
|
164
|
-
this.authorizeService.logout();
|
|
165
|
-
}
|
|
166
|
-
register() {
|
|
167
|
-
}
|
|
168
|
-
}
|
|
169
|
-
LoginMenuComponent.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "15.2.
|
|
170
|
-
LoginMenuComponent.ɵcmp = i0.ɵɵngDeclareComponent({ minVersion: "14.0.0", version: "15.2.
|
|
171
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "15.2.
|
|
172
|
-
type: Component,
|
|
173
|
-
args: [{ selector: 'app-login-menu', template: "<ul *ngIf=\"isAuthenticated | async\" class=\"navbar-nav\">\
|
|
148
|
+
class LoginMenuComponent {
|
|
149
|
+
constructor(authorizeService) {
|
|
150
|
+
this.authorizeService = authorizeService;
|
|
151
|
+
this.isAuthenticated = this.authorizeService.getIsAuthenticated();
|
|
152
|
+
this.userName = this.authorizeService.getUser().pipe(map(u => u && u.name));
|
|
153
|
+
this.isAdmin = this.authorizeService.getIsAdmin();
|
|
154
|
+
}
|
|
155
|
+
ngOnInit() {
|
|
156
|
+
const isIFrame = window.self !== window.top;
|
|
157
|
+
console.log("app-login-menu::created");
|
|
158
|
+
this.isAuthenticated.subscribe(x => {
|
|
159
|
+
console.log(`isAuthenticated changed to ${x} (iframe ${isIFrame})`);
|
|
160
|
+
});
|
|
161
|
+
}
|
|
162
|
+
login() {
|
|
163
|
+
this.authorizeService.login();
|
|
164
|
+
}
|
|
165
|
+
logout() {
|
|
166
|
+
this.authorizeService.logout();
|
|
167
|
+
}
|
|
168
|
+
register() {
|
|
169
|
+
}
|
|
170
|
+
}
|
|
171
|
+
LoginMenuComponent.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: LoginMenuComponent, deps: [{ token: AuthorizeService }], target: i0.ɵɵFactoryTarget.Component });
|
|
172
|
+
LoginMenuComponent.ɵcmp = i0.ɵɵngDeclareComponent({ minVersion: "14.0.0", version: "15.2.8", type: LoginMenuComponent, selector: "app-login-menu", ngImport: i0, template: "<ul *ngIf=\"isAuthenticated | async\" class=\"navbar-nav\">\n <li class=\"nav-item dropdown\">\n <a aria-expanded=\"false\" aria-haspopup=\"true\" class=\"nav-link dropdown-toggle\" data-toggle=\"dropdown\" href=\"#\"\n id=\"navbarDropdownLogin\" role=\"button\">\n {{ userName | async }} <b class=\"caret\"></b>\n </a>\n <div aria-labelledby=\"navbarDropdown\" class=\"dropdown-menu\">\n <!--<a class=\"dropdown-item\" asp-action=\"Index\" asp-area=\"Authentication\" asp-controller=\"Grants\">Client Application Access</a>-->\n <!--<a class=\"dropdown-item\" [routerLink]='[\"/authentication/profile\"]' title=\"Manage\">Manage</a>-->\n <!--<a class=\"dropdown-item\" asp-action=\"Index\" asp-area=\"Authentication\" asp-controller=\"Diagnostics\">Diagnostics</a>-->\n <div class=\"dropdown-divider\"></div>\n <a (click)='logout()' class=\"dropdown-item\" routerLink=\"\" title=\"Logout\">Logout</a>\n </div>\n </li>\n</ul>\n<ul *ngIf=\"!(isAuthenticated | async)\" class=\"navbar-nav\">\n <li class=\"nav-item\">\n <a (click)='register()' class=\"nav-link\" routerLink=\"\">Register</a>\n </li>\n <li class=\"nav-item\">\n <a (click)='login()' class=\"nav-link\" routerLink=\"\">Login</a>\n </li>\n</ul>\n", styles: [""], dependencies: [{ kind: "directive", type: i2.NgIf, selector: "[ngIf]", inputs: ["ngIf", "ngIfThen", "ngIfElse"] }, { kind: "pipe", type: i2.AsyncPipe, name: "async" }] });
|
|
173
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: LoginMenuComponent, decorators: [{
|
|
174
|
+
type: Component,
|
|
175
|
+
args: [{ selector: 'app-login-menu', template: "<ul *ngIf=\"isAuthenticated | async\" class=\"navbar-nav\">\n <li class=\"nav-item dropdown\">\n <a aria-expanded=\"false\" aria-haspopup=\"true\" class=\"nav-link dropdown-toggle\" data-toggle=\"dropdown\" href=\"#\"\n id=\"navbarDropdownLogin\" role=\"button\">\n {{ userName | async }} <b class=\"caret\"></b>\n </a>\n <div aria-labelledby=\"navbarDropdown\" class=\"dropdown-menu\">\n <!--<a class=\"dropdown-item\" asp-action=\"Index\" asp-area=\"Authentication\" asp-controller=\"Grants\">Client Application Access</a>-->\n <!--<a class=\"dropdown-item\" [routerLink]='[\"/authentication/profile\"]' title=\"Manage\">Manage</a>-->\n <!--<a class=\"dropdown-item\" asp-action=\"Index\" asp-area=\"Authentication\" asp-controller=\"Diagnostics\">Diagnostics</a>-->\n <div class=\"dropdown-divider\"></div>\n <a (click)='logout()' class=\"dropdown-item\" routerLink=\"\" title=\"Logout\">Logout</a>\n </div>\n </li>\n</ul>\n<ul *ngIf=\"!(isAuthenticated | async)\" class=\"navbar-nav\">\n <li class=\"nav-item\">\n <a (click)='register()' class=\"nav-link\" routerLink=\"\">Register</a>\n </li>\n <li class=\"nav-item\">\n <a (click)='login()' class=\"nav-link\" routerLink=\"\">Login</a>\n </li>\n</ul>\n" }]
|
|
174
176
|
}], ctorParameters: function () { return [{ type: AuthorizeService }]; } });
|
|
175
177
|
|
|
176
|
-
class AuthorizeGuard {
|
|
177
|
-
constructor(authorizeService, router) {
|
|
178
|
-
this.authorizeService = authorizeService;
|
|
179
|
-
this.router = router;
|
|
180
|
-
}
|
|
181
|
-
canActivate(next, state) {
|
|
182
|
-
let url = state.url;
|
|
183
|
-
return this.handleAuthorization(next, url);
|
|
184
|
-
}
|
|
185
|
-
canActivateChild(next, state) {
|
|
186
|
-
return this.canActivate(next, state);
|
|
187
|
-
}
|
|
188
|
-
canDeactivate(component, currentRoute, currentState, nextState) {
|
|
189
|
-
return true;
|
|
190
|
-
}
|
|
191
|
-
canLoad(route, segments) {
|
|
192
|
-
return true;
|
|
193
|
-
}
|
|
194
|
-
handleAuthorization(route, url) {
|
|
195
|
-
return __awaiter(this, void 0, void 0, function* () {
|
|
196
|
-
yield this.authorizeService.initialize();
|
|
197
|
-
const isAuthenticated = yield firstValueFrom(this.authorizeService.getIsAuthenticated());
|
|
198
|
-
if (isAuthenticated) {
|
|
199
|
-
const userRoles = yield firstValueFrom(this.authorizeService.getRoles());
|
|
200
|
-
if (route.data
|
|
201
|
-
this.router.navigate(['']);
|
|
202
|
-
return false;
|
|
203
|
-
}
|
|
204
|
-
return true;
|
|
205
|
-
}
|
|
206
|
-
else {
|
|
207
|
-
this.authorizeService.login();
|
|
208
|
-
}
|
|
209
|
-
return false;
|
|
210
|
-
});
|
|
211
|
-
}
|
|
212
|
-
}
|
|
213
|
-
AuthorizeGuard.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "15.2.
|
|
214
|
-
AuthorizeGuard.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "15.2.
|
|
215
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "15.2.
|
|
216
|
-
type: Injectable
|
|
178
|
+
class AuthorizeGuard {
|
|
179
|
+
constructor(authorizeService, router) {
|
|
180
|
+
this.authorizeService = authorizeService;
|
|
181
|
+
this.router = router;
|
|
182
|
+
}
|
|
183
|
+
canActivate(next, state) {
|
|
184
|
+
let url = state.url;
|
|
185
|
+
return this.handleAuthorization(next, url);
|
|
186
|
+
}
|
|
187
|
+
canActivateChild(next, state) {
|
|
188
|
+
return this.canActivate(next, state);
|
|
189
|
+
}
|
|
190
|
+
canDeactivate(component, currentRoute, currentState, nextState) {
|
|
191
|
+
return true;
|
|
192
|
+
}
|
|
193
|
+
canLoad(route, segments) {
|
|
194
|
+
return true;
|
|
195
|
+
}
|
|
196
|
+
handleAuthorization(route, url) {
|
|
197
|
+
return __awaiter(this, void 0, void 0, function* () {
|
|
198
|
+
yield this.authorizeService.initialize();
|
|
199
|
+
const isAuthenticated = yield firstValueFrom(this.authorizeService.getIsAuthenticated());
|
|
200
|
+
if (isAuthenticated) {
|
|
201
|
+
const userRoles = yield firstValueFrom(this.authorizeService.getRoles());
|
|
202
|
+
if (route.data['roles'] && !route.data['roles'].filter((value) => userRoles.includes(value))) {
|
|
203
|
+
this.router.navigate(['']);
|
|
204
|
+
return false;
|
|
205
|
+
}
|
|
206
|
+
return true;
|
|
207
|
+
}
|
|
208
|
+
else {
|
|
209
|
+
this.authorizeService.login();
|
|
210
|
+
}
|
|
211
|
+
return false;
|
|
212
|
+
});
|
|
213
|
+
}
|
|
214
|
+
}
|
|
215
|
+
AuthorizeGuard.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: AuthorizeGuard, deps: [{ token: AuthorizeService }, { token: i2$1.Router }], target: i0.ɵɵFactoryTarget.Injectable });
|
|
216
|
+
AuthorizeGuard.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: AuthorizeGuard });
|
|
217
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: AuthorizeGuard, decorators: [{
|
|
218
|
+
type: Injectable
|
|
217
219
|
}], ctorParameters: function () { return [{ type: AuthorizeService }, { type: i2$1.Router }]; } });
|
|
218
220
|
|
|
219
|
-
class SharedAuthModule {
|
|
220
|
-
static forRoot(authorizeOptions) {
|
|
221
|
-
return {
|
|
222
|
-
ngModule: SharedAuthModule,
|
|
223
|
-
providers: [
|
|
224
|
-
{
|
|
225
|
-
provide: AuthorizeOptions,
|
|
226
|
-
useValue: authorizeOptions
|
|
227
|
-
},
|
|
228
|
-
AuthorizeService,
|
|
229
|
-
AuthorizeGuard
|
|
230
|
-
]
|
|
231
|
-
};
|
|
232
|
-
}
|
|
233
|
-
}
|
|
234
|
-
SharedAuthModule.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "15.2.
|
|
235
|
-
SharedAuthModule.ɵmod = i0.ɵɵngDeclareNgModule({ minVersion: "14.0.0", version: "15.2.
|
|
236
|
-
HttpClientModule, i1.OAuthModule], exports: [LoginMenuComponent] });
|
|
237
|
-
SharedAuthModule.ɵinj = i0.ɵɵngDeclareInjector({ minVersion: "12.0.0", version: "15.2.
|
|
238
|
-
HttpClientModule,
|
|
239
|
-
OAuthModule.forRoot()] });
|
|
240
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "15.2.
|
|
241
|
-
type: NgModule,
|
|
242
|
-
args: [{
|
|
243
|
-
declarations: [LoginMenuComponent],
|
|
244
|
-
exports: [LoginMenuComponent],
|
|
245
|
-
providers: [],
|
|
246
|
-
imports: [
|
|
247
|
-
CommonModule,
|
|
248
|
-
HttpClientModule,
|
|
249
|
-
OAuthModule.forRoot()
|
|
250
|
-
]
|
|
251
|
-
}]
|
|
221
|
+
class SharedAuthModule {
|
|
222
|
+
static forRoot(authorizeOptions) {
|
|
223
|
+
return {
|
|
224
|
+
ngModule: SharedAuthModule,
|
|
225
|
+
providers: [
|
|
226
|
+
{
|
|
227
|
+
provide: AuthorizeOptions,
|
|
228
|
+
useValue: authorizeOptions
|
|
229
|
+
},
|
|
230
|
+
AuthorizeService,
|
|
231
|
+
AuthorizeGuard
|
|
232
|
+
]
|
|
233
|
+
};
|
|
234
|
+
}
|
|
235
|
+
}
|
|
236
|
+
SharedAuthModule.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: SharedAuthModule, deps: [], target: i0.ɵɵFactoryTarget.NgModule });
|
|
237
|
+
SharedAuthModule.ɵmod = i0.ɵɵngDeclareNgModule({ minVersion: "14.0.0", version: "15.2.8", ngImport: i0, type: SharedAuthModule, declarations: [LoginMenuComponent], imports: [CommonModule,
|
|
238
|
+
HttpClientModule, i1.OAuthModule], exports: [LoginMenuComponent] });
|
|
239
|
+
SharedAuthModule.ɵinj = i0.ɵɵngDeclareInjector({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: SharedAuthModule, imports: [CommonModule,
|
|
240
|
+
HttpClientModule,
|
|
241
|
+
OAuthModule.forRoot()] });
|
|
242
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: SharedAuthModule, decorators: [{
|
|
243
|
+
type: NgModule,
|
|
244
|
+
args: [{
|
|
245
|
+
declarations: [LoginMenuComponent],
|
|
246
|
+
exports: [LoginMenuComponent],
|
|
247
|
+
providers: [],
|
|
248
|
+
imports: [
|
|
249
|
+
CommonModule,
|
|
250
|
+
HttpClientModule,
|
|
251
|
+
OAuthModule.forRoot()
|
|
252
|
+
]
|
|
253
|
+
}]
|
|
252
254
|
}] });
|
|
253
255
|
|
|
254
|
-
class AuthorizeInterceptor {
|
|
255
|
-
constructor(authorize) {
|
|
256
|
-
this.authorize = authorize;
|
|
257
|
-
|
|
258
|
-
|
|
259
|
-
|
|
260
|
-
|
|
261
|
-
|
|
262
|
-
|
|
263
|
-
|
|
264
|
-
|
|
265
|
-
//
|
|
266
|
-
|
|
267
|
-
|
|
268
|
-
|
|
269
|
-
|
|
270
|
-
|
|
271
|
-
|
|
272
|
-
|
|
273
|
-
|
|
274
|
-
//
|
|
275
|
-
|
|
276
|
-
|
|
277
|
-
|
|
278
|
-
//
|
|
279
|
-
|
|
280
|
-
|
|
281
|
-
|
|
282
|
-
|
|
283
|
-
|
|
284
|
-
|
|
285
|
-
|
|
286
|
-
|
|
287
|
-
|
|
288
|
-
|
|
289
|
-
|
|
290
|
-
|
|
291
|
-
|
|
292
|
-
|
|
293
|
-
|
|
294
|
-
|
|
295
|
-
|
|
296
|
-
|
|
297
|
-
|
|
298
|
-
|
|
299
|
-
|
|
300
|
-
|
|
301
|
-
|
|
302
|
-
|
|
303
|
-
|
|
304
|
-
|
|
305
|
-
|
|
306
|
-
|
|
307
|
-
|
|
308
|
-
|
|
256
|
+
class AuthorizeInterceptor {
|
|
257
|
+
constructor(authorize) {
|
|
258
|
+
this.authorize = authorize;
|
|
259
|
+
this.accessToken = null;
|
|
260
|
+
authorize.getAccessToken().subscribe(value => this.accessToken = value);
|
|
261
|
+
}
|
|
262
|
+
static isSameOriginUrl(req) {
|
|
263
|
+
// It's an absolute url with the same origin.
|
|
264
|
+
if (req.url.startsWith(`${window.location.origin}/`)) {
|
|
265
|
+
return true;
|
|
266
|
+
}
|
|
267
|
+
// It's a protocol relative url with the same origin.
|
|
268
|
+
// For example: //www.example.com/api/Products
|
|
269
|
+
if (req.url.startsWith(`//${window.location.host}/`)) {
|
|
270
|
+
return true;
|
|
271
|
+
}
|
|
272
|
+
// It's a relative url like /api/Products
|
|
273
|
+
if (/^\/[^\/].*/.test(req.url)) {
|
|
274
|
+
return true;
|
|
275
|
+
}
|
|
276
|
+
// It's an absolute or protocol relative url that
|
|
277
|
+
// doesn't have the same origin.
|
|
278
|
+
return false;
|
|
279
|
+
}
|
|
280
|
+
// Checks if there is an access_token available in the authorize service
|
|
281
|
+
// and adds it to the request in case it's targeted at the same origin as the
|
|
282
|
+
intercept(req, next) {
|
|
283
|
+
return this.processRequestWithToken(this.accessToken, req, next);
|
|
284
|
+
}
|
|
285
|
+
// single page application.
|
|
286
|
+
processRequestWithToken(token, req, next) {
|
|
287
|
+
if (!!token && (AuthorizeInterceptor.isSameOriginUrl(req) || this.isKnownServiceUri(req))) {
|
|
288
|
+
req = req.clone({
|
|
289
|
+
setHeaders: {
|
|
290
|
+
Authorization: `Bearer ${token}`
|
|
291
|
+
}
|
|
292
|
+
});
|
|
293
|
+
}
|
|
294
|
+
return next.handle(req);
|
|
295
|
+
}
|
|
296
|
+
isKnownServiceUri(req) {
|
|
297
|
+
const serviceUris = this.authorize.getServiceUris();
|
|
298
|
+
if (serviceUris) {
|
|
299
|
+
for (let i = 0; i < serviceUris.length; i++) {
|
|
300
|
+
if (req.url.startsWith(`${serviceUris[i]}`)) {
|
|
301
|
+
return true;
|
|
302
|
+
}
|
|
303
|
+
}
|
|
304
|
+
}
|
|
305
|
+
// It's an absolute or protocol relative url that
|
|
306
|
+
// doesn't have the same origin.
|
|
307
|
+
return false;
|
|
308
|
+
}
|
|
309
|
+
}
|
|
310
|
+
AuthorizeInterceptor.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: AuthorizeInterceptor, deps: [{ token: AuthorizeService }], target: i0.ɵɵFactoryTarget.Injectable });
|
|
311
|
+
AuthorizeInterceptor.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: AuthorizeInterceptor });
|
|
312
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: AuthorizeInterceptor, decorators: [{
|
|
313
|
+
type: Injectable
|
|
309
314
|
}], ctorParameters: function () { return [{ type: AuthorizeService }]; } });
|
|
310
315
|
|
|
311
|
-
/*
|
|
312
|
-
* Public API Surface of shared-auth
|
|
316
|
+
/*
|
|
317
|
+
* Public API Surface of shared-auth
|
|
313
318
|
*/
|
|
314
319
|
|
|
315
|
-
/**
|
|
316
|
-
* Generated bundle index. Do not edit.
|
|
320
|
+
/**
|
|
321
|
+
* Generated bundle index. Do not edit.
|
|
317
322
|
*/
|
|
318
323
|
|
|
319
324
|
export { AuthorizeGuard, AuthorizeInterceptor, AuthorizeOptions, AuthorizeService, LoginMenuComponent, SharedAuthModule };
|