@meshmakers/shared-auth 2.0.2304-13005 → 2.0.2304-23001
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +24 -28
- package/esm2020/lib/authorize.guard.mjs +46 -46
- package/esm2020/lib/authorize.interceptor.mjs +63 -60
- package/esm2020/lib/authorize.service.mjs +134 -134
- package/esm2020/lib/login-menu/login-menu.component.mjs +35 -35
- package/esm2020/lib/shared-auth.module.mjs +44 -44
- package/esm2020/meshmakers-shared-auth.mjs +4 -4
- package/esm2020/public-api.mjs +9 -9
- package/fesm2015/meshmakers-shared-auth.mjs +297 -292
- package/fesm2015/meshmakers-shared-auth.mjs.map +1 -1
- package/fesm2020/meshmakers-shared-auth.mjs +289 -286
- package/fesm2020/meshmakers-shared-auth.mjs.map +1 -1
- package/index.d.ts +5 -5
- package/lib/authorize.guard.d.ts +16 -16
- package/lib/authorize.interceptor.d.ts +15 -15
- package/lib/authorize.service.d.ts +46 -46
- package/lib/login-menu/login-menu.component.d.ts +17 -17
- package/lib/shared-auth.module.d.ts +13 -13
- package/package.json +9 -4
- package/public-api.d.ts +5 -5
|
@@ -9,304 +9,307 @@ import { CommonModule } from '@angular/common';
|
|
|
9
9
|
import { HttpClientModule } from '@angular/common/http';
|
|
10
10
|
import * as i2$1 from '@angular/router';
|
|
11
11
|
|
|
12
|
-
class AuthorizeOptions {
|
|
13
|
-
}
|
|
14
|
-
class AuthorizeService {
|
|
15
|
-
constructor(authorizeOptions, oauthService) {
|
|
16
|
-
this.authorizeOptions = authorizeOptions;
|
|
17
|
-
this.oauthService = oauthService;
|
|
18
|
-
this.isAuthenticated = new BehaviorSubject(false);
|
|
19
|
-
this.isAdmin = new BehaviorSubject(false);
|
|
20
|
-
this.isDeveloper = new BehaviorSubject(false);
|
|
21
|
-
this.isManager = new BehaviorSubject(false);
|
|
22
|
-
this.authority = new BehaviorSubject(null);
|
|
23
|
-
this.accessToken = new BehaviorSubject(null);
|
|
24
|
-
this.user = new BehaviorSubject(null);
|
|
25
|
-
this.isInitialized = new BehaviorSubject(false);
|
|
26
|
-
this.isInitializing = new BehaviorSubject(false);
|
|
27
|
-
console.debug("AuthorizeService::created");
|
|
28
|
-
this.getUser().subscribe(s => {
|
|
29
|
-
this.isAuthenticated.next(!!s);
|
|
30
|
-
this.isAdmin.next(!!s && (s.role.includes("Administrators")));
|
|
31
|
-
this.isDeveloper.next(!!s && (s.role.includes("Developers")));
|
|
32
|
-
this.isManager.next(!!s && s.role.includes("Managers"));
|
|
33
|
-
});
|
|
34
|
-
this.oauthService.events.subscribe(e => {
|
|
35
|
-
// tslint:disable-next-line:no-console
|
|
36
|
-
console.debug('oauth/oidc event', e);
|
|
37
|
-
});
|
|
38
|
-
this.oauthService.events
|
|
39
|
-
.pipe(filter(e => e.type === 'session_terminated'))
|
|
40
|
-
.subscribe(_ => {
|
|
41
|
-
// tslint:disable-next-line:no-console
|
|
42
|
-
console.debug('Your session has been terminated!');
|
|
43
|
-
});
|
|
44
|
-
this.oauthService.events
|
|
45
|
-
.pipe(filter(e => e.type === 'token_received'))
|
|
46
|
-
.subscribe(_ => {
|
|
47
|
-
this.loadUser();
|
|
48
|
-
});
|
|
49
|
-
this.oauthService.events
|
|
50
|
-
.pipe(filter(e => e.type === 'logout'))
|
|
51
|
-
.subscribe(_ => {
|
|
52
|
-
this.accessToken.next(null);
|
|
53
|
-
this.user.next(null);
|
|
54
|
-
});
|
|
55
|
-
}
|
|
56
|
-
getRoles() {
|
|
57
|
-
return this.getUser().pipe(map(u => u.role));
|
|
58
|
-
}
|
|
59
|
-
getServiceUris() {
|
|
60
|
-
return this.authorizeOptions.wellKnownServiceUris;
|
|
61
|
-
}
|
|
62
|
-
getAuthority() {
|
|
63
|
-
return this.authority;
|
|
64
|
-
}
|
|
65
|
-
getIsAuthenticated() {
|
|
66
|
-
return this.isAuthenticated;
|
|
67
|
-
}
|
|
68
|
-
getIsAdmin() {
|
|
69
|
-
return this.isAdmin;
|
|
70
|
-
}
|
|
71
|
-
getIsDeveloper() {
|
|
72
|
-
return this.isDeveloper;
|
|
73
|
-
}
|
|
74
|
-
getIsManager() {
|
|
75
|
-
return this.isManager;
|
|
76
|
-
}
|
|
77
|
-
getAccessToken() {
|
|
78
|
-
return this.accessToken;
|
|
79
|
-
}
|
|
80
|
-
getUser() {
|
|
81
|
-
return this.user;
|
|
82
|
-
}
|
|
83
|
-
login() {
|
|
84
|
-
this.oauthService.initImplicitFlow();
|
|
85
|
-
}
|
|
86
|
-
logout() {
|
|
87
|
-
this.oauthService.logOut(false);
|
|
88
|
-
}
|
|
89
|
-
async initialize() {
|
|
90
|
-
console.debug("AuthorizeService::initialize::started");
|
|
91
|
-
if (await firstValueFrom(this.isInitializing)) {
|
|
92
|
-
return;
|
|
93
|
-
}
|
|
94
|
-
if (await firstValueFrom(this.isInitialized)) {
|
|
95
|
-
return;
|
|
96
|
-
}
|
|
97
|
-
this.isInitializing.next(true);
|
|
98
|
-
const config = {
|
|
99
|
-
responseType: 'code',
|
|
100
|
-
issuer: this.authorizeOptions.issuer,
|
|
101
|
-
redirectUri: this.authorizeOptions.redirectUri,
|
|
102
|
-
postLogoutRedirectUri: this.authorizeOptions.postLogoutRedirectUri,
|
|
103
|
-
clientId: this.authorizeOptions.clientId,
|
|
104
|
-
scope: this.authorizeOptions.scope,
|
|
105
|
-
showDebugInformation: this.authorizeOptions.showDebugInformation,
|
|
106
|
-
sessionChecksEnabled: this.authorizeOptions.sessionChecksEnabled
|
|
107
|
-
};
|
|
108
|
-
this.oauthService.configure(config);
|
|
109
|
-
this.oauthService.setStorage(localStorage);
|
|
110
|
-
await this.oauthService.loadDiscoveryDocumentAndTryLogin();
|
|
111
|
-
this.oauthService.setupAutomaticSilentRefresh();
|
|
112
|
-
if (this.oauthService.hasValidAccessToken()) {
|
|
113
|
-
this.loadUser();
|
|
114
|
-
}
|
|
115
|
-
this.authority.next(this.authorizeOptions.issuer);
|
|
116
|
-
this.isInitializing.next(false);
|
|
117
|
-
this.isInitialized.next(true);
|
|
118
|
-
console.debug("AuthorizeService::initialize::done");
|
|
119
|
-
}
|
|
120
|
-
loadUser() {
|
|
121
|
-
const claims = this.oauthService.getIdentityClaims();
|
|
122
|
-
if (!claims) {
|
|
123
|
-
console.error("claims where null when loading identity claims");
|
|
124
|
-
return;
|
|
125
|
-
}
|
|
126
|
-
const user = claims;
|
|
127
|
-
const accessToken = this.oauthService.getAccessToken();
|
|
128
|
-
this.user.next(user);
|
|
129
|
-
this.accessToken.next(accessToken);
|
|
130
|
-
}
|
|
131
|
-
}
|
|
132
|
-
AuthorizeService.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "15.2.
|
|
133
|
-
AuthorizeService.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "15.2.
|
|
134
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "15.2.
|
|
135
|
-
type: Injectable
|
|
136
|
-
}], ctorParameters: function () { return [{ type: AuthorizeOptions, decorators: [{
|
|
137
|
-
type: Inject,
|
|
138
|
-
args: [AuthorizeOptions]
|
|
12
|
+
class AuthorizeOptions {
|
|
13
|
+
}
|
|
14
|
+
class AuthorizeService {
|
|
15
|
+
constructor(authorizeOptions, oauthService) {
|
|
16
|
+
this.authorizeOptions = authorizeOptions;
|
|
17
|
+
this.oauthService = oauthService;
|
|
18
|
+
this.isAuthenticated = new BehaviorSubject(false);
|
|
19
|
+
this.isAdmin = new BehaviorSubject(false);
|
|
20
|
+
this.isDeveloper = new BehaviorSubject(false);
|
|
21
|
+
this.isManager = new BehaviorSubject(false);
|
|
22
|
+
this.authority = new BehaviorSubject(null);
|
|
23
|
+
this.accessToken = new BehaviorSubject(null);
|
|
24
|
+
this.user = new BehaviorSubject(null);
|
|
25
|
+
this.isInitialized = new BehaviorSubject(false);
|
|
26
|
+
this.isInitializing = new BehaviorSubject(false);
|
|
27
|
+
console.debug("AuthorizeService::created");
|
|
28
|
+
this.getUser().subscribe(s => {
|
|
29
|
+
this.isAuthenticated.next(!!s);
|
|
30
|
+
this.isAdmin.next(!!s && (s.role.includes("Administrators")));
|
|
31
|
+
this.isDeveloper.next(!!s && (s.role.includes("Developers")));
|
|
32
|
+
this.isManager.next(!!s && s.role.includes("Managers"));
|
|
33
|
+
});
|
|
34
|
+
this.oauthService.events.subscribe(e => {
|
|
35
|
+
// tslint:disable-next-line:no-console
|
|
36
|
+
console.debug('oauth/oidc event', e);
|
|
37
|
+
});
|
|
38
|
+
this.oauthService.events
|
|
39
|
+
.pipe(filter(e => e.type === 'session_terminated'))
|
|
40
|
+
.subscribe(_ => {
|
|
41
|
+
// tslint:disable-next-line:no-console
|
|
42
|
+
console.debug('Your session has been terminated!');
|
|
43
|
+
});
|
|
44
|
+
this.oauthService.events
|
|
45
|
+
.pipe(filter(e => e.type === 'token_received'))
|
|
46
|
+
.subscribe(_ => {
|
|
47
|
+
this.loadUser();
|
|
48
|
+
});
|
|
49
|
+
this.oauthService.events
|
|
50
|
+
.pipe(filter(e => e.type === 'logout'))
|
|
51
|
+
.subscribe(_ => {
|
|
52
|
+
this.accessToken.next(null);
|
|
53
|
+
this.user.next(null);
|
|
54
|
+
});
|
|
55
|
+
}
|
|
56
|
+
getRoles() {
|
|
57
|
+
return this.getUser().pipe(map(u => u != null ? u.role : new Array()));
|
|
58
|
+
}
|
|
59
|
+
getServiceUris() {
|
|
60
|
+
return this.authorizeOptions.wellKnownServiceUris ?? null;
|
|
61
|
+
}
|
|
62
|
+
getAuthority() {
|
|
63
|
+
return this.authority;
|
|
64
|
+
}
|
|
65
|
+
getIsAuthenticated() {
|
|
66
|
+
return this.isAuthenticated;
|
|
67
|
+
}
|
|
68
|
+
getIsAdmin() {
|
|
69
|
+
return this.isAdmin;
|
|
70
|
+
}
|
|
71
|
+
getIsDeveloper() {
|
|
72
|
+
return this.isDeveloper;
|
|
73
|
+
}
|
|
74
|
+
getIsManager() {
|
|
75
|
+
return this.isManager;
|
|
76
|
+
}
|
|
77
|
+
getAccessToken() {
|
|
78
|
+
return this.accessToken;
|
|
79
|
+
}
|
|
80
|
+
getUser() {
|
|
81
|
+
return this.user;
|
|
82
|
+
}
|
|
83
|
+
login() {
|
|
84
|
+
this.oauthService.initImplicitFlow();
|
|
85
|
+
}
|
|
86
|
+
logout() {
|
|
87
|
+
this.oauthService.logOut(false);
|
|
88
|
+
}
|
|
89
|
+
async initialize() {
|
|
90
|
+
console.debug("AuthorizeService::initialize::started");
|
|
91
|
+
if (await firstValueFrom(this.isInitializing)) {
|
|
92
|
+
return;
|
|
93
|
+
}
|
|
94
|
+
if (await firstValueFrom(this.isInitialized)) {
|
|
95
|
+
return;
|
|
96
|
+
}
|
|
97
|
+
this.isInitializing.next(true);
|
|
98
|
+
const config = {
|
|
99
|
+
responseType: 'code',
|
|
100
|
+
issuer: this.authorizeOptions.issuer,
|
|
101
|
+
redirectUri: this.authorizeOptions.redirectUri,
|
|
102
|
+
postLogoutRedirectUri: this.authorizeOptions.postLogoutRedirectUri,
|
|
103
|
+
clientId: this.authorizeOptions.clientId,
|
|
104
|
+
scope: this.authorizeOptions.scope,
|
|
105
|
+
showDebugInformation: this.authorizeOptions.showDebugInformation,
|
|
106
|
+
sessionChecksEnabled: this.authorizeOptions.sessionChecksEnabled
|
|
107
|
+
};
|
|
108
|
+
this.oauthService.configure(config);
|
|
109
|
+
this.oauthService.setStorage(localStorage);
|
|
110
|
+
await this.oauthService.loadDiscoveryDocumentAndTryLogin();
|
|
111
|
+
this.oauthService.setupAutomaticSilentRefresh();
|
|
112
|
+
if (this.oauthService.hasValidAccessToken()) {
|
|
113
|
+
this.loadUser();
|
|
114
|
+
}
|
|
115
|
+
this.authority.next(this.authorizeOptions.issuer ?? null);
|
|
116
|
+
this.isInitializing.next(false);
|
|
117
|
+
this.isInitialized.next(true);
|
|
118
|
+
console.debug("AuthorizeService::initialize::done");
|
|
119
|
+
}
|
|
120
|
+
loadUser() {
|
|
121
|
+
const claims = this.oauthService.getIdentityClaims();
|
|
122
|
+
if (!claims) {
|
|
123
|
+
console.error("claims where null when loading identity claims");
|
|
124
|
+
return;
|
|
125
|
+
}
|
|
126
|
+
const user = claims;
|
|
127
|
+
const accessToken = this.oauthService.getAccessToken();
|
|
128
|
+
this.user.next(user);
|
|
129
|
+
this.accessToken.next(accessToken);
|
|
130
|
+
}
|
|
131
|
+
}
|
|
132
|
+
AuthorizeService.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: AuthorizeService, deps: [{ token: AuthorizeOptions }, { token: i1.OAuthService }], target: i0.ɵɵFactoryTarget.Injectable });
|
|
133
|
+
AuthorizeService.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: AuthorizeService });
|
|
134
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: AuthorizeService, decorators: [{
|
|
135
|
+
type: Injectable
|
|
136
|
+
}], ctorParameters: function () { return [{ type: AuthorizeOptions, decorators: [{
|
|
137
|
+
type: Inject,
|
|
138
|
+
args: [AuthorizeOptions]
|
|
139
139
|
}] }, { type: i1.OAuthService }]; } });
|
|
140
140
|
|
|
141
|
-
class LoginMenuComponent {
|
|
142
|
-
constructor(authorizeService) {
|
|
143
|
-
this.authorizeService = authorizeService;
|
|
144
|
-
|
|
145
|
-
|
|
146
|
-
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
this.isAuthenticated.subscribe(x => {
|
|
152
|
-
console.log(`isAuthenticated changed to ${x} (iframe ${isIFrame})`);
|
|
153
|
-
});
|
|
154
|
-
}
|
|
155
|
-
login() {
|
|
156
|
-
this.authorizeService.login();
|
|
157
|
-
}
|
|
158
|
-
logout() {
|
|
159
|
-
this.authorizeService.logout();
|
|
160
|
-
}
|
|
161
|
-
register() {
|
|
162
|
-
}
|
|
163
|
-
}
|
|
164
|
-
LoginMenuComponent.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "15.2.
|
|
165
|
-
LoginMenuComponent.ɵcmp = i0.ɵɵngDeclareComponent({ minVersion: "14.0.0", version: "15.2.
|
|
166
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "15.2.
|
|
167
|
-
type: Component,
|
|
168
|
-
args: [{ selector: 'app-login-menu', template: "<ul *ngIf=\"isAuthenticated | async\" class=\"navbar-nav\">\
|
|
141
|
+
class LoginMenuComponent {
|
|
142
|
+
constructor(authorizeService) {
|
|
143
|
+
this.authorizeService = authorizeService;
|
|
144
|
+
this.isAuthenticated = this.authorizeService.getIsAuthenticated();
|
|
145
|
+
this.userName = this.authorizeService.getUser().pipe(map(u => u && u.name));
|
|
146
|
+
this.isAdmin = this.authorizeService.getIsAdmin();
|
|
147
|
+
}
|
|
148
|
+
ngOnInit() {
|
|
149
|
+
const isIFrame = window.self !== window.top;
|
|
150
|
+
console.log("app-login-menu::created");
|
|
151
|
+
this.isAuthenticated.subscribe(x => {
|
|
152
|
+
console.log(`isAuthenticated changed to ${x} (iframe ${isIFrame})`);
|
|
153
|
+
});
|
|
154
|
+
}
|
|
155
|
+
login() {
|
|
156
|
+
this.authorizeService.login();
|
|
157
|
+
}
|
|
158
|
+
logout() {
|
|
159
|
+
this.authorizeService.logout();
|
|
160
|
+
}
|
|
161
|
+
register() {
|
|
162
|
+
}
|
|
163
|
+
}
|
|
164
|
+
LoginMenuComponent.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: LoginMenuComponent, deps: [{ token: AuthorizeService }], target: i0.ɵɵFactoryTarget.Component });
|
|
165
|
+
LoginMenuComponent.ɵcmp = i0.ɵɵngDeclareComponent({ minVersion: "14.0.0", version: "15.2.8", type: LoginMenuComponent, selector: "app-login-menu", ngImport: i0, template: "<ul *ngIf=\"isAuthenticated | async\" class=\"navbar-nav\">\n <li class=\"nav-item dropdown\">\n <a aria-expanded=\"false\" aria-haspopup=\"true\" class=\"nav-link dropdown-toggle\" data-toggle=\"dropdown\" href=\"#\"\n id=\"navbarDropdownLogin\" role=\"button\">\n {{ userName | async }} <b class=\"caret\"></b>\n </a>\n <div aria-labelledby=\"navbarDropdown\" class=\"dropdown-menu\">\n <!--<a class=\"dropdown-item\" asp-action=\"Index\" asp-area=\"Authentication\" asp-controller=\"Grants\">Client Application Access</a>-->\n <!--<a class=\"dropdown-item\" [routerLink]='[\"/authentication/profile\"]' title=\"Manage\">Manage</a>-->\n <!--<a class=\"dropdown-item\" asp-action=\"Index\" asp-area=\"Authentication\" asp-controller=\"Diagnostics\">Diagnostics</a>-->\n <div class=\"dropdown-divider\"></div>\n <a (click)='logout()' class=\"dropdown-item\" routerLink=\"\" title=\"Logout\">Logout</a>\n </div>\n </li>\n</ul>\n<ul *ngIf=\"!(isAuthenticated | async)\" class=\"navbar-nav\">\n <li class=\"nav-item\">\n <a (click)='register()' class=\"nav-link\" routerLink=\"\">Register</a>\n </li>\n <li class=\"nav-item\">\n <a (click)='login()' class=\"nav-link\" routerLink=\"\">Login</a>\n </li>\n</ul>\n", styles: [""], dependencies: [{ kind: "directive", type: i2.NgIf, selector: "[ngIf]", inputs: ["ngIf", "ngIfThen", "ngIfElse"] }, { kind: "pipe", type: i2.AsyncPipe, name: "async" }] });
|
|
166
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: LoginMenuComponent, decorators: [{
|
|
167
|
+
type: Component,
|
|
168
|
+
args: [{ selector: 'app-login-menu', template: "<ul *ngIf=\"isAuthenticated | async\" class=\"navbar-nav\">\n <li class=\"nav-item dropdown\">\n <a aria-expanded=\"false\" aria-haspopup=\"true\" class=\"nav-link dropdown-toggle\" data-toggle=\"dropdown\" href=\"#\"\n id=\"navbarDropdownLogin\" role=\"button\">\n {{ userName | async }} <b class=\"caret\"></b>\n </a>\n <div aria-labelledby=\"navbarDropdown\" class=\"dropdown-menu\">\n <!--<a class=\"dropdown-item\" asp-action=\"Index\" asp-area=\"Authentication\" asp-controller=\"Grants\">Client Application Access</a>-->\n <!--<a class=\"dropdown-item\" [routerLink]='[\"/authentication/profile\"]' title=\"Manage\">Manage</a>-->\n <!--<a class=\"dropdown-item\" asp-action=\"Index\" asp-area=\"Authentication\" asp-controller=\"Diagnostics\">Diagnostics</a>-->\n <div class=\"dropdown-divider\"></div>\n <a (click)='logout()' class=\"dropdown-item\" routerLink=\"\" title=\"Logout\">Logout</a>\n </div>\n </li>\n</ul>\n<ul *ngIf=\"!(isAuthenticated | async)\" class=\"navbar-nav\">\n <li class=\"nav-item\">\n <a (click)='register()' class=\"nav-link\" routerLink=\"\">Register</a>\n </li>\n <li class=\"nav-item\">\n <a (click)='login()' class=\"nav-link\" routerLink=\"\">Login</a>\n </li>\n</ul>\n" }]
|
|
169
169
|
}], ctorParameters: function () { return [{ type: AuthorizeService }]; } });
|
|
170
170
|
|
|
171
|
-
class AuthorizeGuard {
|
|
172
|
-
constructor(authorizeService, router) {
|
|
173
|
-
this.authorizeService = authorizeService;
|
|
174
|
-
this.router = router;
|
|
175
|
-
}
|
|
176
|
-
canActivate(next, state) {
|
|
177
|
-
let url = state.url;
|
|
178
|
-
return this.handleAuthorization(next, url);
|
|
179
|
-
}
|
|
180
|
-
canActivateChild(next, state) {
|
|
181
|
-
return this.canActivate(next, state);
|
|
182
|
-
}
|
|
183
|
-
canDeactivate(component, currentRoute, currentState, nextState) {
|
|
184
|
-
return true;
|
|
185
|
-
}
|
|
186
|
-
canLoad(route, segments) {
|
|
187
|
-
return true;
|
|
188
|
-
}
|
|
189
|
-
async handleAuthorization(route, url) {
|
|
190
|
-
await this.authorizeService.initialize();
|
|
191
|
-
const isAuthenticated = await firstValueFrom(this.authorizeService.getIsAuthenticated());
|
|
192
|
-
if (isAuthenticated) {
|
|
193
|
-
const userRoles = await firstValueFrom(this.authorizeService.getRoles());
|
|
194
|
-
if (route.data
|
|
195
|
-
this.router.navigate(['']);
|
|
196
|
-
return false;
|
|
197
|
-
}
|
|
198
|
-
return true;
|
|
199
|
-
}
|
|
200
|
-
else {
|
|
201
|
-
this.authorizeService.login();
|
|
202
|
-
}
|
|
203
|
-
return false;
|
|
204
|
-
}
|
|
205
|
-
}
|
|
206
|
-
AuthorizeGuard.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "15.2.
|
|
207
|
-
AuthorizeGuard.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "15.2.
|
|
208
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "15.2.
|
|
209
|
-
type: Injectable
|
|
171
|
+
class AuthorizeGuard {
|
|
172
|
+
constructor(authorizeService, router) {
|
|
173
|
+
this.authorizeService = authorizeService;
|
|
174
|
+
this.router = router;
|
|
175
|
+
}
|
|
176
|
+
canActivate(next, state) {
|
|
177
|
+
let url = state.url;
|
|
178
|
+
return this.handleAuthorization(next, url);
|
|
179
|
+
}
|
|
180
|
+
canActivateChild(next, state) {
|
|
181
|
+
return this.canActivate(next, state);
|
|
182
|
+
}
|
|
183
|
+
canDeactivate(component, currentRoute, currentState, nextState) {
|
|
184
|
+
return true;
|
|
185
|
+
}
|
|
186
|
+
canLoad(route, segments) {
|
|
187
|
+
return true;
|
|
188
|
+
}
|
|
189
|
+
async handleAuthorization(route, url) {
|
|
190
|
+
await this.authorizeService.initialize();
|
|
191
|
+
const isAuthenticated = await firstValueFrom(this.authorizeService.getIsAuthenticated());
|
|
192
|
+
if (isAuthenticated) {
|
|
193
|
+
const userRoles = await firstValueFrom(this.authorizeService.getRoles());
|
|
194
|
+
if (route.data['roles'] && !route.data['roles'].filter((value) => userRoles.includes(value))) {
|
|
195
|
+
this.router.navigate(['']);
|
|
196
|
+
return false;
|
|
197
|
+
}
|
|
198
|
+
return true;
|
|
199
|
+
}
|
|
200
|
+
else {
|
|
201
|
+
this.authorizeService.login();
|
|
202
|
+
}
|
|
203
|
+
return false;
|
|
204
|
+
}
|
|
205
|
+
}
|
|
206
|
+
AuthorizeGuard.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: AuthorizeGuard, deps: [{ token: AuthorizeService }, { token: i2$1.Router }], target: i0.ɵɵFactoryTarget.Injectable });
|
|
207
|
+
AuthorizeGuard.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: AuthorizeGuard });
|
|
208
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: AuthorizeGuard, decorators: [{
|
|
209
|
+
type: Injectable
|
|
210
210
|
}], ctorParameters: function () { return [{ type: AuthorizeService }, { type: i2$1.Router }]; } });
|
|
211
211
|
|
|
212
|
-
class SharedAuthModule {
|
|
213
|
-
static forRoot(authorizeOptions) {
|
|
214
|
-
return {
|
|
215
|
-
ngModule: SharedAuthModule,
|
|
216
|
-
providers: [
|
|
217
|
-
{
|
|
218
|
-
provide: AuthorizeOptions,
|
|
219
|
-
useValue: authorizeOptions
|
|
220
|
-
},
|
|
221
|
-
AuthorizeService,
|
|
222
|
-
AuthorizeGuard
|
|
223
|
-
]
|
|
224
|
-
};
|
|
225
|
-
}
|
|
226
|
-
}
|
|
227
|
-
SharedAuthModule.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "15.2.
|
|
228
|
-
SharedAuthModule.ɵmod = i0.ɵɵngDeclareNgModule({ minVersion: "14.0.0", version: "15.2.
|
|
229
|
-
HttpClientModule, i1.OAuthModule], exports: [LoginMenuComponent] });
|
|
230
|
-
SharedAuthModule.ɵinj = i0.ɵɵngDeclareInjector({ minVersion: "12.0.0", version: "15.2.
|
|
231
|
-
HttpClientModule,
|
|
232
|
-
OAuthModule.forRoot()] });
|
|
233
|
-
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "15.2.
|
|
234
|
-
type: NgModule,
|
|
235
|
-
args: [{
|
|
236
|
-
declarations: [LoginMenuComponent],
|
|
237
|
-
exports: [LoginMenuComponent],
|
|
238
|
-
providers: [],
|
|
239
|
-
imports: [
|
|
240
|
-
CommonModule,
|
|
241
|
-
HttpClientModule,
|
|
242
|
-
OAuthModule.forRoot()
|
|
243
|
-
]
|
|
244
|
-
}]
|
|
212
|
+
class SharedAuthModule {
|
|
213
|
+
static forRoot(authorizeOptions) {
|
|
214
|
+
return {
|
|
215
|
+
ngModule: SharedAuthModule,
|
|
216
|
+
providers: [
|
|
217
|
+
{
|
|
218
|
+
provide: AuthorizeOptions,
|
|
219
|
+
useValue: authorizeOptions
|
|
220
|
+
},
|
|
221
|
+
AuthorizeService,
|
|
222
|
+
AuthorizeGuard
|
|
223
|
+
]
|
|
224
|
+
};
|
|
225
|
+
}
|
|
226
|
+
}
|
|
227
|
+
SharedAuthModule.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: SharedAuthModule, deps: [], target: i0.ɵɵFactoryTarget.NgModule });
|
|
228
|
+
SharedAuthModule.ɵmod = i0.ɵɵngDeclareNgModule({ minVersion: "14.0.0", version: "15.2.8", ngImport: i0, type: SharedAuthModule, declarations: [LoginMenuComponent], imports: [CommonModule,
|
|
229
|
+
HttpClientModule, i1.OAuthModule], exports: [LoginMenuComponent] });
|
|
230
|
+
SharedAuthModule.ɵinj = i0.ɵɵngDeclareInjector({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: SharedAuthModule, imports: [CommonModule,
|
|
231
|
+
HttpClientModule,
|
|
232
|
+
OAuthModule.forRoot()] });
|
|
233
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: SharedAuthModule, decorators: [{
|
|
234
|
+
type: NgModule,
|
|
235
|
+
args: [{
|
|
236
|
+
declarations: [LoginMenuComponent],
|
|
237
|
+
exports: [LoginMenuComponent],
|
|
238
|
+
providers: [],
|
|
239
|
+
imports: [
|
|
240
|
+
CommonModule,
|
|
241
|
+
HttpClientModule,
|
|
242
|
+
OAuthModule.forRoot()
|
|
243
|
+
]
|
|
244
|
+
}]
|
|
245
245
|
}] });
|
|
246
246
|
|
|
247
|
-
class AuthorizeInterceptor {
|
|
248
|
-
constructor(authorize) {
|
|
249
|
-
this.authorize = authorize;
|
|
250
|
-
|
|
251
|
-
|
|
252
|
-
|
|
253
|
-
|
|
254
|
-
|
|
255
|
-
|
|
256
|
-
|
|
257
|
-
|
|
258
|
-
//
|
|
259
|
-
|
|
260
|
-
|
|
261
|
-
|
|
262
|
-
|
|
263
|
-
|
|
264
|
-
|
|
265
|
-
|
|
266
|
-
|
|
267
|
-
//
|
|
268
|
-
|
|
269
|
-
|
|
270
|
-
|
|
271
|
-
//
|
|
272
|
-
|
|
273
|
-
|
|
274
|
-
|
|
275
|
-
|
|
276
|
-
|
|
277
|
-
|
|
278
|
-
|
|
279
|
-
|
|
280
|
-
|
|
281
|
-
|
|
282
|
-
|
|
283
|
-
|
|
284
|
-
|
|
285
|
-
|
|
286
|
-
|
|
287
|
-
|
|
288
|
-
|
|
289
|
-
|
|
290
|
-
|
|
291
|
-
|
|
292
|
-
|
|
293
|
-
|
|
294
|
-
|
|
295
|
-
|
|
296
|
-
|
|
297
|
-
|
|
298
|
-
|
|
299
|
-
|
|
300
|
-
|
|
301
|
-
|
|
247
|
+
class AuthorizeInterceptor {
|
|
248
|
+
constructor(authorize) {
|
|
249
|
+
this.authorize = authorize;
|
|
250
|
+
this.accessToken = null;
|
|
251
|
+
authorize.getAccessToken().subscribe(value => this.accessToken = value);
|
|
252
|
+
}
|
|
253
|
+
static isSameOriginUrl(req) {
|
|
254
|
+
// It's an absolute url with the same origin.
|
|
255
|
+
if (req.url.startsWith(`${window.location.origin}/`)) {
|
|
256
|
+
return true;
|
|
257
|
+
}
|
|
258
|
+
// It's a protocol relative url with the same origin.
|
|
259
|
+
// For example: //www.example.com/api/Products
|
|
260
|
+
if (req.url.startsWith(`//${window.location.host}/`)) {
|
|
261
|
+
return true;
|
|
262
|
+
}
|
|
263
|
+
// It's a relative url like /api/Products
|
|
264
|
+
if (/^\/[^\/].*/.test(req.url)) {
|
|
265
|
+
return true;
|
|
266
|
+
}
|
|
267
|
+
// It's an absolute or protocol relative url that
|
|
268
|
+
// doesn't have the same origin.
|
|
269
|
+
return false;
|
|
270
|
+
}
|
|
271
|
+
// Checks if there is an access_token available in the authorize service
|
|
272
|
+
// and adds it to the request in case it's targeted at the same origin as the
|
|
273
|
+
intercept(req, next) {
|
|
274
|
+
return this.processRequestWithToken(this.accessToken, req, next);
|
|
275
|
+
}
|
|
276
|
+
// single page application.
|
|
277
|
+
processRequestWithToken(token, req, next) {
|
|
278
|
+
if (!!token && (AuthorizeInterceptor.isSameOriginUrl(req) || this.isKnownServiceUri(req))) {
|
|
279
|
+
req = req.clone({
|
|
280
|
+
setHeaders: {
|
|
281
|
+
Authorization: `Bearer ${token}`
|
|
282
|
+
}
|
|
283
|
+
});
|
|
284
|
+
}
|
|
285
|
+
return next.handle(req);
|
|
286
|
+
}
|
|
287
|
+
isKnownServiceUri(req) {
|
|
288
|
+
const serviceUris = this.authorize.getServiceUris();
|
|
289
|
+
if (serviceUris) {
|
|
290
|
+
for (let i = 0; i < serviceUris.length; i++) {
|
|
291
|
+
if (req.url.startsWith(`${serviceUris[i]}`)) {
|
|
292
|
+
return true;
|
|
293
|
+
}
|
|
294
|
+
}
|
|
295
|
+
}
|
|
296
|
+
// It's an absolute or protocol relative url that
|
|
297
|
+
// doesn't have the same origin.
|
|
298
|
+
return false;
|
|
299
|
+
}
|
|
300
|
+
}
|
|
301
|
+
AuthorizeInterceptor.ɵfac = i0.ɵɵngDeclareFactory({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: AuthorizeInterceptor, deps: [{ token: AuthorizeService }], target: i0.ɵɵFactoryTarget.Injectable });
|
|
302
|
+
AuthorizeInterceptor.ɵprov = i0.ɵɵngDeclareInjectable({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: AuthorizeInterceptor });
|
|
303
|
+
i0.ɵɵngDeclareClassMetadata({ minVersion: "12.0.0", version: "15.2.8", ngImport: i0, type: AuthorizeInterceptor, decorators: [{
|
|
304
|
+
type: Injectable
|
|
302
305
|
}], ctorParameters: function () { return [{ type: AuthorizeService }]; } });
|
|
303
306
|
|
|
304
|
-
/*
|
|
305
|
-
* Public API Surface of shared-auth
|
|
307
|
+
/*
|
|
308
|
+
* Public API Surface of shared-auth
|
|
306
309
|
*/
|
|
307
310
|
|
|
308
|
-
/**
|
|
309
|
-
* Generated bundle index. Do not edit.
|
|
311
|
+
/**
|
|
312
|
+
* Generated bundle index. Do not edit.
|
|
310
313
|
*/
|
|
311
314
|
|
|
312
315
|
export { AuthorizeGuard, AuthorizeInterceptor, AuthorizeOptions, AuthorizeService, LoginMenuComponent, SharedAuthModule };
|