npm - @openedx/frontend-base - Versions diffs - 1.0.0-alpha.12 → 1.0.0-alpha.13 - Mend

@openedx/frontend-base 1.0.0-alpha.12 → 1.0.0-alpha.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (754) hide show

package/dist/runtime/analytics/interface.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"interface.js","sourceRoot":"","sources":["../../../runtime/analytics/interface.js"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AACH,OAAO,SAAS,MAAM,YAAY,CAAC;AAEnC,MAAM,YAAY,GAAG;IACnB,MAAM,EAAE,SAAS,CAAC,MAAM,CAAC,UAAU;IACnC,UAAU,EAAE,SAAS,CAAC,SAAS,CAAC,CAAC,SAAS,CAAC,IAAI,EAAE,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU;IAC9E,cAAc,EAAE,SAAS,CAAC,KAAK,CAAC;QAC9B,QAAQ,EAAE,SAAS,CAAC,IAAI,CAAC,UAAU;QACnC,OAAO,EAAE,SAAS,CAAC,IAAI,CAAC,UAAU;KACnC,CAAC,CAAC,UAAU;CACd,CAAC;AAEF,MAAM,YAAY,GAAG;IACnB,oBAAoB,EAAE,SAAS,CAAC,IAAI,CAAC,UAAU;IAC/C,yBAAyB,EAAE,SAAS,CAAC,IAAI,CAAC,UAAU;IACpD,qBAAqB,EAAE,SAAS,CAAC,IAAI,CAAC,UAAU;IAChD,cAAc,EAAE,SAAS,CAAC,IAAI,CAAC,UAAU;IACzC,aAAa,EAAE,SAAS,CAAC,IAAI,CAAC,UAAU;CACzC,CAAC;AAEF,IAAI,OAAO,CAAC;AAEZ;;;;;GAKG;AACH,MAAM,UAAU,kBAAkB,CAAC,gBAAgB,EAAE,OAAO;IAC1D,SAAS,CAAC,cAAc,CAAC,YAAY,EAAE,OAAO,EAAE,UAAU,EAAE,WAAW,CAAC,CAAC;IACzE,OAAO,GAAG,IAAI,gBAAgB,CAAC,OAAO,CAAC,CAAC;IACxC,SAAS,CAAC,cAAc,CAAC,YAAY,EAAE,OAAO,EAAE,UAAU,EAAE,kBAAkB,CAAC,CAAC;IAChF,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,oBAAoB,CAAC,SAAS,EAAE,UAAU;IACxD,OAAO,OAAO,CAAC,oBAAoB,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC;AAC7D,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,yBAAyB,CAAC,MAAM,EAAE,MAAM;IACtD,OAAO,CAAC,yBAAyB,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AACpD,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,qBAAqB,CAAC,MAAM;IAC1C,OAAO,OAAO,CAAC,qBAAqB,CAAC,MAAM,CAAC,CAAC;AAC/C,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,cAAc,CAAC,SAAS,EAAE,UAAU;IAClD,OAAO,CAAC,cAAc,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC;AAChD,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,aAAa,CAAC,QAAQ,EAAE,IAAI,EAAE,UAAU;IACtD,OAAO,CAAC,aAAa,CAAC,QAAQ,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC;AACpD,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,mBAAmB;IACjC,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,MAAM,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACjE,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,qBAAqB;IACnC,OAAO,GAAG,IAAI,CAAC;AACjB,CAAC;AAED;;;;;;;;;GASG","sourcesContent":["/**\n * #### Import members from **@openedx/frontend-base** Analytics\n *\n * Contains a shared interface for tracking events. Has a default implementation of\n * SegmentAnalyticsService, which supports Segment and the Tracking Log API (hosted in LMS).\n *\n * The `initialize` function performs much of the analytics configuration for you. If, however,\n * you're not using the `initialize` function, analytics can be configured via:\n *\n * ```\n * import {\n * getSiteConfig,\n * getAuthenticatedHttpClient,\n * getLoggingService,\n * configureAnalytics,\n * SegmentAnalyticsService\n * } from '@openedx/frontend-base';\n *\n * configureAnalytics(SegmentAnalyticsService, {\n * config: getSiteConfig(),\n * loggingService: getLoggingService(),\n * httpClient: getAuthenticatedHttpClient(),\n * });\n * ```\n *\n * As shown in this example, analytics depends on the configuration document, logging, and having\n * an authenticated HTTP client.\n *\n * @module Analytics\n */\nimport PropTypes from 'prop-types';\n\nconst optionsShape = {\n config: PropTypes.object.isRequired,\n httpClient: PropTypes.oneOfType([PropTypes.func, PropTypes.object]).isRequired,\n loggingService: PropTypes.shape({\n logError: PropTypes.func.isRequired,\n logInfo: PropTypes.func.isRequired,\n }).isRequired,\n};\n\nconst serviceShape = {\n sendTrackingLogEvent: PropTypes.func.isRequired,\n identifyAuthenticatedUser: PropTypes.func.isRequired,\n identifyAnonymousUser: PropTypes.func.isRequired,\n sendTrackEvent: PropTypes.func.isRequired,\n sendPageEvent: PropTypes.func.isRequired,\n};\n\nlet service;\n\n/**\n *\n * @param {class} AnalyticsService\n * @param {*} options\n * @returns {AnalyticsService}\n */\nexport function configureAnalytics(AnalyticsService, options) {\n PropTypes.checkPropTypes(optionsShape, options, 'property', 'Analytics');\n service = new AnalyticsService(options);\n PropTypes.checkPropTypes(serviceShape, service, 'property', 'AnalyticsService');\n return service;\n}\n\n/**\n *\n * @param {*} eventName\n * @param {*} properties\n * @returns {Promise}\n */\nexport function sendTrackingLogEvent(eventName, properties) {\n return service.sendTrackingLogEvent(eventName, properties);\n}\n\n/**\n *\n *\n * @param {*} userId\n * @param {*} traits\n */\nexport function identifyAuthenticatedUser(userId, traits) {\n service.identifyAuthenticatedUser(userId, traits);\n}\n\n/**\n *\n *\n * @param {*} traits\n * @returns {Promise}\n */\nexport function identifyAnonymousUser(traits) {\n return service.identifyAnonymousUser(traits);\n}\n\n/**\n *\n *\n * @param {*} eventName\n * @param {*} properties\n */\nexport function sendTrackEvent(eventName, properties) {\n service.sendTrackEvent(eventName, properties);\n}\n\n/**\n *\n *\n * @param {*} category\n * @param {*} name\n * @param {*} properties\n */\nexport function sendPageEvent(category, name, properties) {\n service.sendPageEvent(category, name, properties);\n}\n\n/**\n *\n *\n * @returns {AnalyticsService}\n */\nexport function getAnalyticsService() {\n if (!service) {\n throw Error('You must first configure the analytics service.');\n }\n\n return service;\n}\n\n/**\n *\n */\nexport function resetAnalyticsService() {\n service = null;\n}\n\n/**\n * @name AnalyticsService\n * @interface\n * @memberof module:Analytics\n * @property {function} identifyAnonymousUser\n * @property {function} identifyAuthenticatedUser\n * @property {function} sendPageEvent\n * @property {function} sendTrackEvent\n * @property {function} sendTrackingLogEvent\n */\n"]}

package/dist/runtime/auth/AxiosCsrfTokenService.d.ts ADDED Viewed

@@ -0,0 +1,10 @@
+export default class AxiosCsrfTokenService {
+    constructor(csrfTokenApiPath: any);
+    csrfTokenApiPath: any;
+    httpClient: import("axios").AxiosInstance;
+    csrfTokenCache: {};
+    csrfTokenRequestPromises: {};
+    getCsrfToken(url: any): Promise<any>;
+    clearCsrfTokenCache(): void;
+    getHttpClient(): import("axios").AxiosInstance;
+}

package/dist/runtime/auth/AxiosCsrfTokenService.js ADDED Viewed

@@ -0,0 +1,64 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import axios from 'axios';
+import { getUrlParts, processAxiosErrorAndThrow } from './utils';
+export default class AxiosCsrfTokenService {
+    constructor(csrfTokenApiPath) {
+        this.csrfTokenApiPath = csrfTokenApiPath;
+        this.httpClient = axios.create();
+        // Set withCredentials to true. Enables cross-site Access-Control requests
+        // to be made using cookies, authorization headers or TLS client
+        // certificates. More on MDN:
+        // https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/withCredentials
+        this.httpClient.defaults.withCredentials = true;
+        this.httpClient.defaults.headers['USE-JWT-COOKIE'] = true;
+        this.csrfTokenCache = {};
+        this.csrfTokenRequestPromises = {};
+    }
+    getCsrfToken(url) {
+        return __awaiter(this, void 0, void 0, function* () {
+            let urlParts;
+            try {
+                urlParts = getUrlParts(url);
+            }
+            catch (e) {
+                // If the url is not parsable it's likely because a relative
+                // path was supplied as the url. This is acceptable and in
+                // this case we should use the current origin of the page.
+                urlParts = getUrlParts(global.location.origin);
+            }
+            const { protocol, domain } = urlParts;
+            const csrfToken = this.csrfTokenCache[domain];
+            if (csrfToken) {
+                return csrfToken;
+            }
+            if (!this.csrfTokenRequestPromises[domain]) {
+                this.csrfTokenRequestPromises[domain] = this.httpClient
+                    .get(`${protocol}://${domain}${this.csrfTokenApiPath}`)
+                    .then((response) => {
+                    this.csrfTokenCache[domain] = response.data.csrfToken;
+                    return this.csrfTokenCache[domain];
+                })
+                    .catch(processAxiosErrorAndThrow)
+                    .finally(() => {
+                    delete this.csrfTokenRequestPromises[domain];
+                });
+            }
+            return this.csrfTokenRequestPromises[domain];
+        });
+    }
+    clearCsrfTokenCache() {
+        this.csrfTokenCache = {};
+    }
+    getHttpClient() {
+        return this.httpClient;
+    }
+}
+//# sourceMappingURL=AxiosCsrfTokenService.js.map

package/dist/runtime/auth/AxiosCsrfTokenService.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"AxiosCsrfTokenService.js","sourceRoot":"","sources":["../../../runtime/auth/AxiosCsrfTokenService.js"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,WAAW,EAAE,yBAAyB,EAAE,MAAM,SAAS,CAAC;AAEjE,MAAM,CAAC,OAAO,OAAO,qBAAqB;IACxC,YAAY,gBAAgB;QAC1B,IAAI,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;QACzC,IAAI,CAAC,UAAU,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC;QACjC,0EAA0E;QAC1E,gEAAgE;QAChE,6BAA6B;QAC7B,kFAAkF;QAClF,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,eAAe,GAAG,IAAI,CAAC;QAChD,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC,gBAAgB,CAAC,GAAG,IAAI,CAAC;QAE1D,IAAI,CAAC,cAAc,GAAG,EAAE,CAAC;QACzB,IAAI,CAAC,wBAAwB,GAAG,EAAE,CAAC;IACrC,CAAC;IAEK,YAAY,CAAC,GAAG;;YACpB,IAAI,QAAQ,CAAC;YACb,IAAI,CAAC;gBACH,QAAQ,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;YAC9B,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,4DAA4D;gBAC5D,0DAA0D;gBAC1D,0DAA0D;gBAC1D,QAAQ,GAAG,WAAW,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YACjD,CAAC;YAED,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,QAAQ,CAAC;YACtC,MAAM,SAAS,GAAG,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;YAE9C,IAAI,SAAS,EAAE,CAAC;gBACd,OAAO,SAAS,CAAC;YACnB,CAAC;YAED,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC3C,IAAI,CAAC,wBAAwB,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,UAAU;qBACpD,GAAG,CAAC,GAAG,QAAQ,MAAM,MAAM,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;qBACtD,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE;oBACjB,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC;oBACtD,OAAO,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;gBACrC,CAAC,CAAC;qBACD,KAAK,CAAC,yBAAyB,CAAC;qBAChC,OAAO,CAAC,GAAG,EAAE;oBACZ,OAAO,IAAI,CAAC,wBAAwB,CAAC,MAAM,CAAC,CAAC;gBAC/C,CAAC,CAAC,CAAC;YACP,CAAC;YAED,OAAO,IAAI,CAAC,wBAAwB,CAAC,MAAM,CAAC,CAAC;QAC/C,CAAC;KAAA;IAED,mBAAmB;QACjB,IAAI,CAAC,cAAc,GAAG,EAAE,CAAC;IAC3B,CAAC;IAED,aAAa;QACX,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;CACF","sourcesContent":["import axios from 'axios';\nimport { getUrlParts, processAxiosErrorAndThrow } from './utils';\n\nexport default class AxiosCsrfTokenService {\n constructor(csrfTokenApiPath) {\n this.csrfTokenApiPath = csrfTokenApiPath;\n this.httpClient = axios.create();\n // Set withCredentials to true. Enables cross-site Access-Control requests\n // to be made using cookies, authorization headers or TLS client\n // certificates. More on MDN:\n // https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/withCredentials\n this.httpClient.defaults.withCredentials = true;\n this.httpClient.defaults.headers['USE-JWT-COOKIE'] = true;\n\n this.csrfTokenCache = {};\n this.csrfTokenRequestPromises = {};\n }\n\n async getCsrfToken(url) {\n let urlParts;\n try {\n urlParts = getUrlParts(url);\n } catch (e) {\n // If the url is not parsable it's likely because a relative\n // path was supplied as the url. This is acceptable and in\n // this case we should use the current origin of the page.\n urlParts = getUrlParts(global.location.origin);\n }\n\n const { protocol, domain } = urlParts;\n const csrfToken = this.csrfTokenCache[domain];\n\n if (csrfToken) {\n return csrfToken;\n }\n\n if (!this.csrfTokenRequestPromises[domain]) {\n this.csrfTokenRequestPromises[domain] = this.httpClient\n .get(`${protocol}://${domain}${this.csrfTokenApiPath}`)\n .then((response) => {\n this.csrfTokenCache[domain] = response.data.csrfToken;\n return this.csrfTokenCache[domain];\n })\n .catch(processAxiosErrorAndThrow)\n .finally(() => {\n delete this.csrfTokenRequestPromises[domain];\n });\n }\n\n return this.csrfTokenRequestPromises[domain];\n }\n\n clearCsrfTokenCache() {\n this.csrfTokenCache = {};\n }\n\n getHttpClient() {\n return this.httpClient;\n }\n}\n"]}

package/dist/runtime/auth/AxiosJwtAuthService.d.ts ADDED Viewed

@@ -0,0 +1,182 @@
+export default AxiosJwtAuthService;
+/**
+ * @implements {AuthService}
+ * @memberof module:Auth
+ */
+declare class AxiosJwtAuthService implements AuthService {
+    /**
+     * @param {Object} options
+     * @param {Object} options.config
+     * @param {string} options.config.baseUrl
+     * @param {string} options.config.lmsBaseUrl
+     * @param {string} options.config.loginUrl
+     * @param {string} options.config.logoutUrl
+     * @param {string} options.config.refreshAccessTokenApiPath
+     * @param {string} options.config.accessTokenCookieName
+     * @param {string} options.config.csrfTokenApiPath
+     * @param {Object} options.loggingService requires logError and logInfo methods
+     */
+    constructor(options: {
+        config: {
+            baseUrl: string;
+            lmsBaseUrl: string;
+            loginUrl: string;
+            logoutUrl: string;
+            refreshAccessTokenApiPath: string;
+            accessTokenCookieName: string;
+            csrfTokenApiPath: string;
+        };
+        loggingService: any;
+    });
+    authenticatedHttpClient: HttpClient;
+    httpClient: import("axios").AxiosInstance;
+    cachedAuthenticatedHttpClient: any;
+    cachedHttpClient: any;
+    authenticatedUser: any;
+    config: {
+        baseUrl: string;
+        lmsBaseUrl: string;
+        loginUrl: string;
+        logoutUrl: string;
+        refreshAccessTokenApiPath: string;
+        accessTokenCookieName: string;
+        csrfTokenApiPath: string;
+    };
+    loggingService: any;
+    jwtTokenService: AxiosJwtTokenService;
+    csrfTokenService: AxiosCsrfTokenService;
+    middleware: any;
+    /**
+     * Applies middleware to the axios instances in this service.
+     *
+     * @param {Array} middleware Middleware to apply.
+     */
+    applyMiddleware(middleware?: any[]): void;
+    /**
+     * Gets the authenticated HTTP client for the service.  This is an axios instance.
+     *
+     * @param {Object} [options] Optional options for how the HTTP client should be configured.
+     * @param {boolean} [options.useCache] Whether to use front end caching for all requests made
+     * with the returned client.
+     *
+     * @returns {HttpClient} A configured axios http client which can be used for authenticated
+     * requests.
+     */
+    getAuthenticatedHttpClient(options?: {
+        useCache?: boolean | undefined;
+    }): HttpClient;
+    /**
+     * Gets the unauthenticated HTTP client for the service.  This is an axios instance.
+     *
+     * @param {Object} [options] Optional options for how the HTTP client should be configured.
+     * @param {boolean} [options.useCache] Whether to use front end caching for all requests made
+     * with the returned client.
+     * @returns {HttpClient} A configured axios http client.
+     */
+    getHttpClient(options?: {
+        useCache?: boolean | undefined;
+    }): HttpClient;
+    /**
+     * Used primarily for testing.
+     *
+     * @ignore
+     */
+    getJwtTokenService(): AxiosJwtTokenService;
+    /**
+     * Used primarily for testing.
+     *
+     * @ignore
+     */
+    getCsrfTokenService(): AxiosCsrfTokenService;
+    /**
+     * Builds a URL to the login page with a post-login redirect URL attached as a query parameter.
+     *
+     * ```
+     * const url = getLoginRedirectUrl('http://localhost/mypage');
+     * console.log(url); // http://localhost/login?next=http%3A%2F%2Flocalhost%2Fmypage
+     * ```
+     *
+     * @param {string} redirectUrl The URL the user should be redirected to after logging in.
+     */
+    getLoginRedirectUrl(redirectUrl?: string): string;
+    /**
+     * Redirects the user to the login page.
+     *
+     * @param {string} redirectUrl The URL the user should be redirected to after logging in.
+     */
+    redirectToLogin(redirectUrl?: string): void;
+    /**
+     * Builds a URL to the logout page with a post-logout redirect URL attached as a query parameter.
+     *
+     * ```
+     * const url = getLogoutRedirectUrl('http://localhost/mypage');
+     * console.log(url); // http://localhost/logout?next=http%3A%2F%2Flocalhost%2Fmypage
+     * ```
+     *
+     * @param {string} redirectUrl The URL the user should be redirected to after logging out.
+     */
+    getLogoutRedirectUrl(redirectUrl?: string): string;
+    /**
+     * Redirects the user to the logout page.
+     *
+     * @param {string} redirectUrl The URL the user should be redirected to after logging out.
+     */
+    redirectToLogout(redirectUrl?: string): void;
+    /**
+     * If it exists, returns the user data representing the currently authenticated user. If the
+     * user is anonymous, returns null.
+     *
+     * @returns {UserData|null}
+     */
+    getAuthenticatedUser(): UserData | null;
+    /**
+     * Sets the authenticated user to the provided value.
+     *
+     * @param {UserData} authUser
+     */
+    setAuthenticatedUser(authUser: UserData): void;
+    /**
+     * Reads the authenticated user's access token. Resolves to null if the user is
+     * unauthenticated.
+     *
+     * @returns {Promise<UserData>|Promise<null>} Resolves to the user's access token if they are
+     * logged in.
+     */
+    fetchAuthenticatedUser(options?: {}): Promise<UserData> | Promise<null>;
+    /**
+     * Ensures a user is authenticated. It will redirect to login when not
+     * authenticated.
+     *
+     * @param {string} [redirectUrl=config.baseUrl] to return user after login when not
+     * authenticated.
+     * @returns {Promise<UserData>}
+     */
+    ensureAuthenticatedUser(redirectUrl?: string): Promise<UserData>;
+    /**
+     * Fetches additional user account information for the authenticated user and merges it into the
+     * existing authenticatedUser object, available via getAuthenticatedUser().
+     *
+     * ```
+     *  console.log(authenticatedUser); // Will be sparse and only contain basic information.
+     *  await hydrateAuthenticatedUser()
+     *  const authenticatedUser = getAuthenticatedUser();
+     *  console.log(authenticatedUser); // Will contain additional user information
+     * ```
+     *
+     * @returns {Promise<null>}
+     */
+    hydrateAuthenticatedUser(): Promise<null>;
+    /**
+   * Adds authentication defaults and interceptors to an HTTP client instance.
+   *
+   * @param {HttpClient} newHttpClient
+   * @param {Object} config
+   * @param {string} [config.refreshAccessTokenApiPath]
+   * @param {string} [config.accessTokenCookieName]
+   * @param {string} [config.csrfTokenApiPath]
+   * @returns {HttpClient} A configured Axios HTTP client.
+   */
+    addAuthenticationToHttpClient(newHttpClient: HttpClient): HttpClient;
+}
+import AxiosJwtTokenService from './AxiosJwtTokenService';
+import AxiosCsrfTokenService from './AxiosCsrfTokenService';

package/dist/runtime/auth/AxiosJwtAuthService.js ADDED Viewed

@@ -0,0 +1,339 @@
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+import axios from 'axios';
+import PropTypes from 'prop-types';
+import { camelCaseObject } from '../utils';
+import AxiosCsrfTokenService from './AxiosCsrfTokenService';
+import AxiosJwtTokenService from './AxiosJwtTokenService';
+import createCsrfTokenProviderInterceptor from './interceptors/createCsrfTokenProviderInterceptor';
+import createJwtTokenProviderInterceptor from './interceptors/createJwtTokenProviderInterceptor';
+import createProcessAxiosRequestErrorInterceptor from './interceptors/createProcessAxiosRequestErrorInterceptor';
+import configureCache from './LocalForageCache';
+import { logFrontendAuthError } from './utils';
+const optionsPropTypes = {
+    config: PropTypes.shape({
+        baseUrl: PropTypes.string.isRequired,
+        lmsBaseUrl: PropTypes.string.isRequired,
+        loginUrl: PropTypes.string.isRequired,
+        logoutUrl: PropTypes.string.isRequired,
+        refreshAccessTokenApiPath: PropTypes.string.isRequired,
+        accessTokenCookieName: PropTypes.string.isRequired,
+        csrfTokenApiPath: PropTypes.string.isRequired,
+    }).isRequired,
+    loggingService: PropTypes.shape({
+        logError: PropTypes.func.isRequired,
+        logInfo: PropTypes.func.isRequired,
+    }).isRequired,
+};
+/**
+ * @implements {AuthService}
+ * @memberof module:Auth
+ */
+class AxiosJwtAuthService {
+    /**
+     * @param {Object} options
+     * @param {Object} options.config
+     * @param {string} options.config.baseUrl
+     * @param {string} options.config.lmsBaseUrl
+     * @param {string} options.config.loginUrl
+     * @param {string} options.config.logoutUrl
+     * @param {string} options.config.refreshAccessTokenApiPath
+     * @param {string} options.config.accessTokenCookieName
+     * @param {string} options.config.csrfTokenApiPath
+     * @param {Object} options.loggingService requires logError and logInfo methods
+     */
+    constructor(options) {
+        this.authenticatedHttpClient = null;
+        this.httpClient = null;
+        this.cachedAuthenticatedHttpClient = null;
+        this.cachedHttpClient = null;
+        this.authenticatedUser = null;
+        PropTypes.checkPropTypes(optionsPropTypes, options, 'options', 'AuthService');
+        this.config = options.config;
+        this.loggingService = options.loggingService;
+        this.jwtTokenService = new AxiosJwtTokenService(this.loggingService, this.config.accessTokenCookieName, this.config.lmsBaseUrl, this.config.refreshAccessTokenApiPath);
+        this.csrfTokenService = new AxiosCsrfTokenService(this.config.csrfTokenApiPath);
+        this.authenticatedHttpClient = this.addAuthenticationToHttpClient(axios.create());
+        this.httpClient = axios.create();
+        configureCache()
+            .then((cachedAxiosClient) => {
+            this.cachedAuthenticatedHttpClient = this.addAuthenticationToHttpClient(cachedAxiosClient);
+            this.cachedHttpClient = cachedAxiosClient;
+        })
+            .catch((e) => {
+            // fallback to non-cached HTTP clients and log error
+            this.cachedAuthenticatedHttpClient = this.authenticatedHttpClient;
+            this.cachedHttpClient = this.httpClient;
+            logFrontendAuthError(this.loggingService, `configureCache failed with error: ${e.message}`);
+        }).finally(() => {
+            this.middleware = options.middleware;
+            this.applyMiddleware(options.middleware);
+        });
+    }
+    /**
+     * Applies middleware to the axios instances in this service.
+     *
+     * @param {Array} middleware Middleware to apply.
+     */
+    applyMiddleware(middleware = []) {
+        const clients = [
+            this.authenticatedHttpClient, this.httpClient,
+            this.cachedAuthenticatedHttpClient, this.cachedHttpClient,
+        ];
+        try {
+            (middleware).forEach((middlewareFn) => {
+                clients.forEach((client) => client && middlewareFn(client));
+            });
+        }
+        catch (error) {
+            logFrontendAuthError(this.loggingService, error);
+            throw error;
+        }
+    }
+    /**
+     * Gets the authenticated HTTP client for the service.  This is an axios instance.
+     *
+     * @param {Object} [options] Optional options for how the HTTP client should be configured.
+     * @param {boolean} [options.useCache] Whether to use front end caching for all requests made
+     * with the returned client.
+     *
+     * @returns {HttpClient} A configured axios http client which can be used for authenticated
+     * requests.
+     */
+    getAuthenticatedHttpClient(options = {}) {
+        if (options.useCache) {
+            return this.cachedAuthenticatedHttpClient;
+        }
+        return this.authenticatedHttpClient;
+    }
+    /**
+     * Gets the unauthenticated HTTP client for the service.  This is an axios instance.
+     *
+     * @param {Object} [options] Optional options for how the HTTP client should be configured.
+     * @param {boolean} [options.useCache] Whether to use front end caching for all requests made
+     * with the returned client.
+     * @returns {HttpClient} A configured axios http client.
+     */
+    getHttpClient(options = {}) {
+        if (options.useCache) {
+            return this.cachedHttpClient;
+        }
+        return this.httpClient;
+    }
+    /**
+     * Used primarily for testing.
+     *
+     * @ignore
+     */
+    getJwtTokenService() {
+        return this.jwtTokenService;
+    }
+    /**
+     * Used primarily for testing.
+     *
+     * @ignore
+     */
+    getCsrfTokenService() {
+        return this.csrfTokenService;
+    }
+    /**
+     * Builds a URL to the login page with a post-login redirect URL attached as a query parameter.
+     *
+     * ```
+     * const url = getLoginRedirectUrl('http://localhost/mypage');
+     * console.log(url); // http://localhost/login?next=http%3A%2F%2Flocalhost%2Fmypage
+     * ```
+     *
+     * @param {string} redirectUrl The URL the user should be redirected to after logging in.
+     */
+    getLoginRedirectUrl(redirectUrl = this.config.baseUrl) {
+        return `${this.config.loginUrl}?next=${encodeURIComponent(redirectUrl)}`;
+    }
+    /**
+     * Redirects the user to the login page.
+     *
+     * @param {string} redirectUrl The URL the user should be redirected to after logging in.
+     */
+    redirectToLogin(redirectUrl = this.config.baseUrl) {
+        global.location.assign(this.getLoginRedirectUrl(redirectUrl));
+    }
+    /**
+     * Builds a URL to the logout page with a post-logout redirect URL attached as a query parameter.
+     *
+     * ```
+     * const url = getLogoutRedirectUrl('http://localhost/mypage');
+     * console.log(url); // http://localhost/logout?next=http%3A%2F%2Flocalhost%2Fmypage
+     * ```
+     *
+     * @param {string} redirectUrl The URL the user should be redirected to after logging out.
+     */
+    getLogoutRedirectUrl(redirectUrl = this.config.baseUrl) {
+        return `${this.config.logoutUrl}?redirect_url=${encodeURIComponent(redirectUrl)}`;
+    }
+    /**
+     * Redirects the user to the logout page.
+     *
+     * @param {string} redirectUrl The URL the user should be redirected to after logging out.
+     */
+    redirectToLogout(redirectUrl = this.config.baseUrl) {
+        global.location.assign(this.getLogoutRedirectUrl(redirectUrl));
+    }
+    /**
+     * If it exists, returns the user data representing the currently authenticated user. If the
+     * user is anonymous, returns null.
+     *
+     * @returns {UserData|null}
+     */
+    getAuthenticatedUser() {
+        return this.authenticatedUser;
+    }
+    /**
+     * Sets the authenticated user to the provided value.
+     *
+     * @param {UserData} authUser
+     */
+    setAuthenticatedUser(authUser) {
+        this.authenticatedUser = authUser;
+    }
+    /**
+     * Reads the authenticated user's access token. Resolves to null if the user is
+     * unauthenticated.
+     *
+     * @returns {Promise<UserData>|Promise<null>} Resolves to the user's access token if they are
+     * logged in.
+     */
+    fetchAuthenticatedUser() {
+        return __awaiter(this, arguments, void 0, function* (options = {}) {
+            const decodedAccessToken = yield this.jwtTokenService.getJwtToken(options.forceRefresh || false);
+            if (decodedAccessToken !== null) {
+                this.setAuthenticatedUser({
+                    email: decodedAccessToken.email,
+                    userId: decodedAccessToken.user_id,
+                    username: decodedAccessToken.preferred_username,
+                    roles: decodedAccessToken.roles || [],
+                    administrator: decodedAccessToken.administrator,
+                    name: decodedAccessToken.name,
+                });
+                // Sets userId as a custom attribute that will be included with all subsequent log messages.
+                // Very helpful for debugging.
+                this.loggingService.setCustomAttribute('userId', decodedAccessToken.user_id);
+            }
+            else {
+                this.setAuthenticatedUser(null);
+                // Intentionally not setting `userId` in the logging service here because it would be useful
+                // to know the previously logged in user for debugging refresh issues.
+            }
+            return this.getAuthenticatedUser();
+        });
+    }
+    /**
+     * Ensures a user is authenticated. It will redirect to login when not
+     * authenticated.
+     *
+     * @param {string} [redirectUrl=config.baseUrl] to return user after login when not
+     * authenticated.
+     * @returns {Promise<UserData>}
+     */
+    ensureAuthenticatedUser() {
+        return __awaiter(this, arguments, void 0, function* (redirectUrl = this.config.baseUrl) {
+            var _a;
+            yield this.fetchAuthenticatedUser();
+            if (this.getAuthenticatedUser() === null) {
+                const isRedirectFromLoginPage = (_a = global.document.referrer) === null || _a === void 0 ? void 0 : _a.startsWith(this.config.loginUrl);
+                if (isRedirectFromLoginPage) {
+                    const redirectLoopError = new Error('Redirect from login page. Rejecting to avoid infinite redirect loop.');
+                    logFrontendAuthError(this.loggingService, redirectLoopError);
+                    throw redirectLoopError;
+                }
+                // The user is not authenticated, send them to the login page.
+                this.redirectToLogin(redirectUrl);
+                const unauthorizedError = new Error('Failed to ensure the user is authenticated');
+                unauthorizedError.isRedirecting = true;
+                throw unauthorizedError;
+            }
+            return this.getAuthenticatedUser();
+        });
+    }
+    /**
+     * Fetches additional user account information for the authenticated user and merges it into the
+     * existing authenticatedUser object, available via getAuthenticatedUser().
+     *
+     * ```
+     *  console.log(authenticatedUser); // Will be sparse and only contain basic information.
+     *  await hydrateAuthenticatedUser()
+     *  const authenticatedUser = getAuthenticatedUser();
+     *  console.log(authenticatedUser); // Will contain additional user information
+     * ```
+     *
+     * @returns {Promise<null>}
+     */
+    hydrateAuthenticatedUser() {
+        return __awaiter(this, void 0, void 0, function* () {
+            const user = this.getAuthenticatedUser();
+            if (user !== null) {
+                const response = yield this.authenticatedHttpClient
+                    .get(`${this.config.lmsBaseUrl}/api/user/v1/accounts/${user.username}`);
+                this.setAuthenticatedUser(Object.assign(Object.assign({}, user), camelCaseObject(response.data)));
+            }
+        });
+    }
+    /**
+   * Adds authentication defaults and interceptors to an HTTP client instance.
+   *
+   * @param {HttpClient} newHttpClient
+   * @param {Object} config
+   * @param {string} [config.refreshAccessTokenApiPath]
+   * @param {string} [config.accessTokenCookieName]
+   * @param {string} [config.csrfTokenApiPath]
+   * @returns {HttpClient} A configured Axios HTTP client.
+   */
+    addAuthenticationToHttpClient(newHttpClient) {
+        const httpClient = Object.create(newHttpClient);
+        // Set withCredentials to true. Enables cross-site Access-Control requests
+        // to be made using cookies, authorization headers or TLS client
+        // certificates. More on MDN:
+        // https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/withCredentials
+        httpClient.defaults.withCredentials = true;
+        // Axios interceptors
+        // The JWT access token interceptor attempts to refresh the user's jwt token
+        // before any request unless the isPublic flag is set on the request config.
+        const refreshAccessTokenInterceptor = createJwtTokenProviderInterceptor({
+            jwtTokenService: this.jwtTokenService,
+            shouldSkip: axiosRequestConfig => axiosRequestConfig.isPublic,
+        });
+        // The CSRF token intercepter fetches and caches a csrf token for any post,
+        // put, patch, or delete request. That token is then added to the request
+        // headers.
+        const attachCsrfTokenInterceptor = createCsrfTokenProviderInterceptor({
+            csrfTokenService: this.csrfTokenService,
+            csrfTokenApiPath: this.config.csrfTokenApiPath,
+            shouldSkip: (axiosRequestConfig) => {
+                const { method, isCsrfExempt } = axiosRequestConfig;
+                const CSRF_PROTECTED_METHODS = ['post', 'put', 'patch', 'delete'];
+                return isCsrfExempt || !CSRF_PROTECTED_METHODS.includes(method);
+            },
+        });
+        const processAxiosRequestErrorInterceptor = createProcessAxiosRequestErrorInterceptor({
+            loggingService: this.loggingService,
+        });
+        // Request interceptors: Axios runs the interceptors in reverse order from
+        // how they are listed. After fetching csrf tokens no longer require jwt
+        // authentication, it won't matter which happens first. This change is
+        // coming soon in edx-platform. Nov. 2019
+        httpClient.interceptors.request.use(attachCsrfTokenInterceptor);
+        httpClient.interceptors.request.use(refreshAccessTokenInterceptor);
+        // Response interceptor: moves axios response error data into the error
+        // object at error.customAttributes
+        httpClient.interceptors.response.use(response => response, processAxiosRequestErrorInterceptor);
+        return httpClient;
+    }
+}
+export default AxiosJwtAuthService;
+//# sourceMappingURL=AxiosJwtAuthService.js.map

package/dist/runtime/auth/AxiosJwtAuthService.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"AxiosJwtAuthService.js","sourceRoot":"","sources":["../../../runtime/auth/AxiosJwtAuthService.js"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,SAAS,MAAM,YAAY,CAAC;AACnC,OAAO,EAAE,eAAe,EAAE,MAAM,UAAU,CAAC;AAC3C,OAAO,qBAAqB,MAAM,yBAAyB,CAAC;AAC5D,OAAO,oBAAoB,MAAM,wBAAwB,CAAC;AAC1D,OAAO,kCAAkC,MAAM,mDAAmD,CAAC;AACnG,OAAO,iCAAiC,MAAM,kDAAkD,CAAC;AACjG,OAAO,yCAAyC,MAAM,0DAA0D,CAAC;AACjH,OAAO,cAAc,MAAM,oBAAoB,CAAC;AAChD,OAAO,EAAE,oBAAoB,EAAE,MAAM,SAAS,CAAC;AAE/C,MAAM,gBAAgB,GAAG;IACvB,MAAM,EAAE,SAAS,CAAC,KAAK,CAAC;QACtB,OAAO,EAAE,SAAS,CAAC,MAAM,CAAC,UAAU;QACpC,UAAU,EAAE,SAAS,CAAC,MAAM,CAAC,UAAU;QACvC,QAAQ,EAAE,SAAS,CAAC,MAAM,CAAC,UAAU;QACrC,SAAS,EAAE,SAAS,CAAC,MAAM,CAAC,UAAU;QACtC,yBAAyB,EAAE,SAAS,CAAC,MAAM,CAAC,UAAU;QACtD,qBAAqB,EAAE,SAAS,CAAC,MAAM,CAAC,UAAU;QAClD,gBAAgB,EAAE,SAAS,CAAC,MAAM,CAAC,UAAU;KAC9C,CAAC,CAAC,UAAU;IACb,cAAc,EAAE,SAAS,CAAC,KAAK,CAAC;QAC9B,QAAQ,EAAE,SAAS,CAAC,IAAI,CAAC,UAAU;QACnC,OAAO,EAAE,SAAS,CAAC,IAAI,CAAC,UAAU;KACnC,CAAC,CAAC,UAAU;CACd,CAAC;AAEF;;;GAGG;AACH,MAAM,mBAAmB;IACvB;;;;;;;;;;;OAWG;IACH,YAAY,OAAO;QACjB,IAAI,CAAC,uBAAuB,GAAG,IAAI,CAAC;QACpC,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC;QACvB,IAAI,CAAC,6BAA6B,GAAG,IAAI,CAAC;QAC1C,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC;QAC7B,IAAI,CAAC,iBAAiB,GAAG,IAAI,CAAC;QAE9B,SAAS,CAAC,cAAc,CAAC,gBAAgB,EAAE,OAAO,EAAE,SAAS,EAAE,aAAa,CAAC,CAAC;QAE9E,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;QAC7B,IAAI,CAAC,cAAc,GAAG,OAAO,CAAC,cAAc,CAAC;QAC7C,IAAI,CAAC,eAAe,GAAG,IAAI,oBAAoB,CAC7C,IAAI,CAAC,cAAc,EACnB,IAAI,CAAC,MAAM,CAAC,qBAAqB,EACjC,IAAI,CAAC,MAAM,CAAC,UAAU,EACtB,IAAI,CAAC,MAAM,CAAC,yBAAyB,CACtC,CAAC;QACF,IAAI,CAAC,gBAAgB,GAAG,IAAI,qBAAqB,CAAC,IAAI,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC;QAChF,IAAI,CAAC,uBAAuB,GAAG,IAAI,CAAC,6BAA6B,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;QAClF,IAAI,CAAC,UAAU,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC;QACjC,cAAc,EAAE;aACb,IAAI,CAAC,CAAC,iBAAiB,EAAE,EAAE;YAC1B,IAAI,CAAC,6BAA6B,GAAG,IAAI,CAAC,6BAA6B,CAAC,iBAAiB,CAAC,CAAC;YAC3F,IAAI,CAAC,gBAAgB,GAAG,iBAAiB,CAAC;QAC5C,CAAC,CAAC;aACD,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE;YACX,oDAAoD;YACpD,IAAI,CAAC,6BAA6B,GAAG,IAAI,CAAC,uBAAuB,CAAC;YAClE,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC,UAAU,CAAC;YACxC,oBAAoB,CAAC,IAAI,CAAC,cAAc,EAAE,qCAAqC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;QAC9F,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE;YACd,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;YACrC,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QAC3C,CAAC,CAAC,CAAC;IACP,CAAC;IAED;;;;OAIG;IACH,eAAe,CAAC,UAAU,GAAG,EAAE;QAC7B,MAAM,OAAO,GAAG;YACd,IAAI,CAAC,uBAAuB,EAAE,IAAI,CAAC,UAAU;YAC7C,IAAI,CAAC,6BAA6B,EAAE,IAAI,CAAC,gBAAgB;SAC1D,CAAC;QACF,IAAI,CAAC;YACH,CAAC,UAAU,CAAC,CAAC,OAAO,CAAC,CAAC,YAAY,EAAE,EAAE;gBACpC,OAAO,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,IAAI,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC;YAC9D,CAAC,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,oBAAoB,CAAC,IAAI,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC;YACjD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;;;;;;;;OASG;IACH,0BAA0B,CAAC,OAAO,GAAG,EAAE;QACrC,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YACrB,OAAO,IAAI,CAAC,6BAA6B,CAAC;QAC5C,CAAC;QAED,OAAO,IAAI,CAAC,uBAAuB,CAAC;IACtC,CAAC;IAED;;;;;;;OAOG;IACH,aAAa,CAAC,OAAO,GAAG,EAAE;QACxB,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YACrB,OAAO,IAAI,CAAC,gBAAgB,CAAC;QAC/B,CAAC;QAED,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IAED;;;;OAIG;IACH,kBAAkB;QAChB,OAAO,IAAI,CAAC,eAAe,CAAC;IAC9B,CAAC;IAED;;;;OAIG;IACH,mBAAmB;QACjB,OAAO,IAAI,CAAC,gBAAgB,CAAC;IAC/B,CAAC;IAED;;;;;;;;;OASG;IACH,mBAAmB,CAAC,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO;QACnD,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,SAAS,kBAAkB,CAAC,WAAW,CAAC,EAAE,CAAC;IAC3E,CAAC;IAED;;;;OAIG;IACH,eAAe,CAAC,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO;QAC/C,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,WAAW,CAAC,CAAC,CAAC;IAChE,CAAC;IAED;;;;;;;;;OASG;IACH,oBAAoB,CAAC,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO;QACpD,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,SAAS,iBAAiB,kBAAkB,CAAC,WAAW,CAAC,EAAE,CAAC;IACpF,CAAC;IAED;;;;OAIG;IACH,gBAAgB,CAAC,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO;QAChD,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,WAAW,CAAC,CAAC,CAAC;IACjE,CAAC;IAED;;;;;OAKG;IACH,oBAAoB;QAClB,OAAO,IAAI,CAAC,iBAAiB,CAAC;IAChC,CAAC;IAED;;;;OAIG;IACH,oBAAoB,CAAC,QAAQ;QAC3B,IAAI,CAAC,iBAAiB,GAAG,QAAQ,CAAC;IACpC,CAAC;IAED;;;;;;OAMG;IACG,sBAAsB;6DAAC,OAAO,GAAG,EAAE;YACvC,MAAM,kBAAkB,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,OAAO,CAAC,YAAY,IAAI,KAAK,CAAC,CAAC;YAEjG,IAAI,kBAAkB,KAAK,IAAI,EAAE,CAAC;gBAChC,IAAI,CAAC,oBAAoB,CAAC;oBACxB,KAAK,EAAE,kBAAkB,CAAC,KAAK;oBAC/B,MAAM,EAAE,kBAAkB,CAAC,OAAO;oBAClC,QAAQ,EAAE,kBAAkB,CAAC,kBAAkB;oBAC/C,KAAK,EAAE,kBAAkB,CAAC,KAAK,IAAI,EAAE;oBACrC,aAAa,EAAE,kBAAkB,CAAC,aAAa;oBAC/C,IAAI,EAAE,kBAAkB,CAAC,IAAI;iBAC9B,CAAC,CAAC;gBACH,4FAA4F;gBAC5F,8BAA8B;gBAC9B,IAAI,CAAC,cAAc,CAAC,kBAAkB,CAAC,QAAQ,EAAE,kBAAkB,CAAC,OAAO,CAAC,CAAC;YAC/E,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC;gBAChC,4FAA4F;gBAC5F,sEAAsE;YACxE,CAAC;YAED,OAAO,IAAI,CAAC,oBAAoB,EAAE,CAAC;QACrC,CAAC;KAAA;IAED;;;;;;;OAOG;IACG,uBAAuB;6DAAC,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,OAAO;;YAC7D,MAAM,IAAI,CAAC,sBAAsB,EAAE,CAAC;YAEpC,IAAI,IAAI,CAAC,oBAAoB,EAAE,KAAK,IAAI,EAAE,CAAC;gBACzC,MAAM,uBAAuB,GAAG,MAAA,MAAM,CAAC,QAAQ,CAAC,QAAQ,0CAAE,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;gBAE3F,IAAI,uBAAuB,EAAE,CAAC;oBAC5B,MAAM,iBAAiB,GAAG,IAAI,KAAK,CAAC,sEAAsE,CAAC,CAAC;oBAC5G,oBAAoB,CAAC,IAAI,CAAC,cAAc,EAAE,iBAAiB,CAAC,CAAC;oBAC7D,MAAM,iBAAiB,CAAC;gBAC1B,CAAC;gBAED,8DAA8D;gBAC9D,IAAI,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC;gBAElC,MAAM,iBAAiB,GAAG,IAAI,KAAK,CAAC,4CAA4C,CAAC,CAAC;gBAClF,iBAAiB,CAAC,aAAa,GAAG,IAAI,CAAC;gBACvC,MAAM,iBAAiB,CAAC;YAC1B,CAAC;YAED,OAAO,IAAI,CAAC,oBAAoB,EAAE,CAAC;QACrC,CAAC;KAAA;IAED;;;;;;;;;;;;OAYG;IACG,wBAAwB;;YAC5B,MAAM,IAAI,GAAG,IAAI,CAAC,oBAAoB,EAAE,CAAC;YACzC,IAAI,IAAI,KAAK,IAAI,EAAE,CAAC;gBAClB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,uBAAuB;qBAChD,GAAG,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,UAAU,yBAAyB,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;gBAC1E,IAAI,CAAC,oBAAoB,iCAAM,IAAI,GAAK,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAG,CAAC;YAC5E,CAAC;QACH,CAAC;KAAA;IAED;;;;;;;;;KASC;IACD,6BAA6B,CAAC,aAAa;QACzC,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;QAChD,0EAA0E;QAC1E,gEAAgE;QAChE,6BAA6B;QAC7B,kFAAkF;QAClF,UAAU,CAAC,QAAQ,CAAC,eAAe,GAAG,IAAI,CAAC;QAE3C,qBAAqB;QAErB,4EAA4E;QAC5E,4EAA4E;QAC5E,MAAM,6BAA6B,GAAG,iCAAiC,CAAC;YACtE,eAAe,EAAE,IAAI,CAAC,eAAe;YACrC,UAAU,EAAE,kBAAkB,CAAC,EAAE,CAAC,kBAAkB,CAAC,QAAQ;SAC9D,CAAC,CAAC;QACH,2EAA2E;QAC3E,yEAAyE;QACzE,WAAW;QACX,MAAM,0BAA0B,GAAG,kCAAkC,CAAC;YACpE,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;YACvC,gBAAgB,EAAE,IAAI,CAAC,MAAM,CAAC,gBAAgB;YAC9C,UAAU,EAAE,CAAC,kBAAkB,EAAE,EAAE;gBACjC,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,kBAAkB,CAAC;gBACpD,MAAM,sBAAsB,GAAG,CAAC,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;gBAClE,OAAO,YAAY,IAAI,CAAC,sBAAsB,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YAClE,CAAC;SACF,CAAC,CAAC;QAEH,MAAM,mCAAmC,GAAG,yCAAyC,CAAC;YACpF,cAAc,EAAE,IAAI,CAAC,cAAc;SACpC,CAAC,CAAC;QAEH,0EAA0E;QAC1E,wEAAwE;QACxE,sEAAsE;QACtE,yCAAyC;QACzC,UAAU,CAAC,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;QAChE,UAAU,CAAC,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAC;QAEnE,uEAAuE;QACvE,mCAAmC;QACnC,UAAU,CAAC,YAAY,CAAC,QAAQ,CAAC,GAAG,CAClC,QAAQ,CAAC,EAAE,CAAC,QAAQ,EACpB,mCAAmC,CACpC,CAAC;QAEF,OAAO,UAAU,CAAC;IACpB,CAAC;CACF;AAED,eAAe,mBAAmB,CAAC","sourcesContent":["import axios from 'axios';\nimport PropTypes from 'prop-types';\nimport { camelCaseObject } from '../utils';\nimport AxiosCsrfTokenService from './AxiosCsrfTokenService';\nimport AxiosJwtTokenService from './AxiosJwtTokenService';\nimport createCsrfTokenProviderInterceptor from './interceptors/createCsrfTokenProviderInterceptor';\nimport createJwtTokenProviderInterceptor from './interceptors/createJwtTokenProviderInterceptor';\nimport createProcessAxiosRequestErrorInterceptor from './interceptors/createProcessAxiosRequestErrorInterceptor';\nimport configureCache from './LocalForageCache';\nimport { logFrontendAuthError } from './utils';\n\nconst optionsPropTypes = {\n config: PropTypes.shape({\n baseUrl: PropTypes.string.isRequired,\n lmsBaseUrl: PropTypes.string.isRequired,\n loginUrl: PropTypes.string.isRequired,\n logoutUrl: PropTypes.string.isRequired,\n refreshAccessTokenApiPath: PropTypes.string.isRequired,\n accessTokenCookieName: PropTypes.string.isRequired,\n csrfTokenApiPath: PropTypes.string.isRequired,\n }).isRequired,\n loggingService: PropTypes.shape({\n logError: PropTypes.func.isRequired,\n logInfo: PropTypes.func.isRequired,\n }).isRequired,\n};\n\n/**\n * @implements {AuthService}\n * @memberof module:Auth\n */\nclass AxiosJwtAuthService {\n /**\n * @param {Object} options\n * @param {Object} options.config\n * @param {string} options.config.baseUrl\n * @param {string} options.config.lmsBaseUrl\n * @param {string} options.config.loginUrl\n * @param {string} options.config.logoutUrl\n * @param {string} options.config.refreshAccessTokenApiPath\n * @param {string} options.config.accessTokenCookieName\n * @param {string} options.config.csrfTokenApiPath\n * @param {Object} options.loggingService requires logError and logInfo methods\n */\n constructor(options) {\n this.authenticatedHttpClient = null;\n this.httpClient = null;\n this.cachedAuthenticatedHttpClient = null;\n this.cachedHttpClient = null;\n this.authenticatedUser = null;\n\n PropTypes.checkPropTypes(optionsPropTypes, options, 'options', 'AuthService');\n\n this.config = options.config;\n this.loggingService = options.loggingService;\n this.jwtTokenService = new AxiosJwtTokenService(\n this.loggingService,\n this.config.accessTokenCookieName,\n this.config.lmsBaseUrl,\n this.config.refreshAccessTokenApiPath,\n );\n this.csrfTokenService = new AxiosCsrfTokenService(this.config.csrfTokenApiPath);\n this.authenticatedHttpClient = this.addAuthenticationToHttpClient(axios.create());\n this.httpClient = axios.create();\n configureCache()\n .then((cachedAxiosClient) => {\n this.cachedAuthenticatedHttpClient = this.addAuthenticationToHttpClient(cachedAxiosClient);\n this.cachedHttpClient = cachedAxiosClient;\n })\n .catch((e) => {\n // fallback to non-cached HTTP clients and log error\n this.cachedAuthenticatedHttpClient = this.authenticatedHttpClient;\n this.cachedHttpClient = this.httpClient;\n logFrontendAuthError(this.loggingService, `configureCache failed with error: ${e.message}`);\n }).finally(() => {\n this.middleware = options.middleware;\n this.applyMiddleware(options.middleware);\n });\n }\n\n /**\n * Applies middleware to the axios instances in this service.\n *\n * @param {Array} middleware Middleware to apply.\n */\n applyMiddleware(middleware = []) {\n const clients = [\n this.authenticatedHttpClient, this.httpClient,\n this.cachedAuthenticatedHttpClient, this.cachedHttpClient,\n ];\n try {\n (middleware).forEach((middlewareFn) => {\n clients.forEach((client) => client && middlewareFn(client));\n });\n } catch (error) {\n logFrontendAuthError(this.loggingService, error);\n throw error;\n }\n }\n\n /**\n * Gets the authenticated HTTP client for the service. This is an axios instance.\n *\n * @param {Object} [options] Optional options for how the HTTP client should be configured.\n * @param {boolean} [options.useCache] Whether to use front end caching for all requests made\n * with the returned client.\n *\n * @returns {HttpClient} A configured axios http client which can be used for authenticated\n * requests.\n */\n getAuthenticatedHttpClient(options = {}) {\n if (options.useCache) {\n return this.cachedAuthenticatedHttpClient;\n }\n\n return this.authenticatedHttpClient;\n }\n\n /**\n * Gets the unauthenticated HTTP client for the service. This is an axios instance.\n *\n * @param {Object} [options] Optional options for how the HTTP client should be configured.\n * @param {boolean} [options.useCache] Whether to use front end caching for all requests made\n * with the returned client.\n * @returns {HttpClient} A configured axios http client.\n */\n getHttpClient(options = {}) {\n if (options.useCache) {\n return this.cachedHttpClient;\n }\n\n return this.httpClient;\n }\n\n /**\n * Used primarily for testing.\n *\n * @ignore\n */\n getJwtTokenService() {\n return this.jwtTokenService;\n }\n\n /**\n * Used primarily for testing.\n *\n * @ignore\n */\n getCsrfTokenService() {\n return this.csrfTokenService;\n }\n\n /**\n * Builds a URL to the login page with a post-login redirect URL attached as a query parameter.\n *\n * ```\n * const url = getLoginRedirectUrl('http://localhost/mypage');\n * console.log(url); // http://localhost/login?next=http%3A%2F%2Flocalhost%2Fmypage\n * ```\n *\n * @param {string} redirectUrl The URL the user should be redirected to after logging in.\n */\n getLoginRedirectUrl(redirectUrl = this.config.baseUrl) {\n return `${this.config.loginUrl}?next=${encodeURIComponent(redirectUrl)}`;\n }\n\n /**\n * Redirects the user to the login page.\n *\n * @param {string} redirectUrl The URL the user should be redirected to after logging in.\n */\n redirectToLogin(redirectUrl = this.config.baseUrl) {\n global.location.assign(this.getLoginRedirectUrl(redirectUrl));\n }\n\n /**\n * Builds a URL to the logout page with a post-logout redirect URL attached as a query parameter.\n *\n * ```\n * const url = getLogoutRedirectUrl('http://localhost/mypage');\n * console.log(url); // http://localhost/logout?next=http%3A%2F%2Flocalhost%2Fmypage\n * ```\n *\n * @param {string} redirectUrl The URL the user should be redirected to after logging out.\n */\n getLogoutRedirectUrl(redirectUrl = this.config.baseUrl) {\n return `${this.config.logoutUrl}?redirect_url=${encodeURIComponent(redirectUrl)}`;\n }\n\n /**\n * Redirects the user to the logout page.\n *\n * @param {string} redirectUrl The URL the user should be redirected to after logging out.\n */\n redirectToLogout(redirectUrl = this.config.baseUrl) {\n global.location.assign(this.getLogoutRedirectUrl(redirectUrl));\n }\n\n /**\n * If it exists, returns the user data representing the currently authenticated user. If the\n * user is anonymous, returns null.\n *\n * @returns {UserData|null}\n */\n getAuthenticatedUser() {\n return this.authenticatedUser;\n }\n\n /**\n * Sets the authenticated user to the provided value.\n *\n * @param {UserData} authUser\n */\n setAuthenticatedUser(authUser) {\n this.authenticatedUser = authUser;\n }\n\n /**\n * Reads the authenticated user's access token. Resolves to null if the user is\n * unauthenticated.\n *\n * @returns {Promise<UserData>|Promise<null>} Resolves to the user's access token if they are\n * logged in.\n */\n async fetchAuthenticatedUser(options = {}) {\n const decodedAccessToken = await this.jwtTokenService.getJwtToken(options.forceRefresh || false);\n\n if (decodedAccessToken !== null) {\n this.setAuthenticatedUser({\n email: decodedAccessToken.email,\n userId: decodedAccessToken.user_id,\n username: decodedAccessToken.preferred_username,\n roles: decodedAccessToken.roles || [],\n administrator: decodedAccessToken.administrator,\n name: decodedAccessToken.name,\n });\n // Sets userId as a custom attribute that will be included with all subsequent log messages.\n // Very helpful for debugging.\n this.loggingService.setCustomAttribute('userId', decodedAccessToken.user_id);\n } else {\n this.setAuthenticatedUser(null);\n // Intentionally not setting `userId` in the logging service here because it would be useful\n // to know the previously logged in user for debugging refresh issues.\n }\n\n return this.getAuthenticatedUser();\n }\n\n /**\n * Ensures a user is authenticated. It will redirect to login when not\n * authenticated.\n *\n * @param {string} [redirectUrl=config.baseUrl] to return user after login when not\n * authenticated.\n * @returns {Promise<UserData>}\n */\n async ensureAuthenticatedUser(redirectUrl = this.config.baseUrl) {\n await this.fetchAuthenticatedUser();\n\n if (this.getAuthenticatedUser() === null) {\n const isRedirectFromLoginPage = global.document.referrer?.startsWith(this.config.loginUrl);\n\n if (isRedirectFromLoginPage) {\n const redirectLoopError = new Error('Redirect from login page. Rejecting to avoid infinite redirect loop.');\n logFrontendAuthError(this.loggingService, redirectLoopError);\n throw redirectLoopError;\n }\n\n // The user is not authenticated, send them to the login page.\n this.redirectToLogin(redirectUrl);\n\n const unauthorizedError = new Error('Failed to ensure the user is authenticated');\n unauthorizedError.isRedirecting = true;\n throw unauthorizedError;\n }\n\n return this.getAuthenticatedUser();\n }\n\n /**\n * Fetches additional user account information for the authenticated user and merges it into the\n * existing authenticatedUser object, available via getAuthenticatedUser().\n *\n * ```\n * console.log(authenticatedUser); // Will be sparse and only contain basic information.\n * await hydrateAuthenticatedUser()\n * const authenticatedUser = getAuthenticatedUser();\n * console.log(authenticatedUser); // Will contain additional user information\n * ```\n *\n * @returns {Promise<null>}\n */\n async hydrateAuthenticatedUser() {\n const user = this.getAuthenticatedUser();\n if (user !== null) {\n const response = await this.authenticatedHttpClient\n .get(`${this.config.lmsBaseUrl}/api/user/v1/accounts/${user.username}`);\n this.setAuthenticatedUser({ ...user, ...camelCaseObject(response.data) });\n }\n }\n\n /**\n * Adds authentication defaults and interceptors to an HTTP client instance.\n *\n * @param {HttpClient} newHttpClient\n * @param {Object} config\n * @param {string} [config.refreshAccessTokenApiPath]\n * @param {string} [config.accessTokenCookieName]\n * @param {string} [config.csrfTokenApiPath]\n * @returns {HttpClient} A configured Axios HTTP client.\n */\n addAuthenticationToHttpClient(newHttpClient) {\n const httpClient = Object.create(newHttpClient);\n // Set withCredentials to true. Enables cross-site Access-Control requests\n // to be made using cookies, authorization headers or TLS client\n // certificates. More on MDN:\n // https://developer.mozilla.org/en-US/docs/Web/API/XMLHttpRequest/withCredentials\n httpClient.defaults.withCredentials = true;\n\n // Axios interceptors\n\n // The JWT access token interceptor attempts to refresh the user's jwt token\n // before any request unless the isPublic flag is set on the request config.\n const refreshAccessTokenInterceptor = createJwtTokenProviderInterceptor({\n jwtTokenService: this.jwtTokenService,\n shouldSkip: axiosRequestConfig => axiosRequestConfig.isPublic,\n });\n // The CSRF token intercepter fetches and caches a csrf token for any post,\n // put, patch, or delete request. That token is then added to the request\n // headers.\n const attachCsrfTokenInterceptor = createCsrfTokenProviderInterceptor({\n csrfTokenService: this.csrfTokenService,\n csrfTokenApiPath: this.config.csrfTokenApiPath,\n shouldSkip: (axiosRequestConfig) => {\n const { method, isCsrfExempt } = axiosRequestConfig;\n const CSRF_PROTECTED_METHODS = ['post', 'put', 'patch', 'delete'];\n return isCsrfExempt || !CSRF_PROTECTED_METHODS.includes(method);\n },\n });\n\n const processAxiosRequestErrorInterceptor = createProcessAxiosRequestErrorInterceptor({\n loggingService: this.loggingService,\n });\n\n // Request interceptors: Axios runs the interceptors in reverse order from\n // how they are listed. After fetching csrf tokens no longer require jwt\n // authentication, it won't matter which happens first. This change is\n // coming soon in edx-platform. Nov. 2019\n httpClient.interceptors.request.use(attachCsrfTokenInterceptor);\n httpClient.interceptors.request.use(refreshAccessTokenInterceptor);\n\n // Response interceptor: moves axios response error data into the error\n // object at error.customAttributes\n httpClient.interceptors.response.use(\n response => response,\n processAxiosRequestErrorInterceptor,\n );\n\n return httpClient;\n }\n}\n\nexport default AxiosJwtAuthService;\n"]}