2021-01-24 03:02:04 +01:00
|
|
|
import { Observable, of, throwError as observableThrowError } from 'rxjs'
|
2018-05-15 11:55:51 +02:00
|
|
|
import { catchError, switchMap } from 'rxjs/operators'
|
2021-07-16 10:42:24 +02:00
|
|
|
import { HTTP_INTERCEPTORS, HttpErrorResponse, HttpEvent, HttpHandler, HttpInterceptor, HttpRequest } from '@angular/common/http'
|
2020-06-23 14:10:17 +02:00
|
|
|
import { Injectable, Injector } from '@angular/core'
|
2021-01-24 03:02:04 +01:00
|
|
|
import { Router } from '@angular/router'
|
2021-07-16 10:42:24 +02:00
|
|
|
import { AuthService } from '@app/core/auth/auth.service'
|
|
|
|
|
import { HttpStatusCode } from '@shared/models'
|
|
|
|
|
import { OAuth2ErrorCode, PeerTubeProblemDocument } from '@shared/models/server'
|
2017-09-14 11:57:49 +02:00
|
|
|
|
|
|
|
|
@Injectable()
|
|
|
|
|
export class AuthInterceptor implements HttpInterceptor {
|
|
|
|
|
private authService: AuthService
|
|
|
|
|
|
|
|
|
|
// https://github.com/angular/angular/issues/18224#issuecomment-316957213
|
2021-01-24 03:02:04 +01:00
|
|
|
constructor (private injector: Injector, private router: Router) {}
|
2017-09-14 11:57:49 +02:00
|
|
|
|
|
|
|
|
intercept (req: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
|
|
|
|
|
if (this.authService === undefined) {
|
|
|
|
|
this.authService = this.injector.get(AuthService)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const authReq = this.cloneRequestWithAuth(req)
|
|
|
|
|
|
|
|
|
|
// Pass on the cloned request instead of the original request
|
|
|
|
|
// Catch 401 errors (refresh token expired)
|
|
|
|
|
return next.handle(authReq)
|
2018-05-15 11:55:51 +02:00
|
|
|
.pipe(
|
2021-01-24 03:02:04 +01:00
|
|
|
catchError((err: HttpErrorResponse) => {
|
2021-06-02 18:15:41 +02:00
|
|
|
const error = err.error as PeerTubeProblemDocument
|
|
|
|
|
|
|
|
|
|
if (err.status === HttpStatusCode.UNAUTHORIZED_401 && error && error.code === OAuth2ErrorCode.INVALID_TOKEN) {
|
2018-05-15 11:55:51 +02:00
|
|
|
return this.handleTokenExpired(req, next)
|
2021-03-12 15:20:46 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (err.status === HttpStatusCode.UNAUTHORIZED_401) {
|
2021-01-24 03:02:04 +01:00
|
|
|
return this.handleNotAuthenticated(err)
|
2018-05-15 11:55:51 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return observableThrowError(err)
|
|
|
|
|
})
|
|
|
|
|
)
|
2017-09-14 11:57:49 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private handleTokenExpired (req: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
|
|
|
|
|
return this.authService.refreshAccessToken()
|
2018-05-15 11:55:51 +02:00
|
|
|
.pipe(
|
|
|
|
|
switchMap(() => {
|
|
|
|
|
const authReq = this.cloneRequestWithAuth(req)
|
2017-09-14 11:57:49 +02:00
|
|
|
|
2018-05-15 11:55:51 +02:00
|
|
|
return next.handle(authReq)
|
|
|
|
|
})
|
|
|
|
|
)
|
2017-09-14 11:57:49 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
private cloneRequestWithAuth (req: HttpRequest<any>) {
|
|
|
|
|
const authHeaderValue = this.authService.getRequestHeaderValue()
|
|
|
|
|
|
|
|
|
|
if (authHeaderValue === null) return req
|
|
|
|
|
|
|
|
|
|
// Clone the request to add the new header
|
|
|
|
|
return req.clone({ headers: req.headers.set('Authorization', authHeaderValue) })
|
|
|
|
|
}
|
2021-01-24 03:02:04 +01:00
|
|
|
|
|
|
|
|
private handleNotAuthenticated (err: HttpErrorResponse, path = '/login'): Observable<any> {
|
|
|
|
|
this.router.navigateByUrl(path)
|
|
|
|
|
return of(err.message)
|
|
|
|
|
}
|
2017-09-14 11:57:49 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
export const AUTH_INTERCEPTOR_PROVIDER = {
|
|
|
|
|
provide: HTTP_INTERCEPTORS,
|
|
|
|
|
useClass: AuthInterceptor,
|
|
|
|
|
multi: true
|
|
|
|
|
}
|
