[github/Chocobozzz/PeerTube.git] / client / src / app / shared / shared-main / auth / auth-interceptor.service.ts

import { Observable, of, throwError as observableThrowError } from 'rxjs'
import { catchError, switchMap } from 'rxjs/operators'
import { HTTP_INTERCEPTORS, HttpErrorResponse, HttpEvent, HttpHandler, HttpInterceptor, HttpRequest } from '@angular/common/http'
import { Injectable, Injector } from '@angular/core'
import { Router } from '@angular/router'
import { AuthService } from '@app/core/auth/auth.service'
import { HttpStatusCode } from '@shared/models'
import { OAuth2ErrorCode, PeerTubeProblemDocument } from '@shared/models/server'

@Injectable()
export class AuthInterceptor implements HttpInterceptor {
  private authService: AuthService

  // https://github.com/angular/angular/issues/18224#issuecomment-316957213
  constructor (private injector: Injector, private router: Router) {}

  intercept (req: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
    if (this.authService === undefined) {
      this.authService = this.injector.get(AuthService)
    }

    const authReq = this.cloneRequestWithAuth(req)

    // Pass on the cloned request instead of the original request
    // Catch 401 errors (refresh token expired)
    return next.handle(authReq)
               .pipe(
                 catchError((err: HttpErrorResponse) => {
                   const error = err.error as PeerTubeProblemDocument

                   if (err.status === HttpStatusCode.UNAUTHORIZED_401 && error && error.code === OAuth2ErrorCode.INVALID_TOKEN) {
                     return this.handleTokenExpired(req, next)
                   }

                   if (err.status === HttpStatusCode.UNAUTHORIZED_401) {
                     return this.handleNotAuthenticated(err)
                   }

                   return observableThrowError(err)
                 })
               )
  }

  private handleTokenExpired (req: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
    return this.authService.refreshAccessToken()
               .pipe(
                 switchMap(() => {
                   const authReq = this.cloneRequestWithAuth(req)

                   return next.handle(authReq)
                 })
               )
  }

  private cloneRequestWithAuth (req: HttpRequest<any>) {
    const authHeaderValue = this.authService.getRequestHeaderValue()

    if (authHeaderValue === null) return req

    // Clone the request to add the new header
    return req.clone({ headers: req.headers.set('Authorization', authHeaderValue) })
  }

  private handleNotAuthenticated (err: HttpErrorResponse, path = '/login'): Observable<any> {
    this.router.navigateByUrl(path)
    return of(err.message)
  }
}

export const AUTH_INTERCEPTOR_PROVIDER = {
  provide: HTTP_INTERCEPTORS,
  useClass: AuthInterceptor,
  multi: true
}
Commit	Line	Data
ab398a05	1	import { Observable, of, throwError as observableThrowError } from 'rxjs'
db400f44	2	import { catchError, switchMap } from 'rxjs/operators'
c0e8b12e	3	import { HTTP_INTERCEPTORS, HttpErrorResponse, HttpEvent, HttpHandler, HttpInterceptor, HttpRequest } from '@angular/common/http'
67ed6552	4	import { Injectable, Injector } from '@angular/core'
ab398a05	5	import { Router } from '@angular/router'
c0e8b12e C	6	import { AuthService } from '@app/core/auth/auth.service'
	7	import { HttpStatusCode } from '@shared/models'
	8	import { OAuth2ErrorCode, PeerTubeProblemDocument } from '@shared/models/server'
d592e0a9 C	9
	10	@Injectable()
	11	export class AuthInterceptor implements HttpInterceptor {
	12	private authService: AuthService
	13
	14	// https://github.com/angular/angular/issues/18224#issuecomment-316957213
ab398a05	15	constructor (private injector: Injector, private router: Router) {}
d592e0a9 C	16
	17	intercept (req: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
	18	if (this.authService === undefined) {
	19	this.authService = this.injector.get(AuthService)
	20	}
	21
	22	const authReq = this.cloneRequestWithAuth(req)
	23
	24	// Pass on the cloned request instead of the original request
	25	// Catch 401 errors (refresh token expired)
	26	return next.handle(authReq)
db400f44	27	.pipe(
ab398a05	28	catchError((err: HttpErrorResponse) => {
e030bfb5 C	29	const error = err.error as PeerTubeProblemDocument
	30
	31	if (err.status === HttpStatusCode.UNAUTHORIZED_401 && error && error.code === OAuth2ErrorCode.INVALID_TOKEN) {
db400f44	32	return this.handleTokenExpired(req, next)
f43db2f4 C	33	}
	34
	35	if (err.status === HttpStatusCode.UNAUTHORIZED_401) {
ab398a05	36	return this.handleNotAuthenticated(err)
db400f44 C	37	}
	38
	39	return observableThrowError(err)
	40	})
	41	)
d592e0a9 C	42	}
	43
	44	private handleTokenExpired (req: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
	45	return this.authService.refreshAccessToken()
db400f44 C	46	.pipe(
	47	switchMap(() => {
	48	const authReq = this.cloneRequestWithAuth(req)
d592e0a9	49
db400f44 C	50	return next.handle(authReq)
	51	})
	52	)
d592e0a9 C	53	}
	54
	55	private cloneRequestWithAuth (req: HttpRequest<any>) {
	56	const authHeaderValue = this.authService.getRequestHeaderValue()
	57
	58	if (authHeaderValue === null) return req
	59
	60	// Clone the request to add the new header
	61	return req.clone({ headers: req.headers.set('Authorization', authHeaderValue) })
	62	}
ab398a05 RK	63
	64	private handleNotAuthenticated (err: HttpErrorResponse, path = '/login'): Observable<any> {
	65	this.router.navigateByUrl(path)
	66	return of(err.message)
	67	}
d592e0a9 C	68	}
	69
	70	export const AUTH_INTERCEPTOR_PROVIDER = {
	71	provide: HTTP_INTERCEPTORS,
	72	useClass: AuthInterceptor,
	73	multi: true
	74	}