[github/Chocobozzz/PeerTube.git] / client / src / standalone / videos / shared / auth-http.ts

import { HttpStatusCode, OAuth2ErrorCode, UserRefreshToken } from '../../../../../shared/models'
import { OAuthUserTokens, objectToUrlEncoded } from '../../../root-helpers'
import { peertubeLocalStorage } from '../../../root-helpers/peertube-web-storage'

export class AuthHTTP {
  private readonly LOCAL_STORAGE_OAUTH_CLIENT_KEYS = {
    CLIENT_ID: 'client_id',
    CLIENT_SECRET: 'client_secret'
  }

  private userOAuthTokens: OAuthUserTokens

  private headers = new Headers()

  constructor () {
    this.userOAuthTokens = OAuthUserTokens.getUserTokens(peertubeLocalStorage)

    if (this.userOAuthTokens) this.setHeadersFromTokens()
  }

  fetch (url: string, { optionalAuth, method }: { optionalAuth: boolean, method?: string }) {
    const refreshFetchOptions = optionalAuth
      ? { headers: this.headers }
      : {}

    return this.refreshFetch(url.toString(), { ...refreshFetchOptions, method })
  }

  getHeaderTokenValue () {
    if (!this.userOAuthTokens) return null

    return `${this.userOAuthTokens.tokenType} ${this.userOAuthTokens.accessToken}`
  }

  isLoggedIn () {
    return !!this.userOAuthTokens
  }

  private refreshFetch (url: string, options?: RequestInit) {
    return fetch(url, options)
      .then((res: Response) => {
        if (res.status !== HttpStatusCode.UNAUTHORIZED_401) return res

        const refreshingTokenPromise = new Promise<void>((resolve, reject) => {
          const clientId: string = peertubeLocalStorage.getItem(this.LOCAL_STORAGE_OAUTH_CLIENT_KEYS.CLIENT_ID)
          const clientSecret: string = peertubeLocalStorage.getItem(this.LOCAL_STORAGE_OAUTH_CLIENT_KEYS.CLIENT_SECRET)

          const headers = new Headers()
          headers.set('Content-Type', 'application/x-www-form-urlencoded')

          const data = {
            refresh_token: this.userOAuthTokens.refreshToken,
            client_id: clientId,
            client_secret: clientSecret,
            response_type: 'code',
            grant_type: 'refresh_token'
          }

          fetch('/api/v1/users/token', {
            headers,
            method: 'POST',
            body: objectToUrlEncoded(data)
          }).then(res => {
            if (res.status === HttpStatusCode.UNAUTHORIZED_401) return undefined

            return res.json()
          }).then((obj: UserRefreshToken & { code?: OAuth2ErrorCode }) => {
            if (!obj || obj.code === OAuth2ErrorCode.INVALID_GRANT) {
              OAuthUserTokens.flushLocalStorage(peertubeLocalStorage)
              this.removeTokensFromHeaders()

              return resolve()
            }

            this.userOAuthTokens.accessToken = obj.access_token
            this.userOAuthTokens.refreshToken = obj.refresh_token
            OAuthUserTokens.saveToLocalStorage(peertubeLocalStorage, this.userOAuthTokens)

            this.setHeadersFromTokens()

            resolve()
          }).catch((refreshTokenError: any) => {
            reject(refreshTokenError)
          })
        })

        return refreshingTokenPromise
          .catch(() => {
            OAuthUserTokens.flushLocalStorage(peertubeLocalStorage)

            this.removeTokensFromHeaders()
          }).then(() => fetch(url, {
            ...options,

            headers: this.headers
          }))
      })
  }

  private setHeadersFromTokens () {
    this.headers.set('Authorization', this.getHeaderTokenValue())
  }

  private removeTokensFromHeaders () {
    this.headers.delete('Authorization')
  }
}
Commit	Line	Data
f1a0f3b7	1	import { HttpStatusCode, OAuth2ErrorCode, UserRefreshToken } from '../../../../../shared/models'
3545e72c	2	import { OAuthUserTokens, objectToUrlEncoded } from '../../../root-helpers'
f1a0f3b7 C	3	import { peertubeLocalStorage } from '../../../root-helpers/peertube-web-storage'
	4
	5	export class AuthHTTP {
	6	private readonly LOCAL_STORAGE_OAUTH_CLIENT_KEYS = {
	7	CLIENT_ID: 'client_id',
	8	CLIENT_SECRET: 'client_secret'
	9	}
	10
3545e72c	11	private userOAuthTokens: OAuthUserTokens
f1a0f3b7 C	12
	13	private headers = new Headers()
	14
	15	constructor () {
3545e72c	16	this.userOAuthTokens = OAuthUserTokens.getUserTokens(peertubeLocalStorage)
f1a0f3b7	17
3545e72c	18	if (this.userOAuthTokens) this.setHeadersFromTokens()
f1a0f3b7 C	19	}
f1a0f3b7 C	20
3545e72c	21	fetch (url: string, { optionalAuth, method }: { optionalAuth: boolean, method?: string }) {
f1a0f3b7 C	22	const refreshFetchOptions = optionalAuth
	23	? { headers: this.headers }
	24	: {}
	25
3545e72c	26	return this.refreshFetch(url.toString(), { ...refreshFetchOptions, method })
f1a0f3b7 C	27	}
	28
	29	getHeaderTokenValue () {
49e7e4d9 C	30	if (!this.userOAuthTokens) return null
49e7e4d9 C	31
3545e72c	32	return `${this.userOAuthTokens.tokenType} ${this.userOAuthTokens.accessToken}`
f1a0f3b7 C	33	}
	34
	35	isLoggedIn () {
3545e72c	36	return !!this.userOAuthTokens
f1a0f3b7 C	37	}
	38
	39	private refreshFetch (url: string, options?: RequestInit) {
	40	return fetch(url, options)
	41	.then((res: Response) => {
	42	if (res.status !== HttpStatusCode.UNAUTHORIZED_401) return res
	43
	44	const refreshingTokenPromise = new Promise<void>((resolve, reject) => {
	45	const clientId: string = peertubeLocalStorage.getItem(this.LOCAL_STORAGE_OAUTH_CLIENT_KEYS.CLIENT_ID)
	46	const clientSecret: string = peertubeLocalStorage.getItem(this.LOCAL_STORAGE_OAUTH_CLIENT_KEYS.CLIENT_SECRET)
	47
	48	const headers = new Headers()
	49	headers.set('Content-Type', 'application/x-www-form-urlencoded')
	50
	51	const data = {
3545e72c	52	refresh_token: this.userOAuthTokens.refreshToken,
f1a0f3b7 C	53	client_id: clientId,
	54	client_secret: clientSecret,
	55	response_type: 'code',
	56	grant_type: 'refresh_token'
	57	}
	58
	59	fetch('/api/v1/users/token', {
	60	headers,
	61	method: 'POST',
	62	body: objectToUrlEncoded(data)
	63	}).then(res => {
	64	if (res.status === HttpStatusCode.UNAUTHORIZED_401) return undefined
	65
	66	return res.json()
	67	}).then((obj: UserRefreshToken & { code?: OAuth2ErrorCode }) => {
	68	if (!obj \|\| obj.code === OAuth2ErrorCode.INVALID_GRANT) {
3545e72c	69	OAuthUserTokens.flushLocalStorage(peertubeLocalStorage)
f1a0f3b7 C	70	this.removeTokensFromHeaders()
	71
	72	return resolve()
	73	}
	74
3545e72c C	75	this.userOAuthTokens.accessToken = obj.access_token
	76	this.userOAuthTokens.refreshToken = obj.refresh_token
	77	OAuthUserTokens.saveToLocalStorage(peertubeLocalStorage, this.userOAuthTokens)
f1a0f3b7 C	78
	79	this.setHeadersFromTokens()
	80
	81	resolve()
	82	}).catch((refreshTokenError: any) => {
	83	reject(refreshTokenError)
	84	})
	85	})
	86
	87	return refreshingTokenPromise
	88	.catch(() => {
3545e72c	89	OAuthUserTokens.flushLocalStorage(peertubeLocalStorage)
f1a0f3b7 C	90
	91	this.removeTokensFromHeaders()
	92	}).then(() => fetch(url, {
	93	...options,
	94
	95	headers: this.headers
	96	}))
	97	})
	98	}
	99
	100	private setHeadersFromTokens () {
	101	this.headers.set('Authorization', this.getHeaderTokenValue())
	102	}
	103
	104	private removeTokensFromHeaders () {
	105	this.headers.delete('Authorization')
	106	}
	107	}