[github/Chocobozzz/PeerTube.git] / client / src / app / shared / auth / auth.service.ts

import { Injectable } from '@angular/core';
import { Headers, Http, URLSearchParams } from '@angular/http';
import { Observable } from 'rxjs/Observable';
import { Subject } from 'rxjs/Subject';

import { AuthStatus } from './auth-status.model';
import { AuthUser } from './auth-user.model';
import { RestExtractor } from '../rest';

@Injectable()
export class AuthService {
  private static BASE_CLIENT_URL = '/api/v1/clients/local';
  private static BASE_TOKEN_URL = '/api/v1/users/token';
  private static BASE_USER_INFORMATIONS_URL = '/api/v1/users/me';

  loginChangedSource: Observable<AuthStatus>;

  private clientId: string;
  private clientSecret: string;
  private loginChanged: Subject<AuthStatus>;
  private user: AuthUser = null;

  constructor(private http: Http, private restExtractor: RestExtractor) {
    this.loginChanged = new Subject<AuthStatus>();
    this.loginChangedSource = this.loginChanged.asObservable();

    // Fetch the client_id/client_secret
    // FIXME: save in local storage?
    this.http.get(AuthService.BASE_CLIENT_URL)
      .map(this.restExtractor.extractDataGet)
      .catch((res) => this.restExtractor.handleError(res))
      .subscribe(
        result => {
          this.clientId = result.client_id;
          this.clientSecret = result.client_secret;
          console.log('Client credentials loaded.');
        },
        error => {
          alert(error);
        }
      );

    // Return null if there is nothing to load
    this.user = AuthUser.load();
  }

  getRefreshToken() {
    if (this.user === null) return null;

    return this.user.getRefreshToken();
  }

  getRequestHeaderValue() {
    return `${this.getTokenType()} ${this.getAccessToken()}`;
  }

  getAccessToken() {
    if (this.user === null) return null;

    return this.user.getAccessToken();
  }

  getTokenType() {
    if (this.user === null) return null;

    return this.user.getTokenType();
  }

  getUser(): AuthUser {
    return this.user;
  }

  isAdmin() {
    if (this.user === null) return false;

    return this.user.isAdmin();
  }

  isLoggedIn() {
    if (this.getAccessToken()) {
      return true;
    } else {
      return false;
    }
  }

  login(username: string, password: string) {
    let body = new URLSearchParams();
    body.set('client_id', this.clientId);
    body.set('client_secret', this.clientSecret);
    body.set('response_type', 'code');
    body.set('grant_type', 'password');
    body.set('scope', 'upload');
    body.set('username', username);
    body.set('password', password);

    let headers = new Headers();
    headers.append('Content-Type', 'application/x-www-form-urlencoded');

    let options = {
      headers: headers
    };

    return this.http.post(AuthService.BASE_TOKEN_URL, body.toString(), options)
                    .map(this.restExtractor.extractDataGet)
                    .map(res => {
                      res.username = username;
                      return res;
                    })
                    .flatMap(res => this.fetchUserInformations(res))
                    .map(res => this.handleLogin(res))
                    .catch((res) => this.restExtractor.handleError(res));
  }

  logout() {
    // TODO: make an HTTP request to revoke the tokens
    this.user = null;
    AuthUser.flush();

    this.setStatus(AuthStatus.LoggedOut);
  }

  refreshAccessToken() {
    console.log('Refreshing token...');

    const refreshToken = this.getRefreshToken();

    let body = new URLSearchParams();
    body.set('refresh_token', refreshToken);
    body.set('client_id', this.clientId);
    body.set('client_secret', this.clientSecret);
    body.set('response_type', 'code');
    body.set('grant_type', 'refresh_token');

    let headers = new Headers();
    headers.append('Content-Type', 'application/x-www-form-urlencoded');

    let options = {
      headers: headers
    };

    return this.http.post(AuthService.BASE_TOKEN_URL, body.toString(), options)
                    .map(this.restExtractor.extractDataGet)
                    .map(res => this.handleRefreshToken(res))
                    .catch((res) => this.restExtractor.handleError(res));
  }

  private fetchUserInformations (obj: any) {
    // Do not call authHttp here to avoid circular dependencies headaches

    const headers = new Headers();
    headers.set('Authorization', `Bearer ${obj.access_token}`);

    return this.http.get(AuthService.BASE_USER_INFORMATIONS_URL, { headers })
             .map(res => res.json())
             .map(res => {
               obj.id = res.id;
               obj.role = res.role;
               return obj;
             }
    );
  }

  private handleLogin (obj: any) {
    const id = obj.id;
    const username = obj.username;
    const role = obj.role;
    const hashTokens = {
      access_token: obj.access_token,
      token_type: obj.token_type,
      refresh_token: obj.refresh_token
    };

    this.user = new AuthUser({ id, username, role }, hashTokens);
    this.user.save();

    this.setStatus(AuthStatus.LoggedIn);
  }

  private handleRefreshToken (obj: any) {
    this.user.refreshTokens(obj.access_token, obj.refresh_token);
    this.user.save();
  }

  private setStatus(status: AuthStatus) {
    this.loginChanged.next(status);
  }

}
Commit	Line	Data
	1	import { Injectable } from '@angular/core';
	2	import { Headers, Http, URLSearchParams } from '@angular/http';
	3	import { Observable } from 'rxjs/Observable';
	4	import { Subject } from 'rxjs/Subject';
	5
	6	import { AuthStatus } from './auth-status.model';
	7	import { AuthUser } from './auth-user.model';
	8	import { RestExtractor } from '../rest';
	9
	10	@Injectable()
	11	export class AuthService {
	12	private static BASE_CLIENT_URL = '/api/v1/clients/local';
	13	private static BASE_TOKEN_URL = '/api/v1/users/token';
	14	private static BASE_USER_INFORMATIONS_URL = '/api/v1/users/me';
	15
	16	loginChangedSource: Observable<AuthStatus>;
	17
	18	private clientId: string;
	19	private clientSecret: string;
	20	private loginChanged: Subject<AuthStatus>;
	21	private user: AuthUser = null;
	22
	23	constructor(private http: Http, private restExtractor: RestExtractor) {
	24	this.loginChanged = new Subject<AuthStatus>();
	25	this.loginChangedSource = this.loginChanged.asObservable();
	26
	27	// Fetch the client_id/client_secret
	28	// FIXME: save in local storage?
	29	this.http.get(AuthService.BASE_CLIENT_URL)
	30	.map(this.restExtractor.extractDataGet)
	31	.catch((res) => this.restExtractor.handleError(res))
	32	.subscribe(
	33	result => {
	34	this.clientId = result.client_id;
	35	this.clientSecret = result.client_secret;
	36	console.log('Client credentials loaded.');
	37	},
	38	error => {
	39	alert(error);
	40	}
	41	);
	42
	43	// Return null if there is nothing to load
	44	this.user = AuthUser.load();
	45	}
	46
	47	getRefreshToken() {
	48	if (this.user === null) return null;
	49
	50	return this.user.getRefreshToken();
	51	}
	52
	53	getRequestHeaderValue() {
	54	return `${this.getTokenType()} ${this.getAccessToken()}`;
	55	}
	56
	57	getAccessToken() {
	58	if (this.user === null) return null;
	59
	60	return this.user.getAccessToken();
	61	}
	62
	63	getTokenType() {
	64	if (this.user === null) return null;
	65
	66	return this.user.getTokenType();
	67	}
	68
	69	getUser(): AuthUser {
	70	return this.user;
	71	}
	72
	73	isAdmin() {
	74	if (this.user === null) return false;
	75
	76	return this.user.isAdmin();
	77	}
	78
	79	isLoggedIn() {
	80	if (this.getAccessToken()) {
	81	return true;
	82	} else {
	83	return false;
	84	}
	85	}
	86
	87	login(username: string, password: string) {
	88	let body = new URLSearchParams();
	89	body.set('client_id', this.clientId);
	90	body.set('client_secret', this.clientSecret);
	91	body.set('response_type', 'code');
	92	body.set('grant_type', 'password');
	93	body.set('scope', 'upload');
	94	body.set('username', username);
	95	body.set('password', password);
	96
	97	let headers = new Headers();
	98	headers.append('Content-Type', 'application/x-www-form-urlencoded');
	99
	100	let options = {
	101	headers: headers
	102	};
	103
	104	return this.http.post(AuthService.BASE_TOKEN_URL, body.toString(), options)
	105	.map(this.restExtractor.extractDataGet)
	106	.map(res => {
	107	res.username = username;
	108	return res;
	109	})
	110	.flatMap(res => this.fetchUserInformations(res))
	111	.map(res => this.handleLogin(res))
	112	.catch((res) => this.restExtractor.handleError(res));
	113	}
	114
	115	logout() {
	116	// TODO: make an HTTP request to revoke the tokens
	117	this.user = null;
	118	AuthUser.flush();
	119
	120	this.setStatus(AuthStatus.LoggedOut);
	121	}
	122
	123	refreshAccessToken() {
	124	console.log('Refreshing token...');
	125
	126	const refreshToken = this.getRefreshToken();
	127
	128	let body = new URLSearchParams();
	129	body.set('refresh_token', refreshToken);
	130	body.set('client_id', this.clientId);
	131	body.set('client_secret', this.clientSecret);
	132	body.set('response_type', 'code');
	133	body.set('grant_type', 'refresh_token');
	134
	135	let headers = new Headers();
	136	headers.append('Content-Type', 'application/x-www-form-urlencoded');
	137
	138	let options = {
	139	headers: headers
	140	};
	141
	142	return this.http.post(AuthService.BASE_TOKEN_URL, body.toString(), options)
	143	.map(this.restExtractor.extractDataGet)
	144	.map(res => this.handleRefreshToken(res))
	145	.catch((res) => this.restExtractor.handleError(res));
	146	}
	147
	148	private fetchUserInformations (obj: any) {
	149	// Do not call authHttp here to avoid circular dependencies headaches
	150
	151	const headers = new Headers();
	152	headers.set('Authorization', `Bearer ${obj.access_token}`);
	153
	154	return this.http.get(AuthService.BASE_USER_INFORMATIONS_URL, { headers })
	155	.map(res => res.json())
	156	.map(res => {
	157	obj.id = res.id;
	158	obj.role = res.role;
	159	return obj;
	160	}
	161	);
	162	}
	163
	164	private handleLogin (obj: any) {
	165	const id = obj.id;
	166	const username = obj.username;
	167	const role = obj.role;
	168	const hashTokens = {
	169	access_token: obj.access_token,
	170	token_type: obj.token_type,
	171	refresh_token: obj.refresh_token
	172	};
	173
	174	this.user = new AuthUser({ id, username, role }, hashTokens);
	175	this.user.save();
	176
	177	this.setStatus(AuthStatus.LoggedIn);
	178	}
	179
	180	private handleRefreshToken (obj: any) {
	181	this.user.refreshTokens(obj.access_token, obj.refresh_token);
	182	this.user.save();
	183	}
	184
	185	private setStatus(status: AuthStatus) {
	186	this.loginChanged.next(status);
	187	}
	188
	189	}