]>
Commit | Line | Data |
---|---|---|
1 | import { Observable, of, throwError as observableThrowError } from 'rxjs' | |
2 | import { catchError, switchMap } from 'rxjs/operators' | |
3 | import { HTTP_INTERCEPTORS, HttpErrorResponse, HttpEvent, HttpHandler, HttpInterceptor, HttpRequest } from '@angular/common/http' | |
4 | import { Injectable, Injector } from '@angular/core' | |
5 | import { Router } from '@angular/router' | |
6 | import { AuthService } from '@app/core/auth/auth.service' | |
7 | import { HttpStatusCode } from '@shared/models' | |
8 | import { OAuth2ErrorCode, PeerTubeProblemDocument } from '@shared/models/server' | |
9 | ||
10 | @Injectable() | |
11 | export class AuthInterceptor implements HttpInterceptor { | |
12 | private authService: AuthService | |
13 | ||
14 | // https://github.com/angular/angular/issues/18224#issuecomment-316957213 | |
15 | constructor (private injector: Injector, private router: Router) {} | |
16 | ||
17 | intercept (req: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> { | |
18 | if (this.authService === undefined) { | |
19 | this.authService = this.injector.get(AuthService) | |
20 | } | |
21 | ||
22 | const authReq = this.cloneRequestWithAuth(req) | |
23 | ||
24 | // Pass on the cloned request instead of the original request | |
25 | // Catch 401 errors (refresh token expired) | |
26 | return next.handle(authReq) | |
27 | .pipe( | |
28 | catchError((err: HttpErrorResponse) => { | |
29 | const error = err.error as PeerTubeProblemDocument | |
30 | ||
31 | if (err.status === HttpStatusCode.UNAUTHORIZED_401 && error && error.code === OAuth2ErrorCode.INVALID_TOKEN) { | |
32 | return this.handleTokenExpired(req, next) | |
33 | } | |
34 | ||
35 | if (err.status === HttpStatusCode.UNAUTHORIZED_401) { | |
36 | return this.handleNotAuthenticated(err) | |
37 | } | |
38 | ||
39 | return observableThrowError(() => err) | |
40 | }) | |
41 | ) | |
42 | } | |
43 | ||
44 | private handleTokenExpired (req: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> { | |
45 | return this.authService.refreshAccessToken() | |
46 | .pipe( | |
47 | switchMap(() => { | |
48 | const authReq = this.cloneRequestWithAuth(req) | |
49 | ||
50 | return next.handle(authReq) | |
51 | }) | |
52 | ) | |
53 | } | |
54 | ||
55 | private cloneRequestWithAuth (req: HttpRequest<any>) { | |
56 | const authHeaderValue = this.authService.getRequestHeaderValue() | |
57 | ||
58 | if (authHeaderValue === null) return req | |
59 | ||
60 | // Clone the request to add the new header | |
61 | return req.clone({ headers: req.headers.set('Authorization', authHeaderValue) }) | |
62 | } | |
63 | ||
64 | private handleNotAuthenticated (err: HttpErrorResponse, path = '/login'): Observable<any> { | |
65 | this.router.navigateByUrl(path) | |
66 | return of(err.message) | |
67 | } | |
68 | } | |
69 | ||
70 | export const AUTH_INTERCEPTOR_PROVIDER = { | |
71 | provide: HTTP_INTERCEPTORS, | |
72 | useClass: AuthInterceptor, | |
73 | multi: true | |
74 | } |