1 import { Injectable } from '@angular/core';
2 import { Headers, Http, Response, URLSearchParams } from '@angular/http';
3 import { Observable } from 'rxjs/Observable';
4 import { Subject } from 'rxjs/Subject';
6 import { AuthStatus } from './auth-status.model';
7 import { User } from './user.model';
10 export class AuthService {
11 private static BASE_CLIENT_URL = '/api/v1/users/client';
12 private static BASE_TOKEN_URL = '/api/v1/users/token';
14 loginChangedSource: Observable<AuthStatus>;
16 private clientId: string;
17 private clientSecret: string;
18 private loginChanged: Subject<AuthStatus>;
19 private user: User = null;
21 constructor(private http: Http) {
22 this.loginChanged = new Subject<AuthStatus>();
23 this.loginChangedSource = this.loginChanged.asObservable();
25 // Fetch the client_id/client_secret
26 // FIXME: save in local storage?
27 this.http.get(AuthService.BASE_CLIENT_URL)
28 .map(res => res.json())
29 .catch(this.handleError)
32 this.clientId = result.client_id;
33 this.clientSecret = result.client_secret;
34 console.log('Client credentials loaded.');
41 // Return null if there is nothing to load
42 this.user = User.load();
46 if (this.user === null) return null;
48 return this.user.getRefreshToken();
51 getRequestHeaderValue() {
52 return `${this.getTokenType()} ${this.getAccessToken()}`;
56 if (this.user === null) return null;
58 return this.user.getAccessToken();
62 if (this.user === null) return null;
64 return this.user.getTokenType();
72 if (this.getAccessToken()) {
79 login(username: string, password: string) {
80 let body = new URLSearchParams();
81 body.set('client_id', this.clientId);
82 body.set('client_secret', this.clientSecret);
83 body.set('response_type', 'code');
84 body.set('grant_type', 'password');
85 body.set('scope', 'upload');
86 body.set('username', username);
87 body.set('password', password);
89 let headers = new Headers();
90 headers.append('Content-Type', 'application/x-www-form-urlencoded');
96 return this.http.post(AuthService.BASE_TOKEN_URL, body.toString(), options)
97 .map(res => res.json())
99 res.username = username;
102 .map(res => this.handleLogin(res))
103 .catch(this.handleError);
107 // TODO: make an HTTP request to revoke the tokens
111 this.setStatus(AuthStatus.LoggedIn);
114 refreshAccessToken() {
115 console.log('Refreshing token...');
117 const refreshToken = this.getRefreshToken();
119 let body = new URLSearchParams();
120 body.set('refresh_token', refreshToken);
121 body.set('client_id', this.clientId);
122 body.set('client_secret', this.clientSecret);
123 body.set('response_type', 'code');
124 body.set('grant_type', 'refresh_token');
126 let headers = new Headers();
127 headers.append('Content-Type', 'application/x-www-form-urlencoded');
133 return this.http.post(AuthService.BASE_TOKEN_URL, body.toString(), options)
134 .map(res => res.json())
135 .map(res => this.handleRefreshToken(res))
136 .catch(this.handleError);
139 private setStatus(status: AuthStatus) {
140 this.loginChanged.next(status);
143 private handleLogin (obj: any) {
144 const username = obj.username;
145 const hash_tokens = {
146 access_token: obj.access_token,
147 token_type: obj.token_type,
148 refresh_token: obj.refresh_token
151 this.user = new User(username, hash_tokens);
154 this.setStatus(AuthStatus.LoggedIn);
157 private handleError (error: Response) {
158 console.error(error);
159 return Observable.throw(error.json() || { error: 'Server error' });
162 private handleRefreshToken (obj: any) {
163 this.user.refreshTokens(obj.access_token, obj.refresh_token);