client/src/app/shared/shared-main/auth/auth-interceptor.service.ts

   1 import { Observable, of, throwError as observableThrowError } from 'rxjs'
   2 import { catchError, switchMap } from 'rxjs/operators'
   3 import { HTTP_INTERCEPTORS, HttpErrorResponse, HttpEvent, HttpHandler, HttpInterceptor, HttpRequest } from '@angular/common/http'
   4 import { Injectable, Injector } from '@angular/core'
   5 import { Router } from '@angular/router'
   6 import { AuthService } from '@app/core/auth/auth.service'
   7 import { HttpStatusCode } from '@shared/models'
   8 import { OAuth2ErrorCode, PeerTubeProblemDocument } from '@shared/models/server'
   9
  10 @Injectable()
  11 export class AuthInterceptor implements HttpInterceptor {
  12   private authService: AuthService
  13
  14   // https://github.com/angular/angular/issues/18224#issuecomment-316957213
  15   constructor (private injector: Injector, private router: Router) {}
  16
  17   intercept (req: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
  18     if (this.authService === undefined) {
  19       this.authService = this.injector.get(AuthService)
  20     }
  21
  22     const authReq = this.cloneRequestWithAuth(req)
  23
  24     // Pass on the cloned request instead of the original request
  25     // Catch 401 errors (refresh token expired)
  26     return next.handle(authReq)
  27                .pipe(
  28                  catchError((err: HttpErrorResponse) => {
  29                    const error = err.error as PeerTubeProblemDocument
  30
  31                    if (err.status === HttpStatusCode.UNAUTHORIZED_401 && error && error.code === OAuth2ErrorCode.INVALID_TOKEN) {
  32                      return this.handleTokenExpired(req, next)
  33                    }
  34
  35                    if (err.status === HttpStatusCode.UNAUTHORIZED_401) {
  36                      return this.handleNotAuthenticated(err)
  37                    }
  38
  39                    return observableThrowError(err)
  40                  })
  41                )
  42   }
  43
  44   private handleTokenExpired (req: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
  45     return this.authService.refreshAccessToken()
  46                .pipe(
  47                  switchMap(() => {
  48                    const authReq = this.cloneRequestWithAuth(req)
  49
  50                    return next.handle(authReq)
  51                  })
  52                )
  53   }
  54
  55   private cloneRequestWithAuth (req: HttpRequest<any>) {
  56     const authHeaderValue = this.authService.getRequestHeaderValue()
  57
  58     if (authHeaderValue === null) return req
  59
  60     // Clone the request to add the new header
  61     return req.clone({ headers: req.headers.set('Authorization', authHeaderValue) })
  62   }
  63
  64   private handleNotAuthenticated (err: HttpErrorResponse, path = '/login'): Observable<any> {
  65     this.router.navigateByUrl(path)
  66     return of(err.message)
  67   }
  68 }
  69
  70 export const AUTH_INTERCEPTOR_PROVIDER = {
  71   provide: HTTP_INTERCEPTORS,
  72   useClass: AuthInterceptor,
  73   multi: true
  74 }