aboutsummaryrefslogtreecommitdiffhomepage
path: root/client/src/standalone/videos/shared/auth-http.ts
blob: 3dfc47b88cfa7f58a22230b2c849047914a8b19d (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
import { HttpStatusCode, OAuth2ErrorCode, OAuth2ErrorCodeType, UserRefreshToken } from '@peertube/peertube-models'
import { OAuthUserTokens, objectToUrlEncoded } from '../../../root-helpers'
import { peertubeLocalStorage } from '../../../root-helpers/peertube-web-storage'

export class AuthHTTP {
  private readonly LOCAL_STORAGE_OAUTH_CLIENT_KEYS = {
    CLIENT_ID: 'client_id',
    CLIENT_SECRET: 'client_secret'
  }

  private userOAuthTokens: OAuthUserTokens

  private headers = new Headers()

  constructor () {
    this.userOAuthTokens = OAuthUserTokens.getUserTokens(peertubeLocalStorage)

    if (this.userOAuthTokens) this.setHeadersFromTokens()
  }

  fetch (url: string, { optionalAuth, method }: { optionalAuth: boolean, method?: string }, videoPassword?: string) {
    let refreshFetchOptions: { headers?: Headers } = {}

    if (videoPassword) this.headers.set('x-peertube-video-password', videoPassword)

    if (videoPassword || optionalAuth) refreshFetchOptions = { headers: this.headers }

    return this.refreshFetch(url.toString(), { ...refreshFetchOptions, method })
  }

  getHeaderTokenValue () {
    if (!this.userOAuthTokens) return null

    return `${this.userOAuthTokens.tokenType} ${this.userOAuthTokens.accessToken}`
  }

  isLoggedIn () {
    return !!this.userOAuthTokens
  }

  private refreshFetch (url: string, options?: RequestInit) {
    return fetch(url, options)
      .then((res: Response) => {
        if (res.status !== HttpStatusCode.UNAUTHORIZED_401) return res

        const refreshingTokenPromise = new Promise<void>((resolve, reject) => {
          const clientId: string = peertubeLocalStorage.getItem(this.LOCAL_STORAGE_OAUTH_CLIENT_KEYS.CLIENT_ID)
          const clientSecret: string = peertubeLocalStorage.getItem(this.LOCAL_STORAGE_OAUTH_CLIENT_KEYS.CLIENT_SECRET)

          const headers = new Headers()
          headers.set('Content-Type', 'application/x-www-form-urlencoded')

          const data = {
            refresh_token: this.userOAuthTokens.refreshToken,
            client_id: clientId,
            client_secret: clientSecret,
            response_type: 'code',
            grant_type: 'refresh_token'
          }

          fetch('/api/v1/users/token', {
            headers,
            method: 'POST',
            body: objectToUrlEncoded(data)
          }).then(res => {
            if (res.status === HttpStatusCode.UNAUTHORIZED_401) return undefined

            return res.json()
          }).then((obj: UserRefreshToken & { code?: OAuth2ErrorCodeType }) => {
            if (!obj || obj.code === OAuth2ErrorCode.INVALID_GRANT) {
              OAuthUserTokens.flushLocalStorage(peertubeLocalStorage)
              this.removeTokensFromHeaders()

              return resolve()
            }

            this.userOAuthTokens.accessToken = obj.access_token
            this.userOAuthTokens.refreshToken = obj.refresh_token
            OAuthUserTokens.saveToLocalStorage(peertubeLocalStorage, this.userOAuthTokens)

            this.setHeadersFromTokens()

            resolve()
          }).catch((refreshTokenError: any) => {
            reject(refreshTokenError)
          })
        })

        return refreshingTokenPromise
          .catch(() => {
            OAuthUserTokens.flushLocalStorage(peertubeLocalStorage)

            this.removeTokensFromHeaders()
          }).then(() => fetch(url, {
            ...options,

            headers: this.headers
          }))
      })
  }

  private setHeadersFromTokens () {
    this.headers.set('Authorization', this.getHeaderTokenValue())
  }

  private removeTokensFromHeaders () {
    this.headers.delete('Authorization')
  }
}