FarmMapsLib/projects/common/src/fm/services/auth-guard.service.ts

import { Injectable } from '@angular/core';
import {
  CanActivate, Router, CanLoad, Route, CanActivateChild ,
  ActivatedRouteSnapshot,
  RouterStateSnapshot
} from '@angular/router';


import { Store } from '@ngrx/store';
import { OAuthService } from 'angular-oauth2-oidc';


import * as appCommonReducer from '../reducers/app-common.reducer'
import * as appCommonActions from '../actions/app-common.actions';


@Injectable({
  providedIn: 'root',
})
export class AuthGuard implements CanActivate, CanLoad, CanActivateChild  { 
 
  constructor(private oauthService: OAuthService, private router: Router, private store: Store<appCommonReducer.State> ) { }

  canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): Promise<boolean> {
    console.debug("AuthGuard->canActivate", route, state);
    const url: string = state.url;

    return this.checkLogin(url, route);
  }

  canActivateChild(childRoute: ActivatedRouteSnapshot, state: RouterStateSnapshot): Promise<boolean> {
    console.debug("AuthGuard->canActivateChild", childRoute, state);
    const url: string = state.url;

    return this.checkLogin(url, childRoute);
  }

  canLoad(route: Route): Promise<boolean> {
    console.debug("AuthGuard->canLoad", route);
    return this.checkLogin(route.path, null);
  }

  checkLogin(url: string, route: ActivatedRouteSnapshot): Promise<boolean> {
    console.debug("AuthGuard->checkLogin", url, route);
    return new Promise<boolean>((resolve) => {
      if (!this.oauthService.hasValidAccessToken()) {
        console.debug("No valid token");
        this.oauthService.initCodeFlow(url);
        resolve(false);
      } else {
        const requiredRoleClaim = route.data.role;
        if (!requiredRoleClaim) { resolve(true); }
        const ownedClaims = this.oauthService.getIdentityClaims();
        if (!ownedClaims) { console.debug("No owned claims"); resolve(false); }
        const ownedRoleClaims: string[] = ownedClaims['role'];
        if (!ownedRoleClaims) { console.debug("No owned role claims"); resolve(false); }
        if (Array.isArray(ownedRoleClaims)) {
          if (ownedRoleClaims.findIndex(r => r === requiredRoleClaim) <= -1) { console.debug("No required role claim", ownedRoleClaims, requiredRoleClaim); resolve(false); }
        }
        else {
          if (ownedRoleClaims !== requiredRoleClaim) { console.debug("No required role claim", ownedRoleClaims, requiredRoleClaim); resolve(false); }
        }
        console.debug("Has required role claim", requiredRoleClaim);
        resolve(true);
      }
    });
  }
}
Refactor authentication flow 2020-01-31 10:24:45 +00:00			`import { Injectable } from '@angular/core';`
			`import {`
			`CanActivate, Router, CanLoad, Route, CanActivateChild ,`
			`ActivatedRouteSnapshot,`
			`RouterStateSnapshot`
			`} from '@angular/router';`

Fix authguard 2020-05-11 18:39:00 +00:00
Refactor authentication flow 2020-01-31 10:24:45 +00:00			`import { Store } from '@ngrx/store';`
			`import { OAuthService } from 'angular-oauth2-oidc';`


			`import * as appCommonReducer from '../reducers/app-common.reducer'`
			`import * as appCommonActions from '../actions/app-common.actions';`


			`@Injectable({`
			`providedIn: 'root',`
			`})`
			`export class AuthGuard implements CanActivate, CanLoad, CanActivateChild {`

			`constructor(private oauthService: OAuthService, private router: Router, private store: Store<appCommonReducer.State> ) { }`

Fix authguard 2020-05-11 18:39:00 +00:00			`canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): Promise<boolean> {`
Add more authguard debug loggin' 2023-03-06 09:29:43 +00:00			`console.debug("AuthGuard->canActivate", route, state);`
Aw4751 eslint fixes 2023-03-06 13:04:14 +00:00			`const url: string = state.url;`
Refactor authentication flow 2020-01-31 10:24:45 +00:00
AW-4628 Add role-based security to authguard 2023-02-10 14:30:35 +00:00			`return this.checkLogin(url, route);`
Refactor authentication flow 2020-01-31 10:24:45 +00:00			`}`

Fix authguard 2020-05-11 18:39:00 +00:00			`canActivateChild(childRoute: ActivatedRouteSnapshot, state: RouterStateSnapshot): Promise<boolean> {`
Add more authguard debug loggin' 2023-03-06 09:29:43 +00:00			`console.debug("AuthGuard->canActivateChild", childRoute, state);`
Aw4751 eslint fixes 2023-03-06 13:04:14 +00:00			`const url: string = state.url;`
Refactor authentication flow 2020-01-31 10:24:45 +00:00
AW-4628 Add role-based security to authguard 2023-02-10 14:30:35 +00:00			`return this.checkLogin(url, childRoute);`
Refactor authentication flow 2020-01-31 10:24:45 +00:00			`}`

Fix authguard 2020-05-11 18:39:00 +00:00			`canLoad(route: Route): Promise<boolean> {`
Add more authguard debug loggin' 2023-03-06 09:29:43 +00:00			`console.debug("AuthGuard->canLoad", route);`
AW-4628 Add role-based security to authguard 2023-02-10 14:30:35 +00:00			`return this.checkLogin(route.path, null);`
Refactor authentication flow 2020-01-31 10:24:45 +00:00			`}`

AW-4628 Add role-based security to authguard 2023-02-10 14:30:35 +00:00			`checkLogin(url: string, route: ActivatedRouteSnapshot): Promise<boolean> {`
Add more authguard debug loggin' 2023-03-06 09:29:43 +00:00			`console.debug("AuthGuard->checkLogin", url, route);`
Fix authguard 2020-05-11 18:39:00 +00:00			`return new Promise<boolean>((resolve) => {`
			`if (!this.oauthService.hasValidAccessToken()) {`
Add some debug logging 2020-05-11 18:50:38 +00:00			`console.debug("No valid token");`
Refactor token refresh flows 2020-10-30 07:22:58 +00:00			`this.oauthService.initCodeFlow(url);`
			`resolve(false);`
AW-4628 Add role-based security to authguard 2023-02-10 14:30:35 +00:00			`} else {`
			`const requiredRoleClaim = route.data.role;`
			`if (!requiredRoleClaim) { resolve(true); }`
			`const ownedClaims = this.oauthService.getIdentityClaims();`
Add some authguard debug loggin' 2023-03-03 07:40:12 +00:00			`if (!ownedClaims) { console.debug("No owned claims"); resolve(false); }`
AW-4628 Add role-based security to authguard 2023-02-10 14:30:35 +00:00			`const ownedRoleClaims: string[] = ownedClaims['role'];`
Add some authguard debug loggin' 2023-03-03 07:40:12 +00:00			`if (!ownedRoleClaims) { console.debug("No owned role claims"); resolve(false); }`
AW-4673 Fix ERROR Error: Uncaught (in promise): TypeError: ownedRoleClaims.findIndex is not a function 2023-02-27 08:43:39 +00:00			`if (Array.isArray(ownedRoleClaims)) {`
Add some authguard debug loggin' 2023-03-03 07:40:12 +00:00			`if (ownedRoleClaims.findIndex(r => r === requiredRoleClaim) <= -1) { console.debug("No required role claim", ownedRoleClaims, requiredRoleClaim); resolve(false); }`
AW-4673 Fix ERROR Error: Uncaught (in promise): TypeError: ownedRoleClaims.findIndex is not a function 2023-02-27 08:43:39 +00:00			`}`
			`else {`
Add some authguard debug loggin' 2023-03-03 07:40:12 +00:00			`if (ownedRoleClaims !== requiredRoleClaim) { console.debug("No required role claim", ownedRoleClaims, requiredRoleClaim); resolve(false); }`
AW-4673 Fix ERROR Error: Uncaught (in promise): TypeError: ownedRoleClaims.findIndex is not a function 2023-02-27 08:43:39 +00:00			`}`
Add some authguard debug loggin' 2023-03-03 07:40:12 +00:00			`console.debug("Has required role claim", requiredRoleClaim);`
Fix promise resolve 2020-05-11 18:57:45 +00:00			`resolve(true);`
Fix authguard 2020-05-11 18:39:00 +00:00			`}`
			`});`
Refactor authentication flow 2020-01-31 10:24:45 +00:00			`}`
			`}`