FarmMaps/FarmMapsLib
8
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Removed logging
All checks were successful
FarmMaps.Develop/FarmMapsLib/pipeline/head This commit looks good
Details

Browse Source
This commit is contained in:
Peter Bastiani 2023-03-28 13:26:37 +02:00
parent b29cd8e4c9
commit 19dce51a28
1 changed files with 18 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
projects/common/src/fm/services/auth-guard.service.ts
View File

@ -24,44 +24,53 @@ export class AuthGuard implements CanActivate, CanLoad, CanActivateChild {
constructor(private oauthService: OAuthService, private router: Router, private store: Store<appCommonReducer.State>) { } constructor(private oauthService: OAuthService, private router: Router, private store: Store<appCommonReducer.State>) { }
canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): boolean | UrlTree | Observable<boolean | UrlTree> | Promise<boolean | UrlTree> { canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): boolean | UrlTree | Observable<boolean | UrlTree> | Promise<boolean | UrlTree> {
console.debug("AuthGuard->canActivate", route, state); //console.debug("AuthGuard->canActivate", route, state);
const url: string = state.url; const url: string = state.url;
return this.checkLogin(url, route); return this.checkLogin(url, route);
} }
canActivateChild(childRoute: ActivatedRouteSnapshot, state: RouterStateSnapshot): boolean | UrlTree | Observable<boolean | UrlTree> | Promise<boolean | UrlTree> { canActivateChild(childRoute: ActivatedRouteSnapshot, state: RouterStateSnapshot): boolean | UrlTree | Observable<boolean | UrlTree> | Promise<boolean | UrlTree> {
console.debug("AuthGuard->canActivateChild", childRoute, state); //console.debug("AuthGuard->canActivateChild", childRoute, state);
const url: string = state.url; const url: string = state.url;
return this.checkLogin(url, childRoute); return this.checkLogin(url, childRoute);
} }
canLoad(route: Route, segments: UrlSegment[]): boolean | UrlTree | Observable<boolean | UrlTree> | Promise<boolean | UrlTree> { canLoad(route: Route, segments: UrlSegment[]): boolean | UrlTree | Observable<boolean | UrlTree> | Promise<boolean | UrlTree> {
console.debug("AuthGuard->canLoad", route, segments); //console.debug("AuthGuard->canLoad", route, segments);
return this.checkLogin(route.path, null); return this.checkLogin(route.path, null);
} }
checkLogin(url: string, route: ActivatedRouteSnapshot): boolean { checkLogin(url: string, route: ActivatedRouteSnapshot): boolean {
console.debug("AuthGuard->checkLogin", url, route); //console.debug("AuthGuard->checkLogin", url, route);
if (!this.oauthService.hasValidAccessToken()) { if (!this.oauthService.hasValidAccessToken()) {
console.debug("No valid token"); //console.debug("No valid token");
this.oauthService.initCodeFlow(url); this.oauthService.initCodeFlow(url);
return false; return false;
} else { } else {
const requiredRoleClaim = route.data.role; const requiredRoleClaim = route.data.role;
if (!requiredRoleClaim) { return true; } if (!requiredRoleClaim) { return true; }
const ownedClaims = this.oauthService.getIdentityClaims(); const ownedClaims = this.oauthService.getIdentityClaims();
if (!ownedClaims) { console.debug("No owned claims"); return false; } if (!ownedClaims) {
//console.debug("No owned claims");
return false;
}
const ownedRoleClaims: string[] = ownedClaims['role']; const ownedRoleClaims: string[] = ownedClaims['role'];
if (!ownedRoleClaims) { console.debug("No owned role claims"); return false; } if (!ownedRoleClaims) {
// console.debug("No owned role claims");
return false;
}
if (Array.isArray(ownedRoleClaims)) { if (Array.isArray(ownedRoleClaims)) {
if (ownedRoleClaims.findIndex(r => r === requiredRoleClaim) <= -1) { console.debug("No required role claim", ownedRoleClaims, requiredRoleClaim); return false; } if (ownedRoleClaims.findIndex(r => r === requiredRoleClaim) <= -1) {
//console.debug("No required role claim", ownedRoleClaims, requiredRoleClaim);
return false;
}
} }
else { else {
if (ownedRoleClaims !== requiredRoleClaim) { console.debug("No required role claim", ownedRoleClaims, requiredRoleClaim); return false; } if (ownedRoleClaims !== requiredRoleClaim) { console.debug("No required role claim", ownedRoleClaims, requiredRoleClaim); return false; }
} }
console.debug("Has required role claim", requiredRoleClaim); //console.debug("Has required role claim", requiredRoleClaim);
return true; return true;
} }
} }