Renamed prefixes in angular.json

projects/common/src/fm/shared/accesstoken.interceptor.ts

@@ -0,0 +1,47 @@
+import { Injectable, Injector, Inject } from '@angular/core';
+import { DOCUMENT } from '@angular/common'
+import { AppConfig } from "./app.config";
+import {
+  HttpRequest,
+  HttpHandler,
+  HttpEvent,
+  HttpInterceptor
+} from '@angular/common/http';
+import { OAuthService } from 'angular-oauth2-oidc';
+import { Observable } from 'rxjs';
+
+@Injectable()
+export class AccessTokenInterceptor implements HttpInterceptor {
+  private oauthService: OAuthService = null;
+  private audience: string[] = [];
+  private base: string;
+
+  constructor(private injector: Injector, private appConfig: AppConfig, @Inject(DOCUMENT) private document: any) {   
+    this.base = document.location.href;
+  }
+
+  hasAudience(url: string): boolean {
+    let u = new URL(url,this.base);
+    for (let audience of this.audience) {
+      if (u.href.startsWith(audience)) return true;
+    }
+    return false;
+  }
+
+  intercept(request: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
+    if (this.oauthService && this.hasAudience(request.url)) {
+      request = request.clone({
+        setHeaders: {
+          Authorization: `Bearer ${this.oauthService.getAccessToken()}`
+        }
+        // Please uncomment the next line if you need to connect to the backend running in Docker.
+        //, url: `http://localhost:8082${request.url}`
+      });
+    } else {
+      this.oauthService = this.injector.get(OAuthService, null);
+      if(this.oauthService && this.oauthService.issuer) this.audience = (this.appConfig.getConfig("audience") as string).split(",");
+    }
+    return next.handle(request);
+  }
+}
+

projects/common/src/fm/shared/app.config.factory.ts

@@ -0,0 +1,61 @@
+import { Injector } from '@angular/core';
+import { Router,UrlSerializer } from '@angular/router';
+import { AuthConfig, OAuthService, JwksValidationHandler, OAuthErrorEvent  } from 'angular-oauth2-oidc';
+import { AppConfig } from "./app.config";
+
+function getAuthConfig(appConfig: AppConfig): AuthConfig {
+  let authConfig: AuthConfig = new AuthConfig();
+  authConfig.issuer = appConfig.getConfig("issuer");
+  authConfig.redirectUri = window.location.origin + "/cb";
+  authConfig.silentRefreshRedirectUri = window.location.origin + "/silent-refresh.html";
+  authConfig.clientId = appConfig.getConfig("clientId");
+  authConfig.customQueryParams = { audience: appConfig.getConfig("audience") };
+  authConfig.scope = "openid profile email";
+  authConfig.oidc = true;
+  authConfig.disableAtHashCheck = true;
+  authConfig.requireHttps = appConfig.getConfig("requireHttps");
+  return authConfig;
+}
+
+export function appConfigFactory(injector:Injector, appConfig: AppConfig, oauthService: OAuthService): () => Promise<any> {
+  return (): Promise<any> => {
+    return appConfig.load().then(() => {     
+      oauthService.events.subscribe((event) => {
+        console.log(event.type);
+        if (event.type == 'token_error' || event.type == 'silent_refresh_timeout') {
+          let e = event as OAuthErrorEvent;
+          let p = e.params as any;
+          if (event.type == 'silent_refresh_timeout' || (p.error && p.error == 'login_required')) {
+            let router = injector.get(Router);
+            console.log("Session expired");
+            router.navigate(['loggedout'], { queryParams: { redirectTo: router.url } });
+          }          
+        }
+      });
+      oauthService.configure(getAuthConfig(appConfig));
+      oauthService.tokenValidationHandler = new JwksValidationHandler();
+      oauthService.tokenValidationHandler.validateAtHash = function () {
+        return new Promise<boolean>((res) => { res(true); })
+      };
+      oauthService.setupAutomaticSilentRefresh();
+      let router = injector.get(Router);
+      var urlTree = router.parseUrl(window.location.href);
+      var urlPath = window.location.pathname;
+      oauthService.loadDiscoveryDocument().then(() => {
+        oauthService.tryLogin({
+          onTokenReceived: (info) => {
+            urlPath = info.state;
+          }
+        }).then(() => {
+          let router = injector.get(Router);
+          if (!oauthService.hasValidAccessToken()) {
+            oauthService.initImplicitFlow(urlPath);
+          } else {
+            router.navigateByUrl(urlPath);
+          }
+        });       
+      })
+    });
+  }
+}
+

projects/common/src/fm/shared/app.config.ts

@@ -0,0 +1,33 @@
+import {Inject, Injectable} from '@angular/core';
+import {HttpClient, HttpXhrBackend} from '@angular/common/http';
+import {Observable} from 'rxjs';
+
+@Injectable()
+export class AppConfig {
+
+  private config: Object = null;
+  private httpClient: HttpClient;
+
+  constructor(xhrBackend: HttpXhrBackend) {
+    this.httpClient = new HttpClient(xhrBackend);
+    this.config = null;
+  }
+
+  public getConfig(key: any) {
+    if (!this.config.hasOwnProperty(key)) {
+      console.log(`Config key ${key} not set`);
+    }
+    return this.config[key];
+  }
+
+
+  public load(): Promise<any> {
+    return this.httpClient.get('/configuration.json')
+      .toPromise()
+      .then(data => {
+        this.config = data;
+        //return data;
+      })
+      .catch(error => this.config = null);
+  };
+}

projects/common/src/fm/shared/safe.pipe.ts

@@ -0,0 +1,13 @@
+import { Pipe, PipeTransform } from '@angular/core';
+import { DomSanitizer } from '@angular/platform-browser';
+
+@Pipe({
+  name: 'safe'
+})
+export class SafePipe implements PipeTransform {
+
+  constructor(private sanitizer: DomSanitizer) { }
+  transform(url) {
+    return this.sanitizer.bypassSecurityTrustResourceUrl(url);
+  }
+}