Pass down the requestUrl for request interception

bring back check from js-api fixing isLogin issues part1 some fix around emit Narrow access for methods fix sso username issue Switch to dynamic service injection add emitters move auth inside ADF
2025-09-17 14:21:29 +00:00 · 2023-06-21 18:14:45 +02:00
parent 7fba49a2db
commit 5b235212eb
28 changed files with 1520 additions and 569 deletions
--- a/lib/core/api/src/lib/adf-http-client.service.ts
+++ b/lib/core/api/src/lib/adf-http-client.service.ts
@@ -42,7 +42,9 @@ import { AlfrescoApiParamEncoder } from './alfresco-api/alfresco-api.param-encod
 import { AlfrescoApiResponseError } from './alfresco-api/alfresco-api.response-error';
 import { Constructor } from './types';
 import { RequestOptions, SecurityOptions } from './interfaces';
-import ee, { Emitter } from 'event-emitter';
+import { AppConfigService, AppConfigValues } from '../../../src/lib/app-config/app-config.service';
+import ee from 'event-emitter';
+import { Emitter } from 'event-emitter';

 export interface Emitters {
    readonly eventEmitter: Emitter;
@@ -59,15 +61,6 @@ export class AdfHttpClient implements ee.Emitter,JsApiHttpClient {
    once: ee.EmitterMethod;
    emit: (type: string, ...args: any[]) => void;

-    private _disableCsrf = false;
-
-    private defaultSecurityOptions = {
-        withCredentials: true,
-        isBpmRequest: false,
-        authentications: {},
-        defaultHeaders: {}
-    };
-
    get disableCsrf(): boolean {
        return this._disableCsrf;
    }
@@ -75,9 +68,15 @@ export class AdfHttpClient implements ee.Emitter,JsApiHttpClient {
    set disableCsrf(disableCsrf: boolean) {
        this._disableCsrf = disableCsrf;
    }
+    
+    private defaultSecurityOptions = {
+        withCredentials: true,
+        isBpmRequest: false,
+        authentications: {},
+        defaultHeaders: {}
+    };

-    constructor(private httpClient: HttpClient
-        ) {
+    constructor(private httpClient: HttpClient, private appConfig: AppConfigService) {
        ee(this);
    }

@@ -237,7 +236,7 @@ export class AdfHttpClient implements ee.Emitter,JsApiHttpClient {
            takeUntil(abort$)
        ).toPromise();

-        (promise as any).abort = function() {
+        (promise as any).abort = function () {
            eventEmitter.emit('abort');
            abort$.next();
            abort$.complete();
@@ -271,7 +270,9 @@ export class AdfHttpClient implements ee.Emitter,JsApiHttpClient {
            ...((options.contentType) && {'Content-Type': options.contentType})
        };

-        if (!this.disableCsrf) {
+        const disableCsrf = this.appConfig.get<boolean>(AppConfigValues.DISABLECSRF);
+
+        if (!disableCsrf) {
            this.setCsrfToken(optionsHeaders);

        }
@@ -291,8 +292,7 @@ export class AdfHttpClient implements ee.Emitter,JsApiHttpClient {
    }

    private createCSRFToken(a?: any): string {
-        const randomValue = window.crypto.getRandomValues(new Uint32Array(1))[0];
-        return a ? (a ^ ((randomValue * 16) >> (a / 4))).toString(16) : ([1e16] + (1e16).toString()).replace(/[01]/g, this.createCSRFToken);
+        return a ? (a ^ ((Math.random() * 16) >> (a / 4))).toString(16) : ([1e16] + (1e16).toString()).replace(/[01]/g, this.createCSRFToken);
    }

    private static getResponseType(options: RequestOptions): 'blob' | 'json' | 'text' {
--- a/lib/core/api/src/lib/interfaces.ts
+++ b/lib/core/api/src/lib/interfaces.ts
@@ -15,6 +15,32 @@
 * limitations under the License.
 */

+export interface SecurityOptions {
+    // readonly isBpmRequest: boolean;
+    // readonly enableCsrf?: boolean;
+    readonly withCredentials?: boolean;
+    readonly authentications?: Authentication;
+    readonly defaultHeaders?: Record<string, string>;
+}
+
+export interface Oauth2 {
+    refreshToken?: string;
+    accessToken?: string;
+}
+
+export interface BasicAuth {
+    username?: string;
+    password?: string;
+    ticket?: string;
+}
+
+export interface Authentication {
+    basicAuth?: BasicAuth;
+    oauth2?: Oauth2;
+    cookie?: string;
+    type?: string;
+}
+
 export interface RequestOptions {
    httpMethod?: string;
    queryParams?: any;
@@ -23,14 +49,6 @@ export interface RequestOptions {
    bodyParam?: any;
    returnType?: any;
    responseType?: string;
-    readonly accept?: string;
-    readonly contentType?: string;
-}
-
-export interface SecurityOptions {
-    readonly isBpmRequest: boolean;
-    readonly enableCsrf?: boolean;
-    readonly withCredentials?: boolean;
-    readonly authentications: any;
-    readonly defaultHeaders: Record<string, string>;
+    accept?: string;
+    contentType?: string;
 }