inteligr8/alfresco-ng2-components
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-ng2-components.git synced 2025-07-24 17:32:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

Revert "AAE-26321 Add an injection token to JwtHelperService for OAuthStorage…" (#10291)

Browse Source 
This reverts commit a93f0bd069.
This commit is contained in:
Wojciech Duda
2024-10-09 11:59:45 +02:00
committed by GitHub
parent 3d495932fe
commit 9a9a9db628
9 changed files with 71 additions and 74 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/core/src/lib/auth/guard/auth-guard-sso-role.service.spec.ts
View File

@@ -18,10 +18,9 @@
import { TestBed } from '@angular/core/testing'; import { TestBed } from '@angular/core/testing';
import { ActivatedRouteSnapshot, Router, RouterStateSnapshot } from '@angular/router'; import { ActivatedRouteSnapshot, Router, RouterStateSnapshot } from '@angular/router';
import { AuthGuardSsoRoleService } from './auth-guard-sso-role.service'; import { AuthGuardSsoRoleService } from './auth-guard-sso-role.service';
import { JWT_STORAGE_SERVICE, JwtHelperService } from '../services/jwt-helper.service'; import { JwtHelperService } from '../services/jwt-helper.service';
import { MatDialog, MatDialogModule } from '@angular/material/dialog'; import { MatDialog, MatDialogModule } from '@angular/material/dialog';
import { NoopTranslateModule } from '../../testing/noop-translate.module'; import { NoopTranslateModule } from '../../testing/noop-translate.module';
import { StorageService } from '../../common';
describe('Auth Guard SSO role service', () => { describe('Auth Guard SSO role service', () => {
let jwtHelperService: JwtHelperService; let jwtHelperService: JwtHelperService;
@@ -30,8 +29,7 @@ describe('Auth Guard SSO role service', () => {
beforeEach(() => { beforeEach(() => {
TestBed.configureTestingModule({ TestBed.configureTestingModule({
imports: [NoopTranslateModule, MatDialogModule], imports: [NoopTranslateModule, MatDialogModule]
providers: [{ provide: JWT_STORAGE_SERVICE, useClass: StorageService }]
}); });
localStorage.clear(); localStorage.clear();
jwtHelperService = TestBed.inject(JwtHelperService); jwtHelperService = TestBed.inject(JwtHelperService);

3
lib/core/src/lib/auth/guard/auth-guard.service.spec.ts
View File

@@ -28,7 +28,6 @@ import { EMPTY, of } from 'rxjs';
import { MatDialogModule } from '@angular/material/dialog'; import { MatDialogModule } from '@angular/material/dialog';
import { RouterTestingModule } from '@angular/router/testing'; import { RouterTestingModule } from '@angular/router/testing';
import { NoopTranslateModule } from '../../testing/noop-translate.module'; import { NoopTranslateModule } from '../../testing/noop-translate.module';
import { JWT_STORAGE_SERVICE } from '../public-api';
describe('AuthGuardService', () => { describe('AuthGuardService', () => {
let state: RouterStateSnapshot; let state: RouterStateSnapshot;
@@ -46,7 +45,7 @@ describe('AuthGuardService', () => {
imports: [NoopTranslateModule, MatDialogModule, RouterTestingModule], imports: [NoopTranslateModule, MatDialogModule, RouterTestingModule],
providers: [ providers: [
AppConfigService, AppConfigService,
{ provide: JWT_STORAGE_SERVICE, useClass: StorageService }, StorageService,
{ provide: RedirectAuthService, useValue: { onLogin: EMPTY, onTokenReceived: of() } }, { provide: RedirectAuthService, useValue: { onLogin: EMPTY, onTokenReceived: of() } },
{ {
provide: OidcAuthenticationService, provide: OidcAuthenticationService,

5
lib/core/src/lib/auth/oidc/oidc-authentication.service.spec.ts
View File

@@ -18,10 +18,8 @@
import { TestBed } from '@angular/core/testing'; import { TestBed } from '@angular/core/testing';
import { OidcAuthenticationService } from './oidc-authentication.service'; import { OidcAuthenticationService } from './oidc-authentication.service';
import { OAuthService, OAuthStorage } from 'angular-oauth2-oidc'; import { OAuthService, OAuthStorage } from 'angular-oauth2-oidc';
import { AppConfigService, AuthService } from '@alfresco/adf-core';
import { AUTH_MODULE_CONFIG } from './auth-config'; import { AUTH_MODULE_CONFIG } from './auth-config';
import { StorageService } from '../../common';
import { AuthService, JWT_STORAGE_SERVICE } from '../public-api';
import { AppConfigService } from '../../app-config';
interface MockAppConfigOAuth2 { interface MockAppConfigOAuth2 {
oauth2: { oauth2: {
@@ -64,7 +62,6 @@ describe('OidcAuthenticationService', () => {
OidcAuthenticationService, OidcAuthenticationService,
{ provide: AppConfigService, useClass: MockAppConfigService }, { provide: AppConfigService, useClass: MockAppConfigService },
{ provide: OAuthService, useClass: MockOAuthService }, { provide: OAuthService, useClass: MockOAuthService },
{ provide: JWT_STORAGE_SERVICE, useValue: StorageService },
{ provide: OAuthStorage, useValue: {} }, { provide: OAuthStorage, useValue: {} },
{ provide: AUTH_MODULE_CONFIG, useValue: {} }, { provide: AUTH_MODULE_CONFIG, useValue: {} },
{ provide: AuthService, useValue: {} } { provide: AuthService, useValue: {} }

4
lib/core/src/lib/auth/services/identity-user.service.spec.ts
View File

@@ -29,7 +29,7 @@ import {
} from '../mock/identity-user.mock'; } from '../mock/identity-user.mock';
import { mockGroups, mockJoinGroupRequest } from '../mock/identity-group.mock'; import { mockGroups, mockJoinGroupRequest } from '../mock/identity-group.mock';
import { IdentityUserService } from './identity-user.service'; import { IdentityUserService } from './identity-user.service';
import { JWT_STORAGE_SERVICE, JwtHelperService } from './jwt-helper.service'; import { JwtHelperService } from './jwt-helper.service';
import { mockToken } from '../mock/jwt-helper.service.spec'; import { mockToken } from '../mock/jwt-helper.service.spec';
import { IdentityRoleModel } from '../models/identity-role.model'; import { IdentityRoleModel } from '../models/identity-role.model';
import { AdfHttpClient } from '../../../../api/src'; import { AdfHttpClient } from '../../../../api/src';
@@ -53,7 +53,7 @@ describe('IdentityUserService', () => {
beforeEach(() => { beforeEach(() => {
TestBed.configureTestingModule({ TestBed.configureTestingModule({
imports: [NoopTranslateModule], imports: [NoopTranslateModule],
providers: [StorageService, AdfHttpClient, { provide: JWT_STORAGE_SERVICE, useClass: StorageService }] providers: [StorageService, AdfHttpClient]
}); });
storageService = TestBed.inject(StorageService); storageService = TestBed.inject(StorageService);
service = TestBed.inject(IdentityUserService); service = TestBed.inject(IdentityUserService);

89
lib/core/src/lib/auth/services/jwt-helper.service.spec.ts
View File

@@ -15,29 +15,17 @@
* limitations under the License. * limitations under the License.
*/ */
import { JWT_STORAGE_SERVICE, JwtHelperService } from './jwt-helper.service'; import { JwtHelperService } from './jwt-helper.service';
import { mockToken } from '../mock/jwt-helper.service.spec'; import { mockToken } from '../mock/jwt-helper.service.spec';
import { TestBed } from '@angular/core/testing'; import { TestBed } from '@angular/core/testing';
const mockLocalStorage = {
access_token: 'my-access_token',
id_token: 'my-id_token'
};
describe('JwtHelperService', () => { describe('JwtHelperService', () => {
let jwtHelperService: JwtHelperService; let jwtHelperService: JwtHelperService;
beforeEach(() => { beforeEach(() => {
TestBed.configureTestingModule({ TestBed.configureTestingModule({
providers: [ providers: [JwtHelperService]
JwtHelperService,
{
provide: JWT_STORAGE_SERVICE,
useValue: {
getItem: (key: string) => mockLocalStorage[key]
}
}
]
}); });
jwtHelperService = TestBed.inject(JwtHelperService); jwtHelperService = TestBed.inject(JwtHelperService);
}); });
@@ -56,19 +44,26 @@ describe('JwtHelperService', () => {
}); });
describe('RealmRole ', () => { describe('RealmRole ', () => {
it('Should be true if the realm_access contains the single role', () => { it('Should be true if the realm_access contains the single role', () => {
spyOn(jwtHelperService, 'decodeToken').and.returnValue({ spyOn(jwtHelperService, 'getAccessToken').and.returnValue('my-access_token');
realm_access: { roles: ['role1'] }
}); spyOn(jwtHelperService, 'decodeToken').and.returnValue(
{
realm_access: { roles: ['role1'] }
});
const result = jwtHelperService.hasRealmRole('role1'); const result = jwtHelperService.hasRealmRole('role1');
expect(result).toBeTruthy(); expect(result).toBeTruthy();
}); });
it('Should be true if the realm_access contains at least one of the roles', () => { it('Should be true if the realm_access contains at least one of the roles', () => {
spyOn(jwtHelperService, 'decodeToken').and.returnValue({ spyOn(jwtHelperService, 'getAccessToken').and.returnValue('my-access_token');
realm_access: { roles: ['role1'] }
}); spyOn(jwtHelperService, 'decodeToken').and.returnValue(
{
realm_access: { roles: ['role1'] }
});
const result = jwtHelperService.hasRealmRoles(['role1', 'role2']); const result = jwtHelperService.hasRealmRoles(['role1', 'role2']);
expect(result).toBeTruthy(); expect(result).toBeTruthy();
@@ -76,37 +71,46 @@ describe('JwtHelperService', () => {
it('Should be false if the realm_access does not contain the role', () => { it('Should be false if the realm_access does not contain the role', () => {
spyOn(jwtHelperService, 'getAccessToken').and.returnValue('my-access_token'); spyOn(jwtHelperService, 'getAccessToken').and.returnValue('my-access_token');
spyOn(jwtHelperService, 'decodeToken').and.returnValue({ spyOn(jwtHelperService, 'decodeToken').and.returnValue(
realm_access: { roles: ['role3'] } {
}); realm_access: { roles: ['role3'] }
});
const result = jwtHelperService.hasRealmRole('role1'); const result = jwtHelperService.hasRealmRole('role1');
expect(result).toBeFalsy(); expect(result).toBeFalsy();
}); });
it('Should be false if the realm_access does not contain at least one of the roles', () => { it('Should be false if the realm_access does not contain at least one of the roles', () => {
spyOn(jwtHelperService, 'getAccessToken').and.returnValue('my-access_token'); spyOn(jwtHelperService, 'getAccessToken').and.returnValue('my-access_token');
spyOn(jwtHelperService, 'decodeToken').and.returnValue({ spyOn(jwtHelperService, 'decodeToken').and.returnValue(
realm_access: { roles: ['role1'] } {
}); realm_access: { roles: ['role1'] }
});
const result = jwtHelperService.hasRealmRoles(['role3', 'role2']); const result = jwtHelperService.hasRealmRoles(['role3', 'role2']);
expect(result).toBeFalsy(); expect(result).toBeFalsy();
}); });
}); });
describe('ClientRole ', () => { describe('ClientRole ', () => {
it('Should be true if the resource_access contains the single role', () => { it('Should be true if the resource_access contains the single role', () => {
spyOn(jwtHelperService, 'decodeToken').and.returnValue({ spyOn(jwtHelperService, 'getAccessToken').and.returnValue('my-access_token');
resource_access: { fakeApp: { roles: ['role1'] } }
}); spyOn(jwtHelperService, 'decodeToken').and.returnValue(
{
resource_access: { fakeApp: { roles: ['role1'] } }
});
const result = jwtHelperService.hasRealmRolesForClientRole('fakeApp', ['role1']); const result = jwtHelperService.hasRealmRolesForClientRole('fakeApp', ['role1']);
expect(result).toBeTruthy(); expect(result).toBeTruthy();
}); });
it('Should be true if the resource_access contains at least one of the roles', () => { it('Should be true if the resource_access contains at least one of the roles', () => {
spyOn(jwtHelperService, 'decodeToken').and.returnValue({ spyOn(jwtHelperService, 'getAccessToken').and.returnValue('my-access_token');
resource_access: { fakeApp: { roles: ['role1'] } }
}); spyOn(jwtHelperService, 'decodeToken').and.returnValue(
{
resource_access: { fakeApp: { roles: ['role1'] } }
});
const result = jwtHelperService.hasRealmRolesForClientRole('fakeApp', ['role1', 'role2']); const result = jwtHelperService.hasRealmRolesForClientRole('fakeApp', ['role1', 'role2']);
expect(result).toBeTruthy(); expect(result).toBeTruthy();
@@ -114,19 +118,22 @@ describe('JwtHelperService', () => {
it('Should be false if the resource_access does not contain the role', () => { it('Should be false if the resource_access does not contain the role', () => {
spyOn(jwtHelperService, 'getAccessToken').and.returnValue('my-access_token'); spyOn(jwtHelperService, 'getAccessToken').and.returnValue('my-access_token');
spyOn(jwtHelperService, 'decodeToken').and.returnValue({ spyOn(jwtHelperService, 'decodeToken').and.returnValue(
resource_access: { fakeApp: { roles: ['role3'] } } {
}); resource_access: { fakeApp: { roles: ['role3'] } }
});
const result = jwtHelperService.hasRealmRolesForClientRole('fakeApp', ['role1', 'role2']); const result = jwtHelperService.hasRealmRolesForClientRole('fakeApp', ['role1', 'role2']);
expect(result).toBeFalsy(); expect(result).toBeFalsy();
}); });
it('Should be false if the resource_access does not contain the client role related to the app', () => { it('Should be false if the resource_access does not contain the client role related to the app', () => {
spyOn(jwtHelperService, 'decodeToken').and.returnValue({ spyOn(jwtHelperService, 'getAccessToken').and.returnValue('my-access_token');
resource_access: { anotherFakeApp: { roles: ['role1'] } } spyOn(jwtHelperService, 'decodeToken').and.returnValue(
}); {
resource_access: { anotherFakeApp: { roles: ['role1'] } }
});
const result = jwtHelperService.hasRealmRolesForClientRole('fakeApp', ['role1', 'role2']); const result = jwtHelperService.hasRealmRolesForClientRole('fakeApp', ['role1', 'role2']);
expect(result).toBeFalsy(); expect(result).toBeFalsy();
}); });
}); });
}); });

24
lib/core/src/lib/auth/services/jwt-helper.service.ts
View File

@@ -15,15 +15,14 @@
* limitations under the License. * limitations under the License.
*/ */
import { Inject, Injectable, InjectionToken } from '@angular/core'; import { Injectable } from '@angular/core';
import { OAuthStorage } from 'angular-oauth2-oidc'; import { StorageService } from '../../common/services/storage.service';
export const JWT_STORAGE_SERVICE = new InjectionToken<OAuthStorage>('JWT_STORAGE_SERVICE');
@Injectable({ @Injectable({
providedIn: 'root' providedIn: 'root'
}) })
export class JwtHelperService { export class JwtHelperService {
static USER_NAME = 'name'; static USER_NAME = 'name';
static FAMILY_NAME = 'family_name'; static FAMILY_NAME = 'family_name';
static GIVEN_NAME = 'given_name'; static GIVEN_NAME = 'given_name';
@@ -35,7 +34,8 @@ export class JwtHelperService {
static USER_PREFERRED_USERNAME = 'preferred_username'; static USER_PREFERRED_USERNAME = 'preferred_username';
static HXP_AUTHORIZATION = 'hxp_authorization'; static HXP_AUTHORIZATION = 'hxp_authorization';
constructor(@Inject(JWT_STORAGE_SERVICE) private jwtStorage: OAuthStorage) {} constructor(private storageService: StorageService) {
}
/** /**
* Decodes a JSON web token into a JS object. * Decodes a JSON web token into a JS object.
@@ -85,7 +85,7 @@ export class JwtHelperService {
* @param key Key name of the field to retrieve * @param key Key name of the field to retrieve
* @returns Value from the token * @returns Value from the token
*/ */
getValueFromLocalToken<T>(key: string): T { getValueFromLocalToken<T>(key: string): T {
return this.getValueFromToken(this.getAccessToken(), key) || this.getValueFromToken(this.getIdToken(), key); return this.getValueFromToken(this.getAccessToken(), key) || this.getValueFromToken(this.getIdToken(), key);
} }
@@ -105,7 +105,7 @@ export class JwtHelperService {
* @returns access token * @returns access token
*/ */
getAccessToken(): string { getAccessToken(): string {
return this.jwtStorage.getItem(JwtHelperService.USER_ACCESS_TOKEN); return this.storageService.getItem(JwtHelperService.USER_ACCESS_TOKEN);
} }
/** /**
@@ -114,7 +114,7 @@ export class JwtHelperService {
* @param key Key name of the field to retrieve * @param key Key name of the field to retrieve
* @returns Value from the token * @returns Value from the token
*/ */
getValueFromLocalIdToken<T>(key: string): T { getValueFromLocalIdToken<T>(key: string): T {
return this.getValueFromToken(this.getIdToken(), key); return this.getValueFromToken(this.getIdToken(), key);
} }
@@ -123,8 +123,8 @@ export class JwtHelperService {
* *
* @returns id token * @returns id token
*/ */
getIdToken(): string { getIdToken(): string {
return this.jwtStorage.getItem(JwtHelperService.USER_ID_TOKEN); return this.storageService.getItem(JwtHelperService.USER_ID_TOKEN);
} }
/** /**
@@ -186,7 +186,7 @@ export class JwtHelperService {
* @param rolesToCheck List of role names to check * @param rolesToCheck List of role names to check
* @returns True if it contains at least one of the given roles, false otherwise * @returns True if it contains at least one of the given roles, false otherwise
*/ */
hasRealmRoles(rolesToCheck: string[]): boolean { hasRealmRoles(rolesToCheck: string []): boolean {
return rolesToCheck.some((currentRole) => this.hasRealmRole(currentRole)); return rolesToCheck.some((currentRole) => this.hasRealmRole(currentRole));
} }
@@ -197,7 +197,7 @@ export class JwtHelperService {
* @param rolesToCheck List of role names to check * @param rolesToCheck List of role names to check
* @returns True if it contains at least one of the given roles, false otherwise * @returns True if it contains at least one of the given roles, false otherwise
*/ */
hasRealmRolesForClientRole(clientName: string, rolesToCheck: string[]): boolean { hasRealmRolesForClientRole(clientName: string, rolesToCheck: string []): boolean {
return rolesToCheck.some((currentRole) => this.hasClientRole(clientName, currentRole)); return rolesToCheck.some((currentRole) => this.hasClientRole(clientName, currentRole));
} }

5
lib/core/src/lib/auth/services/user-access.service.spec.ts
View File

@@ -17,10 +17,9 @@
import { TestBed } from '@angular/core/testing'; import { TestBed } from '@angular/core/testing';
import { UserAccessService } from './user-access.service'; import { UserAccessService } from './user-access.service';
import { JWT_STORAGE_SERVICE, JwtHelperService } from './jwt-helper.service'; import { JwtHelperService } from './jwt-helper.service';
import { AppConfigService } from '../../app-config'; import { AppConfigService } from '../../app-config';
import { HttpClientTestingModule } from '@angular/common/http/testing'; import { HttpClientTestingModule } from '@angular/common/http/testing';
import { StorageService } from '../../common';
describe('UserAccessService', () => { describe('UserAccessService', () => {
let userAccessService: UserAccessService; let userAccessService: UserAccessService;
@@ -30,7 +29,7 @@ describe('UserAccessService', () => {
beforeEach(() => { beforeEach(() => {
TestBed.configureTestingModule({ TestBed.configureTestingModule({
imports: [HttpClientTestingModule], imports: [HttpClientTestingModule],
providers: [UserAccessService, { provide: JWT_STORAGE_SERVICE, useClass: StorageService }] providers: [UserAccessService]
}); });
userAccessService = TestBed.inject(UserAccessService); userAccessService = TestBed.inject(UserAccessService);
jwtHelperService = TestBed.inject(JwtHelperService); jwtHelperService = TestBed.inject(JwtHelperService);

4
lib/core/src/lib/core.module.ts
View File

@@ -56,7 +56,6 @@ import { DynamicChipListComponent } from './dynamic-chip-list';
import { IdentityUserInfoComponent } from './identity-user-info'; import { IdentityUserInfoComponent } from './identity-user-info';
import { UnsavedChangesDialogComponent } from './dialogs'; import { UnsavedChangesDialogComponent } from './dialogs';
import { MaterialModule } from './material.module'; import { MaterialModule } from './material.module';
import { JWT_STORAGE_SERVICE } from './auth/services/jwt-helper.service';
@NgModule({ @NgModule({
imports: [ imports: [
@@ -151,8 +150,7 @@ export class CoreModule {
useValue: { useValue: {
duration: 10000 duration: 10000
} }
}, }
{ provide: JWT_STORAGE_SERVICE, useExisting: StorageService }
] ]
}; };
} }

5
lib/process-services-cloud/src/lib/process/process-filters/components/edit-process-filter-cloud.component.spec.ts
View File

@@ -16,7 +16,7 @@
*/ */
import { AlfrescoApiService } from '@alfresco/adf-content-services'; import { AlfrescoApiService } from '@alfresco/adf-content-services';
import { ADF_DATE_FORMATS, FullNamePipe, JWT_STORAGE_SERVICE, NoopTranslateModule, StorageService, UserPreferencesService } from '@alfresco/adf-core'; import { ADF_DATE_FORMATS, FullNamePipe, NoopTranslateModule, UserPreferencesService } from '@alfresco/adf-core';
import { HarnessLoader } from '@angular/cdk/testing'; import { HarnessLoader } from '@angular/cdk/testing';
import { TestbedHarnessEnvironment } from '@angular/cdk/testing/testbed'; import { TestbedHarnessEnvironment } from '@angular/cdk/testing/testbed';
import { SimpleChange } from '@angular/core'; import { SimpleChange } from '@angular/core';
@@ -121,8 +121,7 @@ describe('EditProcessFilterCloudComponent', () => {
{ provide: DateAdapter, useClass: DateFnsAdapter }, { provide: DateAdapter, useClass: DateFnsAdapter },
{ provide: NotificationCloudService, useValue: { makeGQLQuery: () => of([]) } }, { provide: NotificationCloudService, useValue: { makeGQLQuery: () => of([]) } },
{ provide: MAT_DATE_FORMATS, useValue: ADF_DATE_FORMATS }, { provide: MAT_DATE_FORMATS, useValue: ADF_DATE_FORMATS },
{ provide: IDENTITY_USER_SERVICE_TOKEN, useExisting: IdentityUserServiceMock }, { provide: IDENTITY_USER_SERVICE_TOKEN, useExisting: IdentityUserServiceMock }
{ provide: JWT_STORAGE_SERVICE, useClass: StorageService }
], ],
declarations: [PeopleCloudComponent, DateRangeFilterComponent] declarations: [PeopleCloudComponent, DateRangeFilterComponent]
}); });