123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235 |
- package tst
- import (
- . "git.eugeniocarvalho.dev/eugeniucarvalho/apicodegen/common"
- TS "git.eugeniocarvalho.dev/eugeniucarvalho/gg/generators/typescript"
- )
- func createAuthClass(p *Project, file *TS.File) {
- // auth := p.Auth.Oauth2
- // scope, _ := json.Marshal(auth.Client.Scope)
- file.Line().Comment(
- "Class gerencia autenticacao e autorizacao da api.",
- ).Export().Class().Id("Auth").Block(TS.Raw(`
- // public profile = new Subject<any>();
- public profile$ = new Subject<any>();
- public profile: any;
- public cookieDomain: string;
- public grant: any;
- public onAuthorize$ = new BehaviorSubject(null);
- public clientParams = {
- redirect_uri: '',
- client_id: '',
- client_secret: '',
- scope: [],
- state: '',
- };
-
- protected oauthURI: string;
- protected AuthorizeRequest: Subscription;
- protected authorizeStatus = new EventEmitter<boolean>();
- // constructor(protected api: `).Id(ApiClassName(p)).Raw(`) {
- constructor(protected api: ApiInterface) {
- const options = api.apiOptions;
- this.oauthURI = options.ACCOUNT_URL;
- this.clientParams = {
- redirect_uri: options.REDIRECT_URI,
- client_id: options.CLIENT_ID,
- client_secret: options.CLIENT_SECRET,
- scope: options.SCOPES,
- state: this.state()
- };
- this.cookieDomain = options.COOKIE_DOMAIN;
- console.log("create auth instance", options);
- }
- protected state() {
- // return [32, 7, 28].map(k => { return Math.random().toString(k).substr(2) }).join('+');
- return 'xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx'.replace(/[xy]/g, c => {
- const r = Math.random() * 16 | 0;
- const v = c === 'x' ? r : (r & 0x3 | 0x8);
- return v.toString(16);
- });
- }
- getProfile() {
- if (this.profile) {
- return of(this.profile).pipe(take(1));
- }
- return this.api.http
- .post<any>(`).Raw("`${this.oauthURI}/api/profile`").Raw(`, {}, this.api.options())
- .pipe(
- take(1),
- map(profile => this.profile = profile),
- );
- }
- Authorize(): Observable<any> {
- if (!this.AuthorizeRequest) {
- this.AuthorizeRequest = this.getAuthCode().pipe(
- take(1),
- switchMap(code => {
- return this.getAccessToken({ code });
- }),
- catchError(err => {
- console.log('(catch erro grant)', err);
- switch (err) {
- case '':
- return this.getAccessToken({
- request_type: 'refreshToken',
- refresh_token: this.grant.refresh_token
- });
- case '':
- err = { type: err };
- }
- throw err;
- }),
- take(1),
- ).subscribe(
- grant => {
- this.AuthorizeRequest = null;
- this.setGrant(grant);
- this.onAuthorize$.next(grant);
- this.authorizeStatus.next(grant);
- },
- this.authorizeStatus.error
- );
- }
- return this.authorizeStatus.pipe(take(1));
- }
- Token() {
- const g = this.grant;
- if (g) {
- return `).Raw("`${g.token_type} ${g.access_token}`;").Raw(`
- }
- return '';
- }
- Unauthorize() {
- // ${this.oauthURI}/api/signout
- window.location.href = `).Raw("this.location('/api/signout').href").Raw(`;
- }
- protected getAccessToken(options: any) {
- if (this.grant) {
- return of(this.grant);
- }
- const params = Object.assign({
- request_type: 'accessToken',
- client_id: this.clientParams.client_id,
- state: this.clientParams.state
- }, options);
- return this.api.http.post<any>(`).Raw("`${this.oauthURI}/oauth2/token`").Raw(`, {},
- Object.assign({}, this.api.httpOptions, { params: params })
- );
- }
- protected setGrant(grant) {
- this.grant = grant;
- // recupera os dados do usuario
- // setTimeout(() => this.getProfile().subscribe(data => this.profile$.next(data)));
- }
- protected location(path = '/oauth2/authorize'): URL {
- // Solicita autorização par ao servidor de autenticacao caso não exista um token e nem um codigo
- const url = new URL(`).Raw("`${this.oauthURI}${path}`").Raw(`);
- Object.keys(this.clientParams).map((k, v) => {
- url.searchParams.append(k, this.clientParams[k]);
- });
- return url;
- }
- protected getAuthCode() {
- return new Observable<string>(ob => {
- const oauth2 = document.createElement('iframe'),
- url = this.location();
- oauth2.id = `).Raw("`iframe-${Math.random().toString(36)}`").Raw(`;
- Object.assign(oauth2.style, {
- position:'fixed',
- top:'-10000px',
- })
- url.searchParams.set('redirect_uri', oauth2.id);
-
- function listenAccessCode(event) {
- // Check sender origin to be trusted
- // if (event.origin !== "http://example.com") return;
- const { type, code } = event.data;
- if (type === 'access_code') {
- // remove o iframe do dom
- oauth2.remove();
- // submete o codigo
- if (code) { ob.next(code); } else { ob.error(event.data); }
- window.removeEventListener('message', listenAccessCode, false);
- }
- }
- window.addEventListener('message', listenAccessCode, false);
-
- oauth2.src = url.href;
-
- document.body.appendChild(oauth2);
- oauth2.onload = () => {
- if (!oauth2.contentDocument) {
- window.postMessage({ type: 'access_code', error: 'unauthorized' }, '*');
- }
- };
-
- });
- }
- `))
- }
- // return new Observable<any>(observer => {
- // // Verifica se existe um usuario logado
- // // Quando o usuario não está logado ele é redirecionado para o servidor de autenticacao
- // if (!(`).Raw(fmt.Sprintf("/\\s%s=([^;]+);?/gm.exec(", p.Auth.AuthTokenID)).Raw("` ${document.cookie}`").Raw(`))) {
- // window.location.href = this.location('/signin').href;
- // }
- // const res = (g, success = true) => {
- // let f;
- // if (success) {
- // observer.next(g);
- // while (f = this.api.poolReady.shift()){
- // f();
- // }
- // } else {
- // observer.error(g);
- // }
- // observer.complete();
- // };
- // // Se existe um token de authorizacao
- // if (this.grant) {
- // this.setGrant(this.grant);
- // res(this.grant);
- // return;
- // }
- // this.getAuthCode().subscribe(
- // code => {
- // const done = (grant) => {
- // this.setGrant(grant);
- // res(this.grant);
- // };
- // this.getAccessToken({
- // code: code
- // }).subscribe(
- // grant => done(grant),
- // _ => {
- // // Falha ao recuperar o token ( não existe ou expirou)
- // this.getAccessToken({
- // request_type: 'refreshToken',
- // refresh_token: this.grant.refresh_token
- // }).subscribe(
- // grant => done(grant),
- // error => res(error, false)
- // );
- // });
- // },
- // // Não conseguiu obter o codigo de autenticacao
- // // acao tomada: redirecionar para a tela de login do sistema
- // error => {
- // // window.location.href = `).Raw("`${this.oauthURI}/signout`").Raw(`;
- // }
- // );
- // });
|