Controllers

KTUSAPS/ClientApp/src/msal.js

@@ -0,0 +1,183 @@
+import * as msal from '@azure/msal-browser'
+import Cookies from 'cookies-js'
+import axios from 'axios'
+
+const ClientIdCookieName = 'ktusakacas'
+const AuthorityCookieName = 'ktusakeksas'
+const TenantCookieName = 'ktusalaimis'
+
+const RequestedScopes = ['openid', 'email', 'profile']
+
+const msalState = {
+  msal: null,
+  clientId: null, // 5931fda0-e9e0-4754-80c2-18bcb9d9561a
+  authority: null, // https://login.microsoftonline.com/3415f2f7-f5a8-4092-b52a-003aaf844853/v2.0
+  tenant: null, // 3415f2f7-f5a8-4092-b52a-003aaf844853,
+  stateChangeCallbacks: [],
+
+  isLoggedIn: false,
+  accessToken: null,
+  idToken: null,
+  email: null,
+  displayName: null,
+
+  debugFullTokenResponse: null,
+}
+
+async function initializeMSAL() {
+  if (msalState.msal != null) {
+    throw new Error('MSAL was attempted to initialize second time')
+  }
+  await __loadAuthParameters()
+  const msalConfig = {
+    auth: {
+      clientId: msalState.clientId,
+      authority: `https://login.microsoftonline.com/${msalState.tenant}`,
+      redirectUri: window.location.protocol + '//' + window.location.host + '/',
+    },
+  }
+
+  msalState.msal = new msal.PublicClientApplication(msalConfig)
+
+  msalState.msal.handleRedirectPromise().then(__handleResponse)
+
+  window.msalState = msalState
+}
+
+export function WatchMsalState(callback) {
+  msalState.stateChangeCallbacks.push(callback)
+  callback()
+}
+
+export function GetMsalState() {
+  return {
+    accessToken: msalState.accessToken,
+    idToken: msalState.idToken,
+    isLoggedIn: msalState.isLoggedIn,
+    debugFullTokenResponse: msalState.debugFullTokenResponse,
+    debugAccountInfo: msalState.debugAccountInfo,
+    email: msalState.email,
+    displayName: msalState.displayName,
+  }
+}
+
+export function LoginMsal() {
+  msalState.msal.loginRedirect({
+    scopes: RequestedScopes,
+  })
+}
+
+export function LogoutMsal() {
+  msalState.msal.logout()
+}
+
+async function __handleResponse(response) {
+  if (response !== null) {
+    if (__isAccountAceptable(response.account)) {
+      msalState.msal.setActiveAccount(response)
+      msalState.debugFullTokenResponse = response
+
+      __responseObjectToMsalState()
+    }
+  } else {
+    msalState.msal
+      .getAllAccounts()
+      .filter(__isAccountAceptable)
+      .forEach(account => {
+        msalState.msal.setActiveAccount(account)
+      })
+
+    const account = msalState.msal.getActiveAccount()
+    if (account != null) {
+      msalState.debugFullTokenResponse = await msalState.msal
+        .acquireTokenSilent({ scopes: RequestedScopes })
+        .catch(error => {
+          if (error instanceof msal.InteractionRequiredAuthError) {
+            // fallback to interaction when silent call fails
+            return msalState.msal.acquireTokenRedirect({
+              scopes: RequestedScopes,
+            })
+          }
+        })
+      __responseObjectToMsalState()
+    }
+  }
+  __stateChanged()
+}
+
+function __responseObjectToMsalState() {
+  msalState.isLoggedIn = true
+  msalState.accessToken = msalState.debugFullTokenResponse.accessToken
+  msalState.idToken = msalState.debugFullTokenResponse.idToken
+  msalState.email = msalState.debugFullTokenResponse.idTokenClaims.email
+  msalState.displayName = msalState.debugFullTokenResponse.idTokenClaims.name
+}
+
+function __isAccountAceptable(account) {
+  if (account.tenantId != msalState.tenant) return false
+  return true
+}
+
+function __stateChanged() {
+  msalState.stateChangeCallbacks.forEach(cb => cb())
+}
+
+function __isLocalStorageAvailable() {
+  try {
+    localStorage.setItem('__lsTest', 'true')
+    const result = localStorage.getItem('__lsTest')
+    localStorage.removeItem('__lsTest')
+    return result == 'true'
+  } catch (e) {
+    return false
+  }
+}
+
+async function __loadAuthParameters() {
+  if (__isLocalStorageAvailable()) {
+    await __loadAuthParametersLocalStorage()
+  } else {
+    await __loadAuthParametersCookies()
+  }
+}
+
+async function __loadAuthParametersLocalStorage() {
+  const clientId = localStorage.getItem(ClientIdCookieName)
+  const authority = localStorage.getItem(AuthorityCookieName)
+  const tenant = localStorage.getItem(TenantCookieName)
+  if (clientId == null || authority == null || tenant == null) {
+    await __fetchAuthParameters()
+    localStorage.setItem(ClientIdCookieName, msalState.clientId)
+    localStorage.setItem(AuthorityCookieName, msalState.authority)
+    localStorage.setItem(TenantCookieName, msalState.tenant)
+  } else {
+    msalState.clientId = clientId
+    msalState.authority = authority
+    msalState.tenant = tenant
+  }
+}
+
+async function __loadAuthParametersCookies() {
+  const clientId = Cookies.get(ClientIdCookieName)
+  const authority = Cookies.get(AuthorityCookieName)
+  const tenant = Cookies.get(TenantCookieName)
+  if (clientId == null || authority == null || tenant == null) {
+    await __fetchAuthParameters()
+    Cookies.set(ClientIdCookieName, msalState.clientId)
+    Cookies.set(AuthorityCookieName, msalState.authority)
+    Cookies.set(TenantCookieName, msalState.tenant)
+  } else {
+    msalState.clientId = clientId
+    msalState.authority = authority
+    msalState.tenant = tenant
+  }
+}
+
+async function __fetchAuthParameters() {
+  var response = await axios.get('/api/AuthMetadata')
+  msalState.clientId = response.data.clientId
+  msalState.authority = response.data.authority
+  msalState.tenant = response.data.tenant
+}
+
+initializeMSAL()