diff --git a/angular.json b/angular.json index 4a8e92bd5..b02163de4 100644 --- a/angular.json +++ b/angular.json @@ -27,8 +27,13 @@ "lint": { "builder": "@angular-devkit/build-angular:tslint", "options": { - "tsConfig": ["libs/ui/tsconfig.lib.json", "libs/ui/tsconfig.spec.json"], - "exclude": ["**/node_modules/**"] + "tsConfig": [ + "libs/ui/tsconfig.lib.json", + "libs/ui/tsconfig.spec.json" + ], + "exclude": [ + "**/node_modules/**" + ] } } } @@ -48,8 +53,15 @@ "main": "apps/sales/src/main.ts", "polyfills": "apps/sales/src/polyfills.ts", "tsConfig": "apps/sales/tsconfig.app.json", - "assets": ["apps/sales/src/favicon.ico", "apps/sales/src/assets", "apps/sales/src/manifest.webmanifest"], - "styles": ["apps/sales/src/styles.scss"], + "assets": [ + "apps/sales/src/favicon.ico", + "apps/sales/src/assets", + "apps/sales/src/manifest.webmanifest", + "apps/sales/src/silent-refresh.html" + ], + "styles": [ + "apps/sales/src/styles.scss" + ], "scripts": [] }, "configurations": { @@ -132,16 +144,27 @@ "polyfills": "apps/sales/src/polyfills.ts", "tsConfig": "apps/sales/tsconfig.spec.json", "karmaConfig": "apps/sales/karma.conf.js", - "styles": ["apps/sales/src/styles.scss"], + "styles": [ + "apps/sales/src/styles.scss" + ], "scripts": [], - "assets": ["apps/sales/src/favicon.ico", "apps/sales/src/assets", "apps/sales/src/manifest.webmanifest"] + "assets": [ + "apps/sales/src/favicon.ico", + "apps/sales/src/assets", + "apps/sales/src/manifest.webmanifest" + ] } }, "lint": { "builder": "@angular-devkit/build-angular:tslint", "options": { - "tsConfig": ["apps/sales/tsconfig.app.json", "apps/sales/tsconfig.spec.json"], - "exclude": ["**/node_modules/**"] + "tsConfig": [ + "apps/sales/tsconfig.app.json", + "apps/sales/tsconfig.spec.json" + ], + "exclude": [ + "**/node_modules/**" + ] } } } @@ -170,7 +193,9 @@ "builder": "@angular-devkit/build-angular:tslint", "options": { "tsConfig": "apps/sales-e2e/tsconfig.e2e.json", - "exclude": ["**/node_modules/**"] + "exclude": [ + "**/node_modules/**" + ] } } } @@ -199,8 +224,13 @@ "lint": { "builder": "@angular-devkit/build-angular:tslint", "options": { - "tsConfig": ["libs/swagger/tsconfig.lib.json", "libs/swagger/tsconfig.spec.json"], - "exclude": ["**/node_modules/**"] + "tsConfig": [ + "libs/swagger/tsconfig.lib.json", + "libs/swagger/tsconfig.spec.json" + ], + "exclude": [ + "**/node_modules/**" + ] } } } @@ -229,8 +259,13 @@ "lint": { "builder": "@angular-devkit/build-angular:tslint", "options": { - "tsConfig": ["libs/mock/tsconfig.lib.json", "libs/mock/tsconfig.spec.json"], - "exclude": ["**/node_modules/**"] + "tsConfig": [ + "libs/mock/tsconfig.lib.json", + "libs/mock/tsconfig.spec.json" + ], + "exclude": [ + "**/node_modules/**" + ] } } } @@ -259,8 +294,13 @@ "lint": { "builder": "@angular-devkit/build-angular:tslint", "options": { - "tsConfig": ["libs/shared/tsconfig.lib.json", "libs/shared/tsconfig.spec.json"], - "exclude": ["**/node_modules/**"] + "tsConfig": [ + "libs/shared/tsconfig.lib.json", + "libs/shared/tsconfig.spec.json" + ], + "exclude": [ + "**/node_modules/**" + ] } } } @@ -289,12 +329,17 @@ "lint": { "builder": "@angular-devkit/build-angular:tslint", "options": { - "tsConfig": ["libs/sso/tsconfig.lib.json", "libs/sso/tsconfig.spec.json"], - "exclude": ["**/node_modules/**"] + "tsConfig": [ + "libs/sso/tsconfig.lib.json", + "libs/sso/tsconfig.spec.json" + ], + "exclude": [ + "**/node_modules/**" + ] } } } } }, "defaultProject": "sales" -} +} \ No newline at end of file diff --git a/apps/sales/src/silent-refresh.html b/apps/sales/src/silent-refresh.html new file mode 100644 index 000000000..c0ebb5423 --- /dev/null +++ b/apps/sales/src/silent-refresh.html @@ -0,0 +1,9 @@ + + + + + + + diff --git a/libs/sso/src/lib/configuration/oauth-prod.config.ts b/libs/sso/src/lib/configuration/oauth-prod.config.ts index d0c3e7494..78f26cec1 100755 --- a/libs/sso/src/lib/configuration/oauth-prod.config.ts +++ b/libs/sso/src/lib/configuration/oauth-prod.config.ts @@ -14,9 +14,12 @@ export const authConfig: AuthConfig = { oidc: true, + // URL of the SPA to redirect the user after silent refresh + silentRefreshRedirectUri: window.location.origin + '/silent-refresh.html', + // set the scope for the permissions the client should request // The first three are defined by OIDC. The 4th is a usecase-specific one scope: // tslint:disable-next-line: max-line-length - 'openid profile cmf_user isa-isa-webapi isa-checkout-webapi isa-cat-webapi isa-ava-webapi isa-crm-webapi isa-review-webapi isa-kpi-webapi isa-oms-webapi isa-nbo-webapi isa-print-webapi eis-service' + 'openid profile cmf_user isa-isa-webapi isa-checkout-webapi isa-cat-webapi isa-ava-webapi isa-crm-webapi isa-review-webapi isa-kpi-webapi isa-oms-webapi isa-nbo-webapi isa-print-webapi eis-service isa-inv-webapi' }; diff --git a/libs/sso/src/lib/configuration/oauth.config.ts b/libs/sso/src/lib/configuration/oauth.config.ts index 0cf00e94c..4f1f38ebc 100755 --- a/libs/sso/src/lib/configuration/oauth.config.ts +++ b/libs/sso/src/lib/configuration/oauth.config.ts @@ -14,9 +14,12 @@ export const authConfig: AuthConfig = { oidc: true, + // URL of the SPA to redirect the user after silent refresh + silentRefreshRedirectUri: window.location.origin + '/silent-refresh.html', + // set the scope for the permissions the client should request // The first three are defined by OIDC. The 4th is a usecase-specific one scope: // tslint:disable-next-line: max-line-length - 'openid profile cmf_user isa-isa-webapi isa-checkout-webapi isa-cat-webapi isa-ava-webapi isa-crm-webapi isa-review-webapi isa-kpi-webapi isa-oms-webapi isa-nbo-webapi isa-print-webapi eis-service' + 'openid profile cmf_user isa-isa-webapi isa-checkout-webapi isa-cat-webapi isa-ava-webapi isa-crm-webapi isa-review-webapi isa-kpi-webapi isa-oms-webapi isa-nbo-webapi isa-print-webapi eis-service isa-inv-webapi' }; diff --git a/libs/sso/src/lib/sso.service.ts b/libs/sso/src/lib/sso.service.ts index c7cf7cdef..5deb88e6a 100644 --- a/libs/sso/src/lib/sso.service.ts +++ b/libs/sso/src/lib/sso.service.ts @@ -13,6 +13,10 @@ export class SsoService { this.oauthService.configure(this.externalService.getConfigurations()); this.oauthService.tokenValidationHandler = new JwksValidationHandler(); + if (!!this.oauthService.silentRefreshRedirectUri) { + this.oauthService.setupAutomaticSilentRefresh(); + } + return this.oauthService.loadDiscoveryDocumentAndTryLogin().then(_ => { const hasIdToken = !!this.getIdToken(); const hasAccessToken = !!this.getToken();