sxhundred/ISA-Frontend
1
0
Fork 0
mirror of https://dev.azure.com/hugendubel/ISA/_git/ISA-Frontend synced 2025-12-28 22:42:11 +01:00
Code Issues Packages Projects Releases Wiki Activity

Enhance authentication flow by improving error handling and validating ID tokens before login

Browse Source
This commit is contained in:
Lorenz Hilpert
2024-11-19 13:42:54 +01:00
parent 0c6f8abbad
commit f30de35d51
3 changed files with 36 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
apps/isa-app/src/app/app.module.ts
View File

@@ -73,19 +73,18 @@ export function _appInitializerFactory(config: Config, injector: Injector) {
statusElement.innerHTML = 'Authentifizierung wird geprüft...';
const auth = injector.get(AuthService);
await auth.init();
if (auth.isAuthenticated()) {
statusElement.innerHTML = 'App wird initialisiert...';
const state = injector.get(RootStateService);
await state.init();
} else {
try {
await auth.init();
} catch (error) {
statusElement.innerHTML = 'Authentifizierung wird durchgeführt...';
const strategy = injector.get(LoginStrategy);
await strategy.login();
}
statusElement.innerHTML = 'App wird initialisiert...';
const state = injector.get(RootStateService);
await state.init();
statusElement.innerHTML = 'Native Container wird initialisiert...';
const nativeContainer = injector.get(NativeContainerService);
await nativeContainer.init();

23
apps/isa-app/src/core/auth/auth.service.ts
View File

@@ -1,10 +1,10 @@
import { coerceArray, coerceStringArray } from '@angular/cdk/coercion';
import { Injectable } from '@angular/core';
import { coerceArray } from '@angular/cdk/coercion';
import { inject, Injectable } from '@angular/core';
import { Config } from '@core/config';
import { isNullOrUndefined } from '@utils/common';
import { AuthConfig, OAuthService } from 'angular-oauth2-oidc';
import { JwksValidationHandler } from 'angular-oauth2-oidc-jwks';
import { asapScheduler, BehaviorSubject } from 'rxjs';
import { BehaviorSubject } from 'rxjs';
@Injectable({
providedIn: 'root',
@@ -26,8 +26,6 @@ export class AuthService {
console.log('SSO Token Expiration:', new Date(this._oAuthService.getAccessTokenExpiration()));
}
});
window['auth'] = this;
}
async init() {
@@ -47,16 +45,25 @@ export class AuthService {
this._oAuthService.setupAutomaticSilentRefresh();
try {
await this._oAuthService.loadDiscoveryDocumentAndTryLogin();
} catch (error) {}
await this._oAuthService.loadDiscoveryDocumentAndTryLogin();
this._initialized.next(true);
}
isAuthenticated() {
return this.isIdTokenValid();
}
isIdTokenValid() {
console.log('ID Token Expiration:', new Date(this._oAuthService.getIdTokenExpiration()));
return this._oAuthService.hasValidIdToken();
}
isAccessTokenValid() {
console.log('ACCESS Token Expiration:', new Date(this._oAuthService.getAccessTokenExpiration()));
return this._oAuthService.hasValidAccessToken();
}
getToken() {
return this._oAuthService.getAccessToken();
}

14
apps/isa-app/src/core/auth/login.strategy.ts
View File

@@ -18,14 +18,26 @@ export class LoginStrategy {
private readonly authService = inject(AuthService);
async login(title = 'Anmeldung') {
console.log('LoginStrategy.login');
let loginModalResult: UiModalResult<boolean>;
if (this.authService.isIdTokenValid()) {
console.log('LoginStrategy.login: idToken is valid');
await this.authService.login();
return;
}
try {
if (this.environmentService.isMobileDevice()) {
console.log('LoginStrategy.login: isMobileDevice');
do {
const loginModal = this.modal.open({
content: UiConfirmModalComponent,
title,
config: {
canClose: false,
},
data: {
message: 'Bitte wählen Sie die Anmeldeoption aus.',
rejectLabel: 'Anmeldung mit Logindaten',
@@ -52,12 +64,14 @@ export class LoginStrategy {
);
if (res.token) {
console.log('LoginStrategy.login: setKeyCardToken', res.token);
this.authService.setKeyCardToken(res.token);
}
}
}
} catch (error) {}
console.log('LoginStrategy.login: login');
await this.authService.login();
}
}