Fix loop scenario when the login page is not present in silent login (#…

…6512) * fix loop scenario when the login page is not present in silent login * fix build * fix * remove isECM * fix unit * fix
Alfresco · Jan 11, 2021 · 8e12e51 · 8e12e51
1 parent 62cec5c
commit 8e12e51
Show file tree

Hide file tree

Showing 7 changed files with 88 additions and 36 deletions.
diff --git a/lib/cli/package-lock.json b/lib/cli/package-lock.json
diff --git a/lib/core/services/auth-guard-base.ts b/lib/core/services/auth-guard-base.ts
@@ -35,11 +35,6 @@ import { Observable } from 'rxjs';
 
 export abstract class AuthGuardBase implements CanActivate, CanActivateChild {
 
-    abstract checkLogin(
-        activeRoute: ActivatedRouteSnapshot,
-        redirectUrl: string
-    ): Observable<boolean | UrlTree> | Promise<boolean | UrlTree> | boolean | UrlTree;
-
     protected get withCredentials(): boolean {
         return this.appConfigService.get<boolean>(
             'auth.withCredentials',
@@ -55,14 +50,20 @@ export abstract class AuthGuardBase implements CanActivate, CanActivateChild {
         private storageService: StorageService
     ) {
     }
+ls;
+
+    abstract checkLogin(
+        activeRoute: ActivatedRouteSnapshot,
+        redirectUrl: string
+    ): Observable<boolean | UrlTree> | Promise<boolean | UrlTree> | boolean | UrlTree;
 
     canActivate(
         route: ActivatedRouteSnapshot,
         state: RouterStateSnapshot
     ): Observable<boolean | UrlTree> | Promise<boolean | UrlTree> | boolean | UrlTree {
 
         const redirectFragment = this.storageService.getItem('loginFragment');
-        if (this.authenticationService.isEcmLoggedIn() || this.withCredentials) {
+        if (this.authenticationService.isLoggedIn() || this.withCredentials) {
             if (redirectFragment) {
                 this.storageService.removeItem('loginFragment');
                 return this.router.createUrlTree([redirectFragment]);
@@ -85,20 +86,34 @@ export abstract class AuthGuardBase implements CanActivate, CanActivateChild {
     ): Observable<boolean | UrlTree> | Promise<boolean | UrlTree> | boolean | UrlTree {
         return this.canActivate(route, state);
     }
-
     protected redirectToUrl(provider: string, url: string) {
         const pathToLogin = `/${this.getLoginRoute()}`;
         let urlToRedirect;
+
+        this.dialog.closeAll();
+
         if (!this.authenticationService.isOauth()) {
             this.authenticationService.setRedirect({ provider, url });
 
             urlToRedirect = `${pathToLogin}?redirectUrl=${url}`;
+            this.router.navigateByUrl(urlToRedirect);
+        } else if (this.getOauthConfig().silentLogin && !this.authenticationService.isPublicUrl()) {
+            this.authenticationService.ssoImplicitLogin();
         } else {
             urlToRedirect = pathToLogin;
+            this.router.navigateByUrl(urlToRedirect);
         }
 
-        this.dialog.closeAll();
-        this.router.navigateByUrl(urlToRedirect);
+    }
+
+    protected getOauthConfig(): OauthConfigModel {
+        return (
+            this.appConfigService &&
+            this.appConfigService.get<OauthConfigModel>(
+                AppConfigValues.OAUTHCONFIG,
+                null
+            )
+        );
     }
 
     protected getLoginRoute(): string {

diff --git a/lib/core/services/auth-guard-bpm.service.spec.ts b/lib/core/services/auth-guard-bpm.service.spec.ts
@@ -51,6 +51,28 @@ describe('AuthGuardService BPM', () => {
         appConfigService.config.oauth2 = {};
     });
 
+    it('should redirect url if the alfresco js api is NOT logged in and isOAuth with silentLogin', async(() => {
+        spyOn(router, 'navigateByUrl').and.stub();
+        spyOn(authService, 'isBpmLoggedIn').and.returnValue(false);
+        spyOn(authService, 'isOauth').and.returnValue(true);
+        spyOn(authService, 'isPublicUrl').and.returnValue(false);
+        spyOn(authService, 'ssoImplicitLogin').and.stub();
+
+        appConfigService.config.oauth2 = {
+            silentLogin: true,
+            host: 'http://localhost:6543',
+            redirectUri: '/',
+            clientId: 'activiti',
+            publicUrl: 'settings',
+            scope: 'openid'
+        };
+
+        const route: RouterStateSnapshot = <RouterStateSnapshot>  {url : 'abc'};
+
+        expect(authGuard.canActivate(null, route)).toBeFalsy();
+        expect(authService.ssoImplicitLogin).toHaveBeenCalledTimes(1);
+    }));
+
     it('if the alfresco js api is logged in should canActivate be true', async(() => {
         spyOn(authService, 'isBpmLoggedIn').and.returnValue(true);
         const route: RouterStateSnapshot = <RouterStateSnapshot>  {url : 'some-url'};

diff --git a/lib/core/services/auth-guard-ecm.service.spec.ts b/lib/core/services/auth-guard-ecm.service.spec.ts
@@ -98,7 +98,6 @@ describe('AuthGuardService ECM', () => {
     }));
 
     it('should redirect url if the alfresco js api is NOT logged in and isOAuth with silentLogin', async(() => {
-        spyOn(router, 'navigateByUrl').and.stub();
         spyOn(authService, 'isEcmLoggedIn').and.returnValue(false);
         spyOn(authService, 'isOauth').and.returnValue(true);
         spyOn(authService, 'isPublicUrl').and.returnValue(false);
@@ -115,8 +114,7 @@ describe('AuthGuardService ECM', () => {
 
         const route: RouterStateSnapshot = <RouterStateSnapshot>  {url : 'abc'};
 
-        expect(authGuard.canActivate(null, route)).toBeTruthy();
-        expect(router.navigateByUrl).toHaveBeenCalledTimes(1);
+        expect(authGuard.canActivate(null, route)).toBeFalsy();
         expect(authService.ssoImplicitLogin).toHaveBeenCalledTimes(1);
     }));
 

diff --git a/lib/core/services/auth-guard-ecm.service.ts b/lib/core/services/auth-guard-ecm.service.ts
@@ -39,11 +39,12 @@ export class AuthGuardEcm extends AuthGuardBase {
     }
 
     checkLogin(_: ActivatedRouteSnapshot, redirectUrl: string): boolean {
-        this.redirectToUrl('ECM', redirectUrl);
-        if (!this.authenticationService.isEcmLoggedIn() && this.isSilentLogin() && !this.authenticationService.isPublicUrl()) {
-            this.authenticationService.ssoImplicitLogin();
+        if (this.authenticationService.isEcmLoggedIn() || this.withCredentials) {
             return true;
         }
+
+        this.redirectToUrl('ECM', redirectUrl);
+
         return false;
     }
 }
diff --git a/lib/core/services/auth-guard.service.spec.ts b/lib/core/services/auth-guard.service.spec.ts
@@ -97,13 +97,13 @@ describe('AuthGuardService', () => {
     }));
 
     it('should NOT redirect url if the User is NOT logged in and isOAuth but with silentLogin configured', async(async () => {
-        spyOn(router, 'navigateByUrl').and.stub();
+        spyOn(authService, 'ssoImplicitLogin').and.stub();
         spyOn(authService, 'isLoggedIn').and.returnValue(false);
         spyOn(authService, 'isOauth').and.returnValue(true);
         appConfigService.config.oauth2.silentLogin = true;
 
         expect(await authGuard.canActivate(null, state)).toBeFalsy();
-        expect(router.navigateByUrl).toHaveBeenCalled();
+        expect(authService.ssoImplicitLogin).toHaveBeenCalledTimes(1);
     }));
 
     it('should set redirect url', async(async () => {

diff --git a/package.json b/package.json
@@ -71,7 +71,7 @@
     "process services-cloud"
   ],
   "dependencies": {
-    "@alfresco/js-api": "4.2.0-126c761a797fba998241ab7c464fb8b55f1cca8b",
+    "@alfresco/js-api": "4.3.0-fc33b5aba2cdfe131d2f061049691b5e5b6fe59b",
     "@angular/animations": "^10.0.4",
     "@angular/cdk": "10.1.3",
     "@angular/common": "^10.0.4",
@@ -105,8 +105,8 @@
     "zone.js": "~0.10.2"
   },
   "devDependencies": {
-    "@alfresco/adf-cli": "4.1.0",
-    "@alfresco/adf-testing": "4.1.0",
+    "@alfresco/adf-cli": "4.2.0",
+    "@alfresco/adf-testing": "4.2.0",
     "@angular-devkit/build-angular": "^0.1001.7",
     "@angular-devkit/build-ng-packagr": "~0.1002.0",
     "@angular/cli": "^10.2.0",