accounts-frontend/packages/app/services/authFlow/AuthFlow.ts

import { browserHistory } from 'app/services/history';
import logger from 'app/services/logger';
import localStorage from 'app/services/localStorage';
import { Store, State as RootState, Dispatch } from 'app/types';
import {
    activate as activateAccount,
    authenticate,
    logoutAll as logout,
    remove as removeAccount,
} from 'app/components/accounts/actions';
import * as actions from 'app/components/auth/actions';
import { updateUser } from 'app/components/user/actions';
import FinishState from './FinishState';

import RegisterState from './RegisterState';
import LoginState from './LoginState';
import InitOAuthAuthCodeFlowState from './InitOAuthAuthCodeFlowState';
import InitOAuthDeviceCodeFlowState from './InitOAuthDeviceCodeFlowState';
import ForgotPasswordState from './ForgotPasswordState';
import RecoverPasswordState from './RecoverPasswordState';
import ActivationState from './ActivationState';
import CompleteState from './CompleteState';
import ChooseAccountState from './ChooseAccountState';
import ResendActivationState from './ResendActivationState';
import State from './State';

interface Request {
    path: string;
    query: URLSearchParams;
    params: Record<string, any>;
}

export const availableActions = {
    updateUser,
    authenticate,
    activateAccount,
    removeAccount,
    logout,
    goBack: actions.goBack,
    redirect: actions.redirect,
    login: actions.login,
    acceptRules: actions.acceptRules,
    forgotPassword: actions.forgotPassword,
    recoverPassword: actions.recoverPassword,
    register: actions.register,
    activate: actions.activate,
    resendActivation: actions.resendActivation,
    contactUs: actions.contactUs,
    setLogin: actions.setLogin,
    setAccountSwitcher: actions.setAccountSwitcher,
    setErrors: actions.setErrors,
    clearErrors: actions.clearErrors,
    oAuthValidate: actions.oAuthValidate,
    oAuthComplete: actions.oAuthComplete,
    setClient: actions.setClient,
    resetOAuth: actions.resetOAuth,
    resetAuth: actions.resetAuth,
    setOAuthRequest: actions.setOAuthRequest,
    setOAuthCode: actions.setOAuthCode,
    requirePermissionsAccept: actions.requirePermissionsAccept,
    setScopes: actions.setScopes,
    setLoadingState: actions.setLoadingState,
};

type ActionId = keyof typeof availableActions;

export interface AuthContext {
    run<T extends ActionId>(actionId: T, payload?: Parameters<typeof availableActions[T]>[0]): Promise<any>; // TODO: can't find a way to explain to TS the returned type
    setState(newState: State): Promise<void> | void; // TODO: always return promise
    getState(): RootState;
    navigate(route: string, options?: { replace?: boolean }): void;
    getRequest(): Request;
    prevState: State;
}

export default class AuthFlow implements AuthContext {
    actions: Readonly<typeof availableActions>;
    state: State;
    prevState: State;
    /**
     * A callback from router, that allows to replace (perform redirect) route
     * during route transition
     */
    replace: ((path: string) => void) | null;
    onReady: () => void;
    navigate: (route: string, options: { replace?: boolean }) => void;
    currentRequest: Partial<Request> = {};
    oAuthStateRestored = false;
    dispatch: Dispatch;
    getState: () => RootState;

    constructor(actions: typeof availableActions) {
        this.actions = Object.freeze(actions);
    }

    setStore(store: Store): void {
        this.navigate = (route: string, options: { replace?: boolean } = {}): void => {
            const { path: currentPath } = this.getRequest();

            if (currentPath !== route) {
                if (currentPath.startsWith('/oauth2/v1') && options.replace === undefined) {
                    options.replace = true;
                }

                if (this.replace) {
                    this.replace(route);
                }

                if (options.replace) {
                    browserHistory.replace(route);
                } else {
                    browserHistory.push(route);
                }
            }

            this.replace = null;
        };

        this.getState = store.getState.bind(store);
        this.dispatch = store.dispatch.bind(store);
    }

    resolve(payload: Record<string, any> = {}) {
        this.state.resolve(this, payload);
    }

    reject(payload: Record<string, any> = {}) {
        this.state.reject(this, payload);
    }

    goBack() {
        this.state.goBack(this);
    }

    run<T extends ActionId>(actionId: T, payload?: Parameters<typeof availableActions[T]>[0]): Promise<any> {
        // @ts-ignore the extended version of redux with thunk will return the correct promise
        return Promise.resolve(this.dispatch(this.actions[actionId](payload)));
    }

    setState(state: State) {
        this.state?.leave(this);
        this.prevState = this.state;
        this.state = state;
        const resp = this.state.enter(this);

        if (resp && resp.then) {
            // this is a state with an async enter phase
            // block route components from mounting, till promise will be resolved
            if (this.onReady) {
                const callback = this.onReady;
                this.onReady = () => {};

                return resp.then(callback, (error) => {
                    logger.error('State transition error', { error });

                    return error;
                });
            }

            return resp;
        }
    }

    getRequest() {
        return {
            path: '',
            query: new URLSearchParams(),
            params: {},
            ...this.currentRequest,
        };
    }

    /**
     * This should be called from onEnter prop of react-router Route component
     */
    handleRequest(request: Request, replace: (path: string) => void, callback: () => void = () => {}): void {
        const { path } = request;
        this.replace = replace;
        this.onReady = callback;

        if (!path) {
            throw new Error('The request.path is required');
        }

        if (this.getRequest().path === path) {
            // we are already handling this path
            this.onReady();

            return;
        }

        this.currentRequest = request;

        if (this.restoreOAuthState()) {
            return;
        }

        switch (path) {
            case '/register':
                this.setState(new RegisterState());
                break;

            case '/forgot-password':
                this.setState(new ForgotPasswordState());
                break;

            case '/resend-activation':
                this.setState(new ResendActivationState());
                break;

            case '/choose-account':
                this.setState(new ChooseAccountState());
                break;

            case '/code':
                this.setState(new InitOAuthDeviceCodeFlowState());
                break;

            case '/oauth/finish':
                this.setState(new FinishState());
                break;

            case '/':
            case '/login':
            case '/password':
            case '/mfa':
            case '/accept-rules':
            case '/oauth/permissions':
            case '/oauth/choose-account':
                this.setState(new LoginState());
                break;

            default:
                switch (
                    path.replace(/(.)\/.+/, '$1') // use only first part of an url
                ) {
                    case '/oauth2':
                        this.setState(new InitOAuthAuthCodeFlowState());
                        break;
                    case '/activation':
                        this.setState(new ActivationState());
                        break;
                    case '/recover-password':
                        this.setState(new RecoverPasswordState());
                        break;

                    default:
                        replace('/404');
                        break;
                }
        }

        this.onReady();
    }

    /**
     * Tries to restore last oauth request, if it was stored in localStorage
     * in last 2 hours
     *
     * @returns {bool} - whether oauth state is being restored
     */
    private restoreOAuthState(): boolean {
        if (this.oAuthStateRestored) {
            return false;
        }

        this.oAuthStateRestored = true;

        if (/^\/(register|oauth2)/.test(this.getRequest().path)) {
            // allow register or the new oauth requests
            return false;
        }

        try {
            // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
            const data = JSON.parse(localStorage.getItem('oauthData')!);
            const expirationTime = 2 * 60 * 60 * 1000; // 2h

            if (Date.now() - data.timestamp < expirationTime) {
                this.run('oAuthValidate', data.payload)
                    .then(() => this.setState(new CompleteState()))
                    .then(() => this.onReady());

                return true;
            }
        } catch (err) {
            /* bad luck :( */
        }

        return false;
    }
}
Create app namespace for all absolute requires of app modules. Move all packages under packages yarn workspace 2019-12-07 21:02:00 +02:00			`import { browserHistory } from 'app/services/history';`
			`import logger from 'app/services/logger';`
			`import localStorage from 'app/services/localStorage';`
Improve typings for AuthFlow and mark some future TODOs 2024-08-28 13:07:23 +02:00			`import { Store, State as RootState, Dispatch } from 'app/types';`
			`import {`
			`activate as activateAccount,`
			`authenticate,`
			`logoutAll as logout,`
			`remove as removeAccount,`
			`} from 'app/components/accounts/actions';`
			`import * as actions from 'app/components/auth/actions';`
			`import { updateUser } from 'app/components/user/actions';`
Initial device code flow implementation 2024-12-10 20:42:06 +01:00			`import FinishState from './FinishState';`
#169: remove unhandled promise rejections in tests. Added loging for that cases 2016-12-06 23:08:51 +02:00
Auth flow. The next 2016-03-01 22:36:14 +02:00			`import RegisterState from './RegisterState';`
			`import LoginState from './LoginState';`
Initial device code flow implementation 2024-12-10 20:42:06 +01:00			`import InitOAuthAuthCodeFlowState from './InitOAuthAuthCodeFlowState';`
			`import InitOAuthDeviceCodeFlowState from './InitOAuthDeviceCodeFlowState';`
Auth flow. The next 2016-03-01 22:36:14 +02:00			`import ForgotPasswordState from './ForgotPasswordState';`
#26: forgot/restore password frontend logic 2016-05-14 23:53:58 +03:00			`import RecoverPasswordState from './RecoverPasswordState';`
#125: make activation page available for all guests and innactive users 2016-06-05 15:06:14 +03:00			`import ActivationState from './ActivationState';`
Improve oauth state restore logic 2016-08-27 13:19:02 +03:00			`import CompleteState from './CompleteState';`
#389: allow switch accounts, when refreshToken is invalid. Fix oauth in case, when refreshToken is invalid 2018-02-17 21:59:35 +02:00			`import ChooseAccountState from './ChooseAccountState';`
#97: frontend for repeat activation functionality 2016-05-22 21:58:43 +03:00			`import ResendActivationState from './ResendActivationState';`
Improve typings for AuthFlow and mark some future TODOs 2024-08-28 13:07:23 +02:00			`import State from './State';`
#85: allow activation pages for all visitors 2017-06-07 23:22:51 +03:00
Initial device code flow implementation 2024-12-10 20:42:06 +01:00			`interface Request {`
Change prettier rules 2020-05-24 02:08:24 +03:00			`path: string;`
			`query: URLSearchParams;`
			`params: Record<string, any>;`
Initial device code flow implementation 2024-12-10 20:42:06 +01:00			`}`
#305: fix linting errors after installing flow plugin for eslint. Improve Authflow#run() typing 2017-09-09 18:04:26 +03:00
Improve typings for AuthFlow and mark some future TODOs 2024-08-28 13:07:23 +02:00			`export const availableActions = {`
			`updateUser,`
			`authenticate,`
			`activateAccount,`
			`removeAccount,`
			`logout,`
			`goBack: actions.goBack,`
			`redirect: actions.redirect,`
			`login: actions.login,`
			`acceptRules: actions.acceptRules,`
			`forgotPassword: actions.forgotPassword,`
			`recoverPassword: actions.recoverPassword,`
			`register: actions.register,`
			`activate: actions.activate,`
			`resendActivation: actions.resendActivation,`
			`contactUs: actions.contactUs,`
			`setLogin: actions.setLogin,`
			`setAccountSwitcher: actions.setAccountSwitcher,`
			`setErrors: actions.setErrors,`
			`clearErrors: actions.clearErrors,`
			`oAuthValidate: actions.oAuthValidate,`
			`oAuthComplete: actions.oAuthComplete,`
			`setClient: actions.setClient,`
			`resetOAuth: actions.resetOAuth,`
			`resetAuth: actions.resetAuth,`
			`setOAuthRequest: actions.setOAuthRequest,`
			`setOAuthCode: actions.setOAuthCode,`
			`requirePermissionsAccept: actions.requirePermissionsAccept,`
			`setScopes: actions.setScopes,`
			`setLoadingState: actions.setLoadingState,`
			`};`

			`type ActionId = keyof typeof availableActions;`
#305: fix linting errors after installing flow plugin for eslint. Improve Authflow#run() typing 2017-09-09 18:04:26 +03:00
#305: add mfa step during auth 2017-08-22 21:39:08 +03:00			`export interface AuthContext {`
Improve typings for AuthFlow and mark some future TODOs 2024-08-28 13:07:23 +02:00			`run<T extends ActionId>(actionId: T, payload?: Parameters<typeof availableActions[T]>[0]): Promise<any>; // TODO: can't find a way to explain to TS the returned type`
			`setState(newState: State): Promise<void> \| void; // TODO: always return promise`
Change prettier rules 2020-05-24 02:08:24 +03:00			`getState(): RootState;`
			`navigate(route: string, options?: { replace?: boolean }): void;`
			`getRequest(): Request;`
Improve typings for AuthFlow and mark some future TODOs 2024-08-28 13:07:23 +02:00			`prevState: State;`
#305: add mfa step during auth 2017-08-22 21:39:08 +03:00			`}`

			`export default class AuthFlow implements AuthContext {`
Improve typings for AuthFlow and mark some future TODOs 2024-08-28 13:07:23 +02:00			`actions: Readonly<typeof availableActions>;`
			`state: State;`
			`prevState: State;`
Change prettier rules 2020-05-24 02:08:24 +03:00			`/**`
			`* A callback from router, that allows to replace (perform redirect) route`
			`* during route transition`
			`*/`
			`replace: ((path: string) => void) \| null;`
			`onReady: () => void;`
			`navigate: (route: string, options: { replace?: boolean }) => void;`
			`currentRequest: Partial<Request> = {};`
			`oAuthStateRestored = false;`
Improve typings for AuthFlow and mark some future TODOs 2024-08-28 13:07:23 +02:00			`dispatch: Dispatch;`
Change prettier rules 2020-05-24 02:08:24 +03:00			`getState: () => RootState;`

Improve typings for AuthFlow and mark some future TODOs 2024-08-28 13:07:23 +02:00			`constructor(actions: typeof availableActions) {`
Change prettier rules 2020-05-24 02:08:24 +03:00			`this.actions = Object.freeze(actions);`
			`}`
Базовые тесты для authFlow. Осталось покрыть navigate и смену стейтов 2016-04-12 06:49:58 +03:00
Change prettier rules 2020-05-24 02:08:24 +03:00			`setStore(store: Store): void {`
			`this.navigate = (route: string, options: { replace?: boolean } = {}): void => {`
			`const { path: currentPath } = this.getRequest();`
Базовые тесты для authFlow. Осталось покрыть navigate и смену стейтов 2016-04-12 06:49:58 +03:00
Change prettier rules 2020-05-24 02:08:24 +03:00			`if (currentPath !== route) {`
			`if (currentPath.startsWith('/oauth2/v1') && options.replace === undefined) {`
			`options.replace = true;`
			`}`
Auth flow. The next 2016-03-01 22:36:14 +02:00
Change prettier rules 2020-05-24 02:08:24 +03:00			`if (this.replace) {`
			`this.replace(route);`
			`}`
Auth flow. The next 2016-03-01 22:36:14 +02:00
Initial device code flow implementation 2024-12-10 20:42:06 +01:00			`if (options.replace) {`
			`browserHistory.replace(route);`
			`} else {`
			`browserHistory.push(route);`
			`}`
Change prettier rules 2020-05-24 02:08:24 +03:00			`}`
Auth flow. The next 2016-03-01 22:36:14 +02:00
Change prettier rules 2020-05-24 02:08:24 +03:00			`this.replace = null;`
			`};`
Auth flow. The next 2016-03-01 22:36:14 +02:00
Change prettier rules 2020-05-24 02:08:24 +03:00			`this.getState = store.getState.bind(store);`
			`this.dispatch = store.dispatch.bind(store);`
			`}`
Auth flow. The next 2016-03-01 22:36:14 +02:00
Improve typings for AuthFlow and mark some future TODOs 2024-08-28 13:07:23 +02:00			`resolve(payload: Record<string, any> = {}) {`
Change prettier rules 2020-05-24 02:08:24 +03:00			`this.state.resolve(this, payload);`
			`}`
#365: Redirect user to login page, when token can not be refreshed. Further improvement of auth errors handling 2017-12-30 21:04:31 +02:00
Improve typings for AuthFlow and mark some future TODOs 2024-08-28 13:07:23 +02:00			`reject(payload: Record<string, any> = {}) {`
Change prettier rules 2020-05-24 02:08:24 +03:00			`this.state.reject(this, payload);`
			`}`
Auth flow. The next 2016-03-01 22:36:14 +02:00
Change prettier rules 2020-05-24 02:08:24 +03:00			`goBack() {`
			`this.state.goBack(this);`
Auth flow. The next 2016-03-01 22:36:14 +02:00			`}`

Improve typings for AuthFlow and mark some future TODOs 2024-08-28 13:07:23 +02:00			`run<T extends ActionId>(actionId: T, payload?: Parameters<typeof availableActions[T]>[0]): Promise<any> {`
			`// @ts-ignore the extended version of redux with thunk will return the correct promise`
			`return Promise.resolve(this.dispatch(this.actions[actionId](payload)));`
Auth flow. The next 2016-03-01 22:36:14 +02:00			`}`

Improve typings for AuthFlow and mark some future TODOs 2024-08-28 13:07:23 +02:00			`setState(state: State) {`
Initial device code flow implementation 2024-12-10 20:42:06 +01:00			`this.state?.leave(this);`
Change prettier rules 2020-05-24 02:08:24 +03:00			`this.prevState = this.state;`
			`this.state = state;`
			`const resp = this.state.enter(this);`
Add prettier and re-configure lint according to current best practises 2019-11-27 11:03:32 +02:00
Change prettier rules 2020-05-24 02:08:24 +03:00			`if (resp && resp.then) {`
			`// this is a state with an async enter phase`
			`// block route components from mounting, till promise will be resolved`
			`if (this.onReady) {`
			`const callback = this.onReady;`
			`this.onReady = () => {};`
Add prettier and re-configure lint according to current best practises 2019-11-27 11:03:32 +02:00
Change prettier rules 2020-05-24 02:08:24 +03:00			`return resp.then(callback, (error) => {`
			`logger.error('State transition error', { error });`
Cover oauth with e2e tests and fix some old and newly introduced bugs 2019-12-26 14:18:58 +02:00
Change prettier rules 2020-05-24 02:08:24 +03:00			`return error;`
			`});`
			`}`
Show 404 for unknown authFlow requests. Pass {path, query, params} as first argument to authFlow#handleRequest 2016-08-07 16:54:59 +03:00
Change prettier rules 2020-05-24 02:08:24 +03:00			`return resp;`
			`}`
Add prettier and re-configure lint according to current best practises 2019-11-27 11:03:32 +02:00			`}`
Change prettier rules 2020-05-24 02:08:24 +03:00
			`getRequest() {`
			`return {`
			`path: '',`
			`query: new URLSearchParams(),`
			`params: {},`
			`...this.currentRequest,`
			`};`
Add prettier and re-configure lint according to current best practises 2019-11-27 11:03:32 +02:00			`}`
Improve AuthFlow request handling logic 2016-06-15 09:01:41 +03:00
Change prettier rules 2020-05-24 02:08:24 +03:00			`/**`
			`* This should be called from onEnter prop of react-router Route component`
			`*/`
Initial device code flow implementation 2024-12-10 20:42:06 +01:00			`handleRequest(request: Request, replace: (path: string) => void, callback: () => void = () => {}): void {`
Change prettier rules 2020-05-24 02:08:24 +03:00			`const { path } = request;`
			`this.replace = replace;`
			`this.onReady = callback;`

			`if (!path) {`
			`throw new Error('The request.path is required');`
			`}`

			`if (this.getRequest().path === path) {`
			`// we are already handling this path`
			`this.onReady();`
Improve AuthFlow request handling logic 2016-06-15 09:01:41 +03:00
Change prettier rules 2020-05-24 02:08:24 +03:00			`return;`
			`}`
Improve oauth state restore logic 2016-08-27 13:19:02 +03:00
Change prettier rules 2020-05-24 02:08:24 +03:00			`this.currentRequest = request;`
#129: do not render app, if we are on oauth request, that resolves to redirect 2016-06-02 20:46:49 +03:00
Change prettier rules 2020-05-24 02:08:24 +03:00			`if (this.restoreOAuthState()) {`
			`return;`
			`}`
#188: persist oauth data if if user tries to register during oauth 2016-08-11 22:20:14 +03:00
Change prettier rules 2020-05-24 02:08:24 +03:00			`switch (path) {`
			`case '/register':`
			`this.setState(new RegisterState());`
			`break;`

			`case '/forgot-password':`
			`this.setState(new ForgotPasswordState());`
			`break;`

			`case '/resend-activation':`
			`this.setState(new ResendActivationState());`
			`break;`

			`case '/choose-account':`
			`this.setState(new ChooseAccountState());`
			`break;`

Initial device code flow implementation 2024-12-10 20:42:06 +01:00			`case '/code':`
			`this.setState(new InitOAuthDeviceCodeFlowState());`
			`break;`

			`case '/oauth/finish':`
			`this.setState(new FinishState());`
			`break;`

Change prettier rules 2020-05-24 02:08:24 +03:00			`case '/':`
			`case '/login':`
			`case '/password':`
			`case '/mfa':`
			`case '/accept-rules':`
			`case '/oauth/permissions':`
			`case '/oauth/choose-account':`
			`this.setState(new LoginState());`
			`break;`

			`default:`
			`switch (`
			`path.replace(/(.)\/.+/, '$1') // use only first part of an url`
			`) {`
			`case '/oauth2':`
Initial device code flow implementation 2024-12-10 20:42:06 +01:00			`this.setState(new InitOAuthAuthCodeFlowState());`
Change prettier rules 2020-05-24 02:08:24 +03:00			`break;`
			`case '/activation':`
			`this.setState(new ActivationState());`
			`break;`
			`case '/recover-password':`
			`this.setState(new RecoverPasswordState());`
			`break;`

			`default:`
			`replace('/404');`
			`break;`
			`}`
Fix register route blocked by oauth state restoration feature 2016-10-25 09:01:51 +03:00			`}`
Временный фикс для процесса авторизации (Свят, это нужно будет подлатать) 2016-10-25 02:40:05 +03:00
Change prettier rules 2020-05-24 02:08:24 +03:00			`this.onReady();`
Add more auth/oauth/multi-acc related test cases 2019-12-28 11:28:25 +02:00			`}`

Change prettier rules 2020-05-24 02:08:24 +03:00			`/**`
			`* Tries to restore last oauth request, if it was stored in localStorage`
			`* in last 2 hours`
			`*`
			`* @returns {bool} - whether oauth state is being restored`
			`*/`
			`private restoreOAuthState(): boolean {`
			`if (this.oAuthStateRestored) {`
			`return false;`
			`}`
Add more auth/oauth/multi-acc related test cases 2019-12-28 11:28:25 +02:00
Change prettier rules 2020-05-24 02:08:24 +03:00			`this.oAuthStateRestored = true;`
Fix the rest of the tests 2019-12-29 18:26:51 +02:00
Change prettier rules 2020-05-24 02:08:24 +03:00			`if (/^\/(register\|oauth2)/.test(this.getRequest().path)) {`
			`// allow register or the new oauth requests`
			`return false;`
			`}`
#188: persist oauth data if if user tries to register during oauth 2016-08-11 22:20:14 +03:00
Change prettier rules 2020-05-24 02:08:24 +03:00			`try {`
			`// eslint-disable-next-line @typescript-eslint/no-non-null-assertion`
			`const data = JSON.parse(localStorage.getItem('oauthData')!);`
			`const expirationTime = 2 * 60 * 60 * 1000; // 2h`
Improve oauth state restore logic 2016-08-27 13:19:02 +03:00
Change prettier rules 2020-05-24 02:08:24 +03:00			`if (Date.now() - data.timestamp < expirationTime) {`
			`this.run('oAuthValidate', data.payload)`
			`.then(() => this.setState(new CompleteState()))`
			`.then(() => this.onReady());`
Add prettier and re-configure lint according to current best practises 2019-11-27 11:03:32 +02:00
Change prettier rules 2020-05-24 02:08:24 +03:00			`return true;`
			`}`
			`} catch (err) {`
			`/* bad luck :( */`
			`}`

			`return false;`
			`}`
Auth flow. The next 2016-03-01 22:36:14 +02:00			`}`