polygerrit-ui/app/elements/shared/gr-rest-api-interface/gr-auth.js - gerrit - Git at Google

 // Copyright (C) 2017 The Android Open Source Project
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 // http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.
 (function(window) {
   'use strict';

   // Prevent redefinition.
   if (window.Gerrit.Auth) { return; }

   const MAX_GET_TOKEN_RETRIES = 2;

   Gerrit.Auth = {
     TYPE: {
       XSRF_TOKEN: 'xsrf_token',
       ACCESS_TOKEN: 'access_token',
     },

     _type: null,
     _cachedTokenPromise: null,
     _defaultOptions: {},
     _retriesLeft: MAX_GET_TOKEN_RETRIES,

     _getToken() {
       return Promise.resolve(this._cachedTokenPromise);
     },

     /**
      * Enable cross-domain authentication using OAuth access token.
      *
      * @param {
      *   function(): !Promise<{
      *     access_token: string,
      *     expires_at: number
      *   }>
      * } getToken
      * @param {?{credentials:string}} defaultOptions
      */
     setup(getToken, defaultOptions) {
       this._retriesLeft = MAX_GET_TOKEN_RETRIES;
       if (getToken) {
         this._type = Gerrit.Auth.TYPE.ACCESS_TOKEN;
         this._cachedTokenPromise = null;
         this._getToken = getToken;
       }
       this._defaultOptions = {};
       if (defaultOptions) {
         for (const p of ['credentials']) {
           this._defaultOptions[p] = defaultOptions[p];
         }
       }
     },

     /**
      * Perform network fetch with authentication.
      *
      * @param {string} url
      * @param {Object=} opt_options
      * @return {!Promise<!Response>}
      */
     fetch(url, opt_options) {
       const options = Object.assign({
         headers: new Headers(),
       }, this._defaultOptions, opt_options);
       if (this._type === Gerrit.Auth.TYPE.ACCESS_TOKEN) {
         return this._getAccessToken().then(
             accessToken => this._fetchWithAccessToken(url, options, accessToken)
         );
       } else {
         return this._fetchWithXsrfToken(url, options);
       }
     },

     _getCookie(name) {
       const key = name + '=';
       let result = '';
       document.cookie.split(';').some(c => {
         c = c.trim();
         if (c.startsWith(key)) {
           result = c.substring(key.length);
           return true;
         }
       });
       return result;
     },

     _isTokenValid(token) {
       if (!token) { return false; }
       if (!token.access_token || !token.expires_at) { return false; }

       const expiration = new Date(parseInt(token.expires_at, 10) * 1000);
       if (Date.now() >= expiration.getTime()) { return false; }

       return true;
     },

     _fetchWithXsrfToken(url, options) {
       if (options.method && options.method !== 'GET') {
         const token = this._getCookie('XSRF_TOKEN');
         if (token) {
           options.headers.append('X-Gerrit-Auth', token);
         }
       }
       options.credentials = 'same-origin';
       return fetch(url, options);
     },

     /**
      * @return {!Promise<string>}
      */
     _getAccessToken() {
       if (!this._cachedTokenPromise) {
         this._cachedTokenPromise = this._getToken();
       }
       return this._cachedTokenPromise.then(token => {
         if (this._isTokenValid(token)) {
           this._retriesLeft = MAX_GET_TOKEN_RETRIES;
           return token.access_token;
         }
         if (this._retriesLeft > 0) {
           this._retriesLeft--;
           this._cachedTokenPromise = null;
           return this._getAccessToken();
         }
         // Fall back to anonymous access.
         return null;
       });
     },

     _fetchWithAccessToken(url, options, accessToken) {
       const params = [];

       if (accessToken) {
         params.push(`access_token=${accessToken}`);
         const baseUrl = Gerrit.BaseUrlBehavior.getBaseUrl();
         const pathname = baseUrl ?
               url.substring(url.indexOf(baseUrl) + baseUrl.length) : url;
         if (!pathname.startsWith('/a/')) {
           url = url.replace(pathname, '/a' + pathname);
         }
       }

       const method = options.method || 'GET';
       let contentType = options.headers.get('Content-Type');

       // For all requests with body, ensure json content type.
       if (!contentType && options.body) {
         contentType = 'application/json';
       }

       if (method !== 'GET') {
         options.method = 'POST';
         params.push(`$m=${method}`);
         // If a request is not GET, and does not have a body, ensure text/plain
         // content type.
         if (!contentType) {
           contentType = 'text/plain';
         }
       }

       if (contentType) {
         options.headers.set('Content-Type', 'text/plain');
         params.push(`$ct=${encodeURIComponent(contentType)}`);
       }

       if (params.length) {
         url = url + (url.indexOf('?') === -1 ? '?' : '&') + params.join('&');
       }
       return fetch(url, options);
     },
   };

   window.Gerrit.Auth = Gerrit.Auth;
 })(window);
	// Copyright (C) 2017 The Android Open Source Project
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.
	(function(window) {
	'use strict';

	// Prevent redefinition.
	if (window.Gerrit.Auth) { return; }

	const MAX_GET_TOKEN_RETRIES = 2;

	Gerrit.Auth = {
	TYPE: {
	XSRF_TOKEN: 'xsrf_token',
	ACCESS_TOKEN: 'access_token',
	},

	_type: null,
	_cachedTokenPromise: null,
	_defaultOptions: {},
	_retriesLeft: MAX_GET_TOKEN_RETRIES,

	_getToken() {
	return Promise.resolve(this._cachedTokenPromise);
	},

	/**
	* Enable cross-domain authentication using OAuth access token.
	*
	* @param {
	* function(): !Promise<{
	* access_token: string,
	* expires_at: number
	* }>
	* } getToken
	* @param {?{credentials:string}} defaultOptions
	*/
	setup(getToken, defaultOptions) {
	this._retriesLeft = MAX_GET_TOKEN_RETRIES;
	if (getToken) {
	this._type = Gerrit.Auth.TYPE.ACCESS_TOKEN;
	this._cachedTokenPromise = null;
	this._getToken = getToken;
	}
	this._defaultOptions = {};
	if (defaultOptions) {
	for (const p of ['credentials']) {
	this._defaultOptions[p] = defaultOptions[p];
	}
	}
	},

	/**
	* Perform network fetch with authentication.
	*
	* @param {string} url
	* @param {Object=} opt_options
	* @return {!Promise<!Response>}
	*/
	fetch(url, opt_options) {
	const options = Object.assign({
	headers: new Headers(),
	}, this._defaultOptions, opt_options);
	if (this._type === Gerrit.Auth.TYPE.ACCESS_TOKEN) {
	return this._getAccessToken().then(
	accessToken => this._fetchWithAccessToken(url, options, accessToken)
	);
	} else {
	return this._fetchWithXsrfToken(url, options);
	}
	},

	_getCookie(name) {
	const key = name + '=';
	let result = '';
	document.cookie.split(';').some(c => {
	c = c.trim();
	if (c.startsWith(key)) {
	result = c.substring(key.length);
	return true;
	}
	});
	return result;
	},

	_isTokenValid(token) {
	if (!token) { return false; }
	if (!token.access_token \|\| !token.expires_at) { return false; }

	const expiration = new Date(parseInt(token.expires_at, 10) * 1000);
	if (Date.now() >= expiration.getTime()) { return false; }

	return true;
	},

	_fetchWithXsrfToken(url, options) {
	if (options.method && options.method !== 'GET') {
	const token = this._getCookie('XSRF_TOKEN');
	if (token) {
	options.headers.append('X-Gerrit-Auth', token);
	}
	}
	options.credentials = 'same-origin';
	return fetch(url, options);
	},

	/**
	* @return {!Promise<string>}
	*/
	_getAccessToken() {
	if (!this._cachedTokenPromise) {
	this._cachedTokenPromise = this._getToken();
	}
	return this._cachedTokenPromise.then(token => {
	if (this._isTokenValid(token)) {
	this._retriesLeft = MAX_GET_TOKEN_RETRIES;
	return token.access_token;
	}
	if (this._retriesLeft > 0) {
	this._retriesLeft--;
	this._cachedTokenPromise = null;
	return this._getAccessToken();
	}
	// Fall back to anonymous access.
	return null;
	});
	},

	_fetchWithAccessToken(url, options, accessToken) {
	const params = [];

	if (accessToken) {
	params.push(`access_token=${accessToken}`);
	const baseUrl = Gerrit.BaseUrlBehavior.getBaseUrl();
	const pathname = baseUrl ?
	url.substring(url.indexOf(baseUrl) + baseUrl.length) : url;
	if (!pathname.startsWith('/a/')) {
	url = url.replace(pathname, '/a' + pathname);
	}
	}

	const method = options.method \|\| 'GET';
	let contentType = options.headers.get('Content-Type');

	// For all requests with body, ensure json content type.
	if (!contentType && options.body) {
	contentType = 'application/json';
	}

	if (method !== 'GET') {
	options.method = 'POST';
	params.push(`$m=${method}`);
	// If a request is not GET, and does not have a body, ensure text/plain
	// content type.
	if (!contentType) {
	contentType = 'text/plain';
	}
	}

	if (contentType) {
	options.headers.set('Content-Type', 'text/plain');
	params.push(`$ct=${encodeURIComponent(contentType)}`);
	}

	if (params.length) {
	url = url + (url.indexOf('?') === -1 ? '?' : '&') + params.join('&');
	}
	return fetch(url, options);
	},
	};

	window.Gerrit.Auth = Gerrit.Auth;
	})(window);