import { Injectable } from '@angular/core';
import { HttpEvent, HttpInterceptor, HttpHandler, HttpRequest, HttpErrorResponse } from '@angular/common/http';
import { Observable } from "rxjs/Observable";
import { Adal4Service } from '../adal/adal4.service';
import { Router } from '@angular/router';
@Injectable()
export class AuthInterceptor implements HttpInterceptor {
constructor(
private adalService: Adal4Service,
private router: Router
) { }
intercept(request: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
const resource = this.adalService.GetResourceForEndpoint(request.url);
let authenticatedCall: Observable<HttpEvent<any>>;
if (resource) {
if (this.adalService.userInfo.authenticated) {
authenticatedCall = this.adalService.acquireToken(resource)
.flatMap((token: string) => {
request = request.clone({
setHeaders: {
Authorization: `Bearer ${token}`
}
});
return next.handle(request).catch(this.handleError);
});
}
else {
this.adalService.refreshDataFromCache();
authenticatedCall = Observable.throw(new Error('User Not Authenticated.'));
}
}
else { authenticatedCall = next.handle(request).catch(this.handleError); }
return authenticatedCall;
}
private handleError(err: HttpErrorResponse): Observable<any> {
if (err.status === 401 || err.status === 403) {
console.log(err.message);
this.router.navigate(['dataService'], {});
return Observable.of(err.message);
}
// handle your auth error or rethrow
return Observable.throw(err);
}
}
Adal4Interceptor
import { Injectable } from '@angular/core';
import { HttpRequest, HttpHandler, HttpEvent, HttpInterceptor } from '@angular/common/http';
import { Observable } from 'rxjs/Observable';
import { Adal4Service } from './adal4.service';
@Injectable()
export class Adal4Interceptor implements HttpInterceptor {
constructor(public adal4Service: Adal4Service) { }
intercept(request: HttpRequest<any>, next: HttpHandler): Observable<HttpEvent<any>> {
request = request.clone({
setHeaders: {
Authorization: `Bearer ${this.adal4Service.userInfo.token}`
}
});
return next.handle(request);
}
}
adal4service
import { Injectable } from '@angular/core';
import { Observable } from 'rxjs';
import { Adal4User } from './adal4-user';
import * as adalLib from 'adal-angular';
import { adal } from 'adal-angular';
import User = adal.User;
@Injectable()
export class Adal4Service {
private adalContext: adal.AuthenticationContext;
private adal4User: Adal4User = {
authenticated: false,
username: '',
error: '',
token: '',
profile: {}
};
constructor() { }
public init(configOptions: adal.Config) {
if (!configOptions) {
throw new Error('You must set config, when calling init.');
}
const existingHash = window.location.hash;
let pathDefault = window.location.href;
if (existingHash) {
pathDefault = pathDefault.replace(existingHash, '');
}
configOptions.redirectUri = configOptions.redirectUri || pathDefault;
configOptions.postLogoutRedirectUri = configOptions.postLogoutRedirectUri || pathDefault;
this.adalContext = adalLib.inject(configOptions);
window.AuthenticationContext = this.adalContext.constructor;
this.updateDataFromCache(this.adalContext.config.loginResource);
}
public get config(): adal.Config {
return this.adalContext.config;
}
public get userInfo(): Adal4User {
return this.adal4User;
}
public login(): void {
this.adalContext.login();
}
public loginInProgress(): boolean {
return this.adalContext.loginInProgress();
}
public logOut(): void {
this.adalContext.logOut();
}
public handleWindowCallback(): void {
const hash = window.location.hash;
if (this.adalContext.isCallback(hash)) {
const requestInfo = this.adalContext.getRequestInfo(hash);
this.adalContext.saveTokenFromHash(requestInfo);
if (requestInfo.requestType === this.adalContext.REQUEST_TYPE.LOGIN) {
this.updateDataFromCache(this.adalContext.config.loginResource);
} else if (requestInfo.requestType === this.adalContext.REQUEST_TYPE.RENEW_TOKEN) {
this.adalContext.callback = window.parent.callBackMappedToRenewStates[requestInfo.stateResponse];
}
if (requestInfo.stateMatch) {
if (typeof this.adalContext.callback === 'function') {
if (requestInfo.requestType === this.adalContext.REQUEST_TYPE.RENEW_TOKEN) {
if (requestInfo.parameters['access_token']) {
this.adalContext.callback(this.adalContext._getItem(this.adalContext.CONSTANTS.STORAGE.ERROR_DESCRIPTION)
, requestInfo.parameters['access_token']);
}
else if (requestInfo.parameters['error']) {
this.adalContext.callback(this.adalContext._getItem(this.adalContext.CONSTANTS.STORAGE.ERROR_DESCRIPTION), null);
this.adalContext._renewFailed = true;
}
}
}
}
}
if (window.location.hash) {
window.location.href = window.location.href.replace(window.location.hash, '');
}
}
public getCachedToken(resource: string): string {
return this.adalContext.getCachedToken(resource);
}
public acquireToken(resource: string) {
const _this = this;
let errorMessage: string;
return Observable.bindCallback(acquireTokenInternal, function (token: string) {
if (!token && errorMessage) {
throw (errorMessage);
}
return token;
})();
function acquireTokenInternal(cb: any) {
let s: string = null;
_this.adalContext.acquireToken(resource, (error: string, tokenOut: string) => {
if (error) {
_this.adalContext.error('Error when acquiring token for resource: ' + resource, error);
errorMessage = error;
cb(<string>null);
} else {
cb(tokenOut);
s = tokenOut;
}
});
return s;
}
}
public getUser(): Observable<any> {
return Observable.bindCallback((cb: (u: adal.User) => User) => {
this.adalContext.getUser(function (error: string, user: adal.User) {
if (error) {
this.adalContext.error('Error when getting user', error);
cb(null);
} else {
cb(user);
}
});
})();
}
public clearCache(): void {
this.adalContext.clearCache();
}
public clearCacheForResource(resource: string): void {
this.adalContext.clearCacheForResource(resource);
}
public info(message: string): void {
this.adalContext.info(message);
}
public verbose(message: string): void {
this.adalContext.verbose(message);
}
public GetResourceForEndpoint(url: string): string {
return this.adalContext.getResourceForEndpoint(url);
}
public refreshDataFromCache() {
this.updateDataFromCache(this.adalContext.config.loginResource);
}
private updateDataFromCache(resource: string): void {
const token = this.adalContext.getCachedToken(resource);
this.adal4User.authenticated = token !== null && token.length > 0;
const user = this.adalContext.getCachedUser() || { userName: '', profile: undefined };
if (user) {
this.adal4User.username = user.userName;
this.adal4User.profile = user.profile;
this.adal4User.token = token;
this.adal4User.error = this.adalContext.getLoginError();
} else {
this.adal4User.username = '';
this.adal4User.profile = {};
this.adal4User.token = '';
this.adal4User.error = '';
}
};
}
Adal4User
export class Adal4User { authenticated: boolean; username: string; error: string; profile: any; token: string; }
adal-angular.d
declare var AuthenticationContext: adal.AuthenticationContextStatic; declare namespace adal { interface Config { tenant?: string; clientId: string; redirectUri?: string; instance?: string; endpoints?: any; popUp?: boolean; localLoginUrl?: string; displayCall?: (urlNavigate: string) => any; postLogoutRedirectUri?: string; cacheLocation?: string; anonymousEndpoints?: string[]; expireOffsetSeconds?: number; correlationId?: string; loginResource?: string; resource?: string; extraQueryParameter?: string; navigateToLoginRequestUrl?: boolean; } interface User { userName: string; profile: any; } interface RequestInfo { valid: boolean; parameters: any; stateMatch: boolean; stateResponse: string; requestType: string; } interface AuthenticationContextStatic { new (config: Config): AuthenticationContext; } interface AuthenticationContext { CONSTANTS: any; REQUEST_TYPE: { LOGIN: string, RENEW_TOKEN: string, UNKNOWN: string }; callback: any; _getItem: any; _renewFailed: any; instance: string; config: Config; login(): void; loginInProgress(): boolean; getCachedToken(resource: string): string; getCachedUser(): User; registerCallback(expectedState: string, resource: string, callback: (message: string, token: string) => any): void; acquireToken(resource: string, callback: (message: string, token: string) => any): void; promptUser(urlNavigate: string): void; clearCache(): void; clearCacheForResource(resource: string): void; logOut(): void; getUser(callback: (message: string, user?: User) => any): void; isCallback(hash: string): boolean; getLoginError(): string; getRequestInfo(hash: string): RequestInfo; saveTokenFromHash(requestInfo: RequestInfo): void; getResourceForEndpoint(endpoint: string): string; handleWindowCallback(): void; log(level: number, message: string, error: any): void; error(message: string, error: any): void; warn(message: string): void; info(message: string): void; verbose(message: string): void; } } interface Window { AuthenticationContext: any; callBackMappedToRenewStates: any; }
logged-in.guard
import { Injectable } from '@angular/core';
import { CanActivate, ActivatedRouteSnapshot, RouterStateSnapshot } from '@angular/router';
import { Adal4Service } from './adal4.service';
@Injectable()
export class LoggedInGuard implements CanActivate{
constructor(private adalService: Adal4Service,
) {
}
canActivate(
route: ActivatedRouteSnapshot,
state: RouterStateSnapshot
): boolean {
this.adalService.handleWindowCallback();
if (this.adalService.userInfo.authenticated) {
return true;
} else {
this.adalService.login();
return false;
}
}
}