Added handling for session expiration. Fixed for document height issu…

…e in Safari. (#772)
Azure · Jul 22, 2020 · f61bf64 · f61bf64
1 parent 99788cf
commit f61bf64
Show file tree

Hide file tree

Showing 17 changed files with 121 additions and 48 deletions.
diff --git a/src/apim.design.module.ts b/src/apim.design.module.ts
@@ -51,7 +51,7 @@ import { ChangePasswordModule } from "./components/users/change-password/ko/chan
 import { ChangePasswordEditorModule } from "./components/users/change-password/ko/changePasswordEditor.module";
 import { TenantService } from "./services/tenantService";
 import { ValidationSummaryModule } from "./components/users/validation-summary/validationSummary.module";
-import { ValidationSummaryDesignModule} from "./components/users/validation-summary/validationSummary.design.module"
+import { ValidationSummaryDesignModule } from "./components/users/validation-summary/validationSummary.design.module"
 import { BackendService } from "./services/backendService";
 import { StaticRoleService } from "./services/roleService";
 import { ProvisionService } from "./services/provisioningService";
@@ -109,7 +109,7 @@ export class ApimDesignModule implements IInjectorModule {
         injector.bindSingleton("app", App);
         injector.bindSingleton("logger", ConsoleLogger);
         injector.bindSingleton("blobStorage", AzureBlobStorage);
-        injector.bindSingleton("tenantService", TenantService);        
+        injector.bindSingleton("tenantService", TenantService);
         injector.bindSingleton("backendService", BackendService);
         injector.bindSingleton("roleService", StaticRoleService);
         injector.bindSingleton("provisioningService", ProvisionService);
@@ -119,7 +119,7 @@ export class ApimDesignModule implements IInjectorModule {
         injector.bindSingleton("authenticator", DefaultAuthenticator);
         injector.bindSingleton("objectStorage", MapiObjectStorage);
         injector.bindToCollection("routeGuards", UnsavedChangesRouteGuard);
-        injector.bindInstance("reservedPermalinks", Constants.reservedPermalinks);       
+        injector.bindInstance("reservedPermalinks", Constants.reservedPermalinks);
         injector.bindSingleton("oauthService", OAuthService);
     }
 }
diff --git a/src/apim.runtime.module.ts b/src/apim.runtime.module.ts
@@ -55,7 +55,7 @@ import { ResetPassword } from "./components/users/reset-password/ko/runtime/rese
 import { ConfirmPassword } from "./components/users/confirm-password/ko/runtime/confirm-password";
 import { ChangePassword } from "./components/users/change-password/ko/runtime/change-password";
 import { Reports } from "./components/reports/ko/runtime/reports";
-import { UnhandledErrorHandler } from "./services/unhandledErrorHandler";
+import { UnhandledErrorHandler } from "./errors/unhandledErrorHandler";
 import { ProductListDropdown } from "./components/products/product-list/ko/runtime/product-list-dropdown";
 import { ValidationSummary } from "./components/users/validation-summary/ko/runtime/validation-summary";
 import { TypeDefinitionViewModel } from "./components/operations/operation-details/ko/runtime/type-definition";

diff --git a/src/components/content/content.ts b/src/components/content/content.ts
@@ -4,6 +4,8 @@ import { Component } from "@paperbits/common/ko/decorators";
 import { HttpClient } from "@paperbits/common/http";
 import { Logger } from "@paperbits/common/logging";
 import { IAuthenticator } from "../../authentication/IAuthenticator";
+import { AppError } from "./../../errors/appError";
+import { MapiError } from "../../errors/mapiError";
 
 
 @Component({
@@ -21,11 +23,25 @@ export class ContentWorkshop {
     }
 
     public async publish(): Promise<void> {
-        try {
-            this.logger.traceEvent("Click: Publish website");
+        this.logger.traceEvent("Click: Publish website");
+
+        if (!await this.authenticator.isAuthenticated()) {
+            throw new AppError("Cannot publish website", new MapiError("Unauthorized", "You're not authorized."));
+        }
 
+        try {
             const accessToken = await this.authenticator.getAccessToken();
-            await this.httpClient.send({ url: "/publish", method: "POST", headers: [{ name: "Authorization", value: accessToken }] });
+
+            const response = await this.httpClient.send({
+                url: "/publish",
+                method: "POST",
+                headers: [{ name: "Authorization", value: accessToken }]
+            });
+
+            if (response.statusCode !== 200) {
+                throw MapiError.fromResponse(response);
+            }
+
             this.viewManager.notifySuccess("Operations", `The website is being published...`);
             this.viewManager.closeWorkshop("content-workshop");
         }

diff --git a/src/components/defaultAuthenticator.ts b/src/components/defaultAuthenticator.ts
@@ -11,11 +11,13 @@ export class DefaultAuthenticator implements IAuthenticator {
         });
     }
 
-    public async setAccessToken(accessToken: string): Promise<void> {        
-        return new Promise<void>((resolve) => {
-            sessionStorage.setItem("accessToken", accessToken);
-            resolve();
-        });
+    public async setAccessToken(accessToken: string): Promise<void> {
+        if (!this.isTokenValid(accessToken)) {
+            console.warn(`Cannot set invalid or expired access token.`);
+            return;
+        }
+
+        sessionStorage.setItem("accessToken", accessToken);
     }
 
     public async refreshAccessTokenFromHeader(responseHeaders: HttpHeader[] = []): Promise<string> {
@@ -32,12 +34,12 @@ export class DefaultAuthenticator implements IAuthenticator {
                 const accessToken = `SharedAccessSignature ${accessTokenHeader.value}`;
                 const current = sessionStorage.getItem("accessToken");
                 if (current !== accessToken) {
-                    sessionStorage.setItem("accessToken", accessToken);                
+                    sessionStorage.setItem("accessToken", accessToken);
                     resolve(accessToken);
                     return;
                 }
             }
-            
+
             resolve(undefined);
         });
     }
@@ -117,4 +119,16 @@ export class DefaultAuthenticator implements IAuthenticator {
             throw new Error(`Access token format is not valid. Please use "Bearer" or "SharedAccessSignature".`);
         }
     }
+
+    private isTokenValid(accessToken: string): boolean {
+        try {
+            const parsedToken = this.parseAccessToken(accessToken);
+            const utcNow = Utils.getUtcDateTime();
+
+            return (utcNow < parsedToken.expires);
+        }
+        catch (error) {
+            return false;
+        }
+    }
 }
diff --git a/src/components/users/signin-social/ko/runtime/signin-aad-b2c.ts b/src/components/users/signin-social/ko/runtime/signin-aad-b2c.ts
@@ -1,4 +1,3 @@
-import { MapiError } from "./../../../../../services/mapiError";
 import * as ko from "knockout";
 import template from "./signin-aad-b2c.html";
 import { Component, RuntimeComponent, OnMounted, Param } from "@paperbits/common/ko/decorators";

diff --git a/src/components/users/signin/ko/runtime/signin.ts b/src/components/users/signin/ko/runtime/signin.ts
@@ -4,7 +4,7 @@ import template from "./signin.html";
 import { EventManager } from "@paperbits/common/events";
 import { Component, RuntimeComponent, OnMounted, Param } from "@paperbits/common/ko/decorators";
 import { UsersService } from "../../../../../services/usersService";
-import { MapiError } from "../../../../../services/mapiError";
+import { MapiError } from "../../../../../errors/mapiError";
 import { ValidationReport } from "../../../../../contracts/validationReport";
 import { RouteHelper } from "../../../../../routing/routeHelper";
 import { Router } from "@paperbits/common/routing/router";

diff --git a/src/errors/appError.ts b/src/errors/appError.ts
@@ -0,0 +1,13 @@
+export class AppError extends Error {
+    constructor(
+        public readonly message: string,
+        public readonly innerError?: Error
+    ) {
+        super();
+        Object.setPrototypeOf(this, AppError.prototype);
+    }
+
+    public toString(): string {
+        return `${this.stack} `;
+    }
+}
diff --git a/src/errors/index.ts b/src/errors/index.ts
@@ -0,0 +1,3 @@
+export * from "./appError";
+export * from "./sessionExpirationErrorHandler";
+export * from "./unhandledErrorHandler";
diff --git a/src/services/mapiError.ts → src/errors/mapiError.ts b/src/services/mapiError.ts → src/errors/mapiError.ts
diff --git a/src/errors/sessionExpirationErrorHandler.ts b/src/errors/sessionExpirationErrorHandler.ts
@@ -0,0 +1,30 @@
+import { ViewManager } from "@paperbits/common/ui";
+import { EventManager } from "@paperbits/common/events";
+
+
+export class SessionExpirationErrorHandler {
+    constructor(private readonly viewManager: ViewManager, eventManager: EventManager) {
+        eventManager.addEventListener("error", this.handlerError.bind(this));
+        window.addEventListener("unhandledrejection", this.handlerPromiseRejection.bind(this), true);
+    }
+
+    private handleSessionExpiration(error: any): void {
+        if (error?.innerError?.code !== "Unauthorized") {
+            return;
+        }
+
+        event.stopImmediatePropagation();
+        this.viewManager.hideToolboxes();
+        this.viewManager.addToast("Session expired", `Please re-authenticate through Azure portal.`);
+        this.viewManager.setShutter();
+        return;
+    }
+
+    public handlerError(event: ErrorEvent): void {
+        this.handleSessionExpiration(event.error);
+    }
+
+    public handlerPromiseRejection(event: PromiseRejectionEvent): void {
+        this.handleSessionExpiration(event.reason);
+    }
+}
diff --git a/src/services/unhandledErrorHandler.ts → src/errors/unhandledErrorHandler.ts b/src/services/unhandledErrorHandler.ts → src/errors/unhandledErrorHandler.ts
@@ -1,13 +1,11 @@
-import { Router } from "@paperbits/common/routing";
 import { Logger } from "@paperbits/common/logging";
-import { pageUrl500 } from "../constants";
+
 
 export class UnhandledErrorHandler {
     constructor(
-        private readonly logger: Logger,
-        private readonly router: Router
+        private readonly logger: Logger
     ) {
-        window.addEventListener("error", this.handlerError.bind(this), true);
+        window.addEventListener("error", this.handlerError.bind(this), true,);
         window.addEventListener("unhandledrejection", this.handlerPromiseRejection.bind(this), true);
     }
 
@@ -16,6 +14,7 @@ export class UnhandledErrorHandler {
     }
 
     public handlerPromiseRejection(event: PromiseRejectionEvent): void {
+        debugger;
         this.logger.traceError(event.reason);
     }
 }
diff --git a/src/persistence/mapiObjectStorage.ts b/src/persistence/mapiObjectStorage.ts
@@ -5,6 +5,7 @@ import { MapiClient } from "../services/mapiClient";
 import { Page } from "../models/page";
 import { HttpHeader } from "@paperbits/common/http";
 import { ArmResource } from "../contracts/armResource";
+import { AppError } from "../errors";
 
 
 const localizedContentTypes = ["page", "layout", "blogpost", "navigation", "block"];
@@ -25,7 +26,7 @@ export class MapiObjectStorage implements IObjectStorage {
             return contentType;
         }
 
-        throw new Error(`Could not determine content type by resource: ${resource}`);
+        throw new AppError(`Could not determine content type by resource: ${resource}`);
     }
 
     private delocalizeBlock(contract: any): void {
@@ -112,7 +113,7 @@ export class MapiObjectStorage implements IObjectStorage {
                 break;
 
             default:
-                throw new Error(`Unknown content type: "${mapiContentType}"`);
+                throw new AppError(`Unknown content type: "${mapiContentType}"`);
         }
 
         let key = contentType;
@@ -192,7 +193,7 @@ export class MapiObjectStorage implements IObjectStorage {
                 break;
 
             default:
-                // throw new Error(`Unknown content type: "${contentType}"`);
+                // throw new AppError(`Unknown content type: "${contentType}"`);
                 return key;
         }
 
@@ -214,7 +215,7 @@ export class MapiObjectStorage implements IObjectStorage {
             await this.mapiClient.put<T>(resource, headers, converted);
         }
         catch (error) {
-            throw new Error(`Could not add object '${path}'. Error: ${error.message}`);
+            throw new AppError(`Could not add object '${path}'.`, error);
         }
     }
 
@@ -249,11 +250,11 @@ export class MapiObjectStorage implements IObjectStorage {
             return converted;
         }
         catch (error) {
-            if (error && error.code === "ResourceNotFound") {
+            if (error?.code === "ResourceNotFound") {
                 return null;
             }
 
-            throw new Error(`Could not get object '${key}'. Error: ${error.message}`);
+            throw new AppError(`Could not get object '${key}'.`, error);
         }
     }
 
@@ -267,7 +268,7 @@ export class MapiObjectStorage implements IObjectStorage {
             await this.mapiClient.delete(resource, headers);
         }
         catch (error) {
-            throw new Error(`Could not delete object '${path}'. Error: ${error.message}`);
+            throw new AppError(`Could not delete object '${path}'.`, error);
         }
     }
 
@@ -315,11 +316,11 @@ export class MapiObjectStorage implements IObjectStorage {
             exists = true;
         }
         catch (error) {
-            if (error && error.code === "ResourceNotFound") {
+            if (error?.code === "ResourceNotFound") {
                 exists = false;
             }
             else {
-                throw new Error(`Could not update object '${key}'. Error: ${error.message}`);
+                throw new AppError(`Could not update object '${key}'.`, error);
             }
         }
 
@@ -333,7 +334,7 @@ export class MapiObjectStorage implements IObjectStorage {
             await this.mapiClient.put<T>(resource, headers, armContract);
         }
         catch (error) {
-            throw new Error(`Could not update object '${key}'. Error: ${error.message}`);
+            throw new AppError(`Could not update object '${key}'.`, error);
         }
     }
 
@@ -368,7 +369,7 @@ export class MapiObjectStorage implements IObjectStorage {
                             break;
 
                         default:
-                            throw new Error(`Cannot translate operator into OData query.`);
+                            throw new AppError(`Cannot translate operator into OData query.`);
                     }
                 }
 
@@ -401,7 +402,7 @@ export class MapiObjectStorage implements IObjectStorage {
             }
         }
         catch (error) {
-            throw new Error(`Could not search object '${key}'. Error: ${error.message}`);
+            throw new AppError(`Could not search object '${key}'. Error: ${error.message}`, error);
         }
     }
 

diff --git a/src/services/mapiClient.ts b/src/services/mapiClient.ts
@@ -4,7 +4,7 @@ import { ISettingsProvider } from "@paperbits/common/configuration";
 import { Utils } from "../utils";
 import { TtlCache } from "./ttlCache";
 import { HttpClient, HttpRequest, HttpResponse, HttpMethod, HttpHeader } from "@paperbits/common/http";
-import { MapiError } from "./mapiError";
+import { MapiError } from "../errors/mapiError";
 import { IAuthenticator } from "../authentication/IAuthenticator";
 import { KnownHttpHeaders } from "../models/knownHttpHeaders";
 
@@ -153,10 +153,10 @@ export class MapiClient {
             console.error("Refresh token error: ", error);
         }
 
-        return this.handleResponse<T>(response, httpRequest.url);
+        return await this.handleResponse<T>(response, httpRequest.url);
     }
 
-    private handleResponse<T>(response: HttpResponse<T>, url: string): T {
+    private async handleResponse<T>(response: HttpResponse<T>, url: string): Promise<T> {
         let contentType = "";
 
         if (response.headers) {
@@ -174,13 +174,13 @@ export class MapiClient {
                 return <any>text;
             }
         } else {
-            this.handleError(response, url);
+            await this.handleError(response, url);
         }
     }
 
-    private handleError(errorResponse: HttpResponse<any>, requestedUrl: string): void {
+    private async handleError(errorResponse: HttpResponse<any>, requestedUrl: string): Promise<void> {
         if (errorResponse.statusCode === 429) {
-            throw new MapiError("to_many_logins", "Too many attempts. Please try later.");
+            throw new MapiError("too_many_logins", "Too many attempts. Please try later.");
         }
 
         if (errorResponse.statusCode === 401) {
@@ -194,11 +194,6 @@ export class MapiClient {
                     throw new MapiError("invalid_identity", "Invalid email or password.");
                 }
             }
-
-            if (this.environment === "production") {
-                window.location.assign("/signin");
-                return;
-            }
         }
 
         const error = this.createMapiError(errorResponse.statusCode, requestedUrl, () => errorResponse.toObject().error);

diff --git a/src/services/oauthService.ts b/src/services/oauthService.ts
@@ -9,6 +9,7 @@ import { AuthorizationServer } from "../models/authorizationServer";
 import { PageContract } from "../contracts/page";
 import { OpenIdConnectProviderContract } from "../contracts/openIdConnectProvider";
 import { OpenIdConnectProvider } from "./../models/openIdConnectProvider";
+import { AppError } from "../errors";
 
 export class OAuthService {
     constructor(
@@ -22,7 +23,7 @@ export class OAuthService {
             return pageOfAuthservers.value.map(authServer => new OpenIdConnectProvider(authServer));
         }
         catch (error) {
-            throw new Error(`Unable to fetch configured authorization servers.`);
+            throw new AppError(`Unable to fetch configured authorization servers.`, error);
         }
     }