From a350f766dcd8e04d34b5c5cc662e16e38947e407 Mon Sep 17 00:00:00 2001 From: skitterm Date: Wed, 19 Sep 2018 17:07:47 -0700 Subject: [PATCH] #295: SSL property added to UserSession class. SSL calculated in completeOAuth2 and used in to/fromCredential. --- packages/arcgis-rest-auth/src/UserSession.ts | 22 ++++++++++++++++++- packages/arcgis-rest-auth/src/fetch-token.ts | 2 ++ .../arcgis-rest-auth/test/UserSession.test.ts | 19 +++++++++++----- 3 files changed, 37 insertions(+), 6 deletions(-) diff --git a/packages/arcgis-rest-auth/src/UserSession.ts b/packages/arcgis-rest-auth/src/UserSession.ts index c302b70630..b3cf580d97 100644 --- a/packages/arcgis-rest-auth/src/UserSession.ts +++ b/packages/arcgis-rest-auth/src/UserSession.ts @@ -165,6 +165,11 @@ export interface IUserSessionOptions { */ portal?: string; + /** + * Whether requests should be made exlusively over HTTPS. + */ + ssl?: boolean; + /** * ArcGIS Authentication is used by default. Specifying an alternative will take users directly to the corresponding provider's OAuth page. */ @@ -215,6 +220,11 @@ export class UserSession implements IAuthenticationManager { */ readonly portal: string; + /** + * Whether requests should be made exlusively over HTTPS. + */ + readonly ssl: boolean; + /** * The authentication provider to use. */ @@ -301,6 +311,7 @@ export class UserSession implements IAuthenticationManager { this._token = options.token; this._tokenExpires = options.tokenExpires; this.portal = options.portal || "https://www.arcgis.com/sharing/rest"; + this.ssl = options.ssl; this.provider = options.provider || "arcgis"; this.tokenDuration = options.tokenDuration || 20160; this.redirectUri = options.redirectUri; @@ -373,6 +384,7 @@ export class UserSession implements IAuthenticationManager { new UserSession({ clientId, portal, + ssl: oauthInfo.ssl, token: oauthInfo.token, tokenExpires: new Date(oauthInfo.expires), username: oauthInfo.username @@ -430,6 +442,7 @@ export class UserSession implements IAuthenticationManager { return new UserSession({ clientId, portal, + ssl: oauthInfo.ssl, token: oauthInfo.token, tokenExpires: oauthInfo.expires, username: oauthInfo.username @@ -456,10 +469,14 @@ export class UserSession implements IAuthenticationManager { Date.now() + parseInt(match[2], 10) * 1000 - 60 * 1000 ); const username = decodeURIComponent(match[3]); + const ssl = + win.location.href.indexOf("&ssl=true") !== -1 || + win.location.href.indexOf("#ssl=true") !== -1; return completeSignIn(undefined, { token, expires, + ssl, username }); } @@ -536,6 +553,7 @@ export class UserSession implements IAuthenticationManager { token: options.token, tokenExpires: new Date(options.tokenExpires), portal: options.portal, + ssl: options.ssl, tokenDuration: options.tokenDuration, redirectUri: options.redirectUri, refreshTokenTTL: options.refreshTokenTTL @@ -557,6 +575,7 @@ export class UserSession implements IAuthenticationManager { static fromCredential(credential: ICredential) { return new UserSession({ portal: credential.server + `/sharing/rest`, + ssl: credential.ssl, token: credential.token, username: credential.userId, tokenExpires: new Date(credential.expires) @@ -576,7 +595,7 @@ export class UserSession implements IAuthenticationManager { return { expires: this.tokenExpires.getTime(), server: this.portal, - ssl: true, + ssl: this.ssl, token: this.token, userId: this.username }; @@ -644,6 +663,7 @@ export class UserSession implements IAuthenticationManager { token: this.token, tokenExpires: this.tokenExpires, portal: this.portal, + ssl: this.ssl, tokenDuration: this.tokenDuration, redirectUri: this.redirectUri, refreshTokenTTL: this.refreshTokenTTL diff --git a/packages/arcgis-rest-auth/src/fetch-token.ts b/packages/arcgis-rest-auth/src/fetch-token.ts index da1bef7ef0..37f3807c63 100644 --- a/packages/arcgis-rest-auth/src/fetch-token.ts +++ b/packages/arcgis-rest-auth/src/fetch-token.ts @@ -13,6 +13,7 @@ interface IFetchTokenRawResponse { expires_in: number; username: string; refresh_token?: string; + ssl?: boolean; } export interface IFetchTokenResponse { @@ -20,6 +21,7 @@ export interface IFetchTokenResponse { expires: Date; username: string; refreshToken?: string; + ssl?: boolean; } export function fetchToken( diff --git a/packages/arcgis-rest-auth/test/UserSession.test.ts b/packages/arcgis-rest-auth/test/UserSession.test.ts index dd219271aa..27ae7fbb2f 100644 --- a/packages/arcgis-rest-auth/test/UserSession.test.ts +++ b/packages/arcgis-rest-auth/test/UserSession.test.ts @@ -19,6 +19,7 @@ describe("UserSession", () => { const session = new UserSession({ clientId: "clientId", redirectUri: "https://example-app.com/redirect-uri", + ssl: false, token: "token", tokenExpires: TOMORROW, refreshToken: "refreshToken", @@ -34,6 +35,7 @@ describe("UserSession", () => { expect(session2.redirectUri).toEqual( "https://example-app.com/redirect-uri" ); + expect(session2.ssl).toEqual(false); expect(session2.token).toEqual("token"); expect(session2.tokenExpires).toEqual(TOMORROW); expect(session2.refreshToken).toEqual("refreshToken"); @@ -525,6 +527,7 @@ describe("UserSession", () => { .then(session => { expect(session.token).toBe("token"); expect(session.username).toBe("c@sey"); + expect(session.ssl).toBe(true); expect(session.tokenExpires).toEqual(TOMORROW); done(); }) @@ -543,7 +546,8 @@ describe("UserSession", () => { JSON.stringify({ token: "token", expires: TOMORROW, - username: "c@sey" + username: "c@sey", + ssl: true }) ); }); @@ -652,7 +656,7 @@ describe("UserSession", () => { const MockWindow = { location: { href: - "https://example-app.com/redirect-uri#access_token=token&expires_in=1209600&username=c%40sey&persist=true" + "https://example-app.com/redirect-uri#access_token=token&expires_in=1209600&username=c%40sey&ssl=true&persist=true" }, get parent() { return this; @@ -670,6 +674,7 @@ describe("UserSession", () => { expect(session.token).toBe("token"); expect(session.tokenExpires.getTime()).toBeGreaterThan(Date.now()); expect(session.username).toBe("c@sey"); + expect(session.ssl).toBe(true); }); it("should callback to create a new user session if finds a valid opener", done => { @@ -683,6 +688,7 @@ describe("UserSession", () => { const oauthInfo = JSON.parse(oauthInfoString); expect(oauthInfo.token).toBe("token"); expect(oauthInfo.username).toBe("c@sey"); + expect(oauthInfo.ssl).toBe(false); expect(new Date(oauthInfo.expires).getTime()).toBeGreaterThan( Date.now() ); @@ -717,6 +723,7 @@ describe("UserSession", () => { const oauthInfo = JSON.parse(oauthInfoString); expect(oauthInfo.token).toBe("token"); expect(oauthInfo.username).toBe("c@sey"); + expect(oauthInfo.ssl).toBe(true); expect(new Date(oauthInfo.expires).getTime()).toBeGreaterThan( Date.now() ); @@ -727,7 +734,7 @@ describe("UserSession", () => { }, location: { href: - "https://example-app.com/redirect-uri#access_token=token&expires_in=1209600&username=c%40sey" + "https://example-app.com/redirect-uri#access_token=token&expires_in=1209600&username=c%40sey&ssl=true" } }; @@ -872,7 +879,7 @@ describe("UserSession", () => { const MOCK_CREDENTIAL: ICredential = { expires: TOMORROW.getTime(), server: "https://www.arcgis.com", - ssl: true, + ssl: false, token: "token", userId: "jsmith" }; @@ -882,6 +889,7 @@ describe("UserSession", () => { clientId: "clientId", redirectUri: "https://example-app.com/redirect-uri", token: "token", + ssl: false, tokenExpires: TOMORROW, refreshToken: "refreshToken", refreshTokenExpires: TOMORROW, @@ -893,7 +901,7 @@ describe("UserSession", () => { const creds = session.toCredential(); expect(creds.userId).toEqual("jsmith"); expect(creds.server).toEqual("https://www.arcgis.com/sharing/rest"); - expect(creds.ssl).toEqual(true); + expect(creds.ssl).toEqual(false); expect(creds.token).toEqual("token"); expect(creds.expires).toEqual(TOMORROW.getTime()); }); @@ -902,6 +910,7 @@ describe("UserSession", () => { const session = UserSession.fromCredential(MOCK_CREDENTIAL); expect(session.username).toEqual("jsmith"); expect(session.portal).toEqual("https://www.arcgis.com/sharing/rest"); + expect(session.ssl).toEqual(false); expect(session.token).toEqual("token"); expect(session.tokenExpires).toEqual(new Date(TOMORROW)); });