Skip to content

Commit

Permalink
ENG-56603 - Auth0 Support Fix (#386)
Browse files Browse the repository at this point in the history 
Reinstated the old "magical rewrite" rules from console.account inside
@al/core's `AlIdentityProviders` utility class.
  • Loading branch information
@mcnielsen
mcnielsen authored Oct 22, 2024
1 parent fdd04cc commit 28ab781
Show file tree
Hide file tree
Showing 2 changed files with 50 additions and 6 deletions.
2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@al/core",
"version": "1.2.45",
"version": "1.2.46",
"description": "Node Enterprise Packages for Alert Logic (NEPAL) Core Library",
"main": "./dist/index.cjs.js",
"types": "./dist/index.d.ts",
Expand Down
54 changes: 49 additions & 5 deletions src/session/utilities/al-identity-providers.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,7 +52,8 @@ export class AlIdentityProviders
* itself is bootstrapped and the angular router assumes control of the URL.
*/

public async warmup() {
public async warmup():Promise<string|undefined> {
let currentURL = window?.location?.href ?? '';
if ( AlIdentityProviders.inAuth0Workflow(window?.location?.href) ) {
try {
AlErrorHandler.log( "IdP Warmup: initializing auth0" );
Expand All @@ -61,18 +62,16 @@ export class AlIdentityProviders
let accessToken = await this.getAuth0SessionToken( authenticator, config, 5000 );
if ( accessToken ) {
AlErrorHandler.log("IdP Warmup: procured auth0 access token" );
return false;
} else {
AlErrorHandler.log("IdP Warmup: auth0 did not yield an access token" );
}
} catch( e ) {
console.error( e );
AlErrorHandler.log(e, "IdP Warmup: auth0 initialization failed" );
}
return false; // HALT
return this.maybeRewriteBrokenURL( currentURL );
} else {
await this.getKeycloak();
}
return true; // Please, continue
}

/**
Expand Down Expand Up @@ -249,4 +248,49 @@ export class AlIdentityProviders
};
}

/**
* Auth0 has a bad habit of generating URLs that are indigestible by @angular/router, so it is necessary to recognize some of
* its patterns and correct them.
*/
protected maybeRewriteBrokenURL( inputURL:string ):string|undefined {
try {
let verifyMfaRouteMatcher = /\?state=(.*)\#\/mfa\/verify(.*)/;
let acceptTosRouteMatcher = /\?state=(.*)\#\/terms-of-service(.*)/;

let node = AlLocatorService.getNodeByURI( inputURL );
let nodeId = node?.locTypeId || 'unknown';

if ( nodeId === AlLocation.AccountsUI ) {
if ( inputURL.match( verifyMfaRouteMatcher ) ) {
let matches = verifyMfaRouteMatcher.exec( inputURL );
let stateValue = matches[1];
let qsValue = matches[2];
return inputURL.replace( verifyMfaRouteMatcher, `#/mfa/verify${qsValue}&state=${stateValue}` );
} else if ( inputURL.match( acceptTosRouteMatcher ) ) {
let matches = acceptTosRouteMatcher.exec( inputURL );
let stateValue = matches[1];
let qsValue = matches[2];
return inputURL.replace( acceptTosRouteMatcher, `#/terms-of-service${qsValue}&state=${stateValue}` );
}
let matches = /^(.*)\/\?state=(.*)(\#\/.*)$/.exec( inputURL );
if ( matches ) {
// This is an Auth0 redirect URL. It needs to be massaged to be gracefully handled by angular.
let paramToken = matches[3].includes("?") ? "&" : "?";
const rewrittenURL = `${matches[1]}/${matches[3]}${paramToken}state=${matches[2]}`;
return rewrittenURL;
}
} else {
let matches = /^(.*)\/\?error=login_required&state=(.*)(\#\/.*)$/.exec( inputURL );
if ( matches ) {
// This is an Auth0 redirect URL. It needs to be massaged to be gracefully handled by angular.
let paramToken = matches[3].includes("?") ? "&" : "?";
const rewrittenURL = `${matches[1]}/${matches[3]}${paramToken}error=login_required&state=${matches[2]}`;
return rewrittenURL;
}
}
} catch( e ) {
console.warn("Unexpected error: could not preprocess application URI: " + e.toString() );
}
return undefined;
};
}

0 comments on commit 28ab781

Please sign in to comment.