Merge pull request #21 from admin-ch/fixups

Fixups

Author: gillerr

package-lock.json

@@ -1,6 +1,6 @@
 {
   "name": "ha-ui",
-  "version": "1.0.8",
+  "version": "1.0.9",
   "scripts": {
     "start": "ng serve",
     "build": "ng build",

package.json

@@ -13,6 +13,7 @@ import {
 	multiTranslateLoader,
 	ObDocumentMetaService,
 	ObHttpApiInterceptor,
+	ObHttpApiInterceptorConfig,
 	ObMasterLayoutConfig,
 	ObMasterLayoutModule,
 	ObOffCanvasModule
@@ -63,7 +64,12 @@ registerLocaleData(localeENGB);
 	schemas: [CUSTOM_ELEMENTS_SCHEMA]
 })
 export class AppModule {
-	constructor(private readonly config: ObMasterLayoutConfig, meta: ObDocumentMetaService) {
+	constructor(
+		private readonly config: ObMasterLayoutConfig,
+		meta: ObDocumentMetaService,
+		interceptor: ObHttpApiInterceptorConfig
+	) {
+		interceptor.api.url = '/v1/authcode';
 		meta.titleSuffix = 'application.title';
 		meta.description = 'application.description';
 		config.layout.hasMainNavigation = false;

src/app/app.module.ts

@@ -93,7 +93,7 @@ describe('AuthGuardService', () => {
 
 			it('should redirect to auto-login', done => {
 				service.canLoad(null).subscribe(a => {
-					expect(window.location.href).toEqual('https://www.eiam.admin.ch/?c=f!403pts!pub&l=en');
+					expect(window.location.href).toEqual('https://www.eiam.admin.ch/403pts?l=en&stage=');
 					done();
 				});
 			});
@@ -122,7 +122,7 @@ describe('AuthGuardService', () => {
 
 			it('should redirect to auto-login', done => {
 				service.canLoad(null).subscribe(a => {
-					expect(window.location.href).toEqual('https://www.eiam.admin.ch/chloginforbidden?l=en');
+					expect(window.location.href).toEqual('https://www.eiam.admin.ch/chloginforbidden?l=en&stage=');
 					done();
 				});
 			});

src/app/auth/auth-guard.service.spec.ts

@@ -13,6 +13,7 @@ import {map, take} from 'rxjs/operators';
 import {TranslateService} from '@ngx-translate/core';
 import {WINDOW} from '@oblique/oblique';
 import {Claims, OauthService} from './oauth.service';
+import {environment} from '../../environments/environment';
 
 export enum Role {
 	HaUI = 'bag-pts-allow'
@@ -22,12 +23,15 @@ export enum Role {
 	providedIn: 'root'
 })
 export class AuthGuardService implements CanActivate, CanActivateChild, CanLoad {
+	private readonly stage: string;
 	constructor(
 		private readonly oauthService: OauthService,
 		private readonly router: Router,
 		private readonly translate: TranslateService,
 		@Inject(WINDOW) private readonly window
-	) {}
+	) {
+		this.stage = environment.stage;
+	}
 
 	canActivate(route: ActivatedRouteSnapshot, state: RouterStateSnapshot): Observable<boolean> {
 		return this.checkExpectedRole();
@@ -56,12 +60,12 @@ export class AuthGuardService implements CanActivate, CanActivateChild, CanLoad
 
 		const hasAccess = this.oauthService.hasUserRole(Role.HaUI, claims);
 		if (!hasAccess) {
-			this.window.location.href = `https://www.eiam.admin.ch/?c=f!403pts!pub&l=${this.translate.currentLang}`;
+			this.window.location.href = `https://www.eiam.admin.ch/403pts?l=${this.translate.currentLang}&stage=${this.stage}`;
 			return false;
 		}
 
 		if (claims.homeName === 'E-ID CH-LOGIN' && claims.unitName?.indexOf('HIN') === 0) {
-			this.window.location.href = `https://www.eiam.admin.ch/chloginforbidden?l=${this.translate.currentLang}`;
+			this.window.location.href = `https://www.eiam.admin.ch/chloginforbidden?l=${this.translate.currentLang}&stage=${this.stage}`;
 			return false;
 		}
 		return hasAccess;

src/app/auth/auth-guard.service.ts

@@ -1,5 +1,6 @@
-import {TestBed} from '@angular/core/testing';
+import {fakeAsync, TestBed} from '@angular/core/testing';
 import {EMPTY, of} from 'rxjs';
+import {skip} from 'rxjs/operators';
 import {LoggerService, OidcSecurityService} from 'angular-auth-oidc-client';
 import {OauthService} from './oauth.service';
 import {OpenIdConfigService} from './open-id-config-service';
@@ -50,6 +51,15 @@ describe('OauthService', () => {
 			expect(service.name$).toBeDefined();
 		});
 
+		it('should not emit if no claims', fakeAsync(() => {
+			let name;
+			// @ts-ignore
+			service.claims.next(undefined);
+			service.name$.subscribe(n => (name = n));
+			skip(1000);
+			expect(name).toBeUndefined();
+		}));
+
 		it('should emit name if present', done => {
 			// @ts-ignore
 			service.claims.next({name: 'test'});

src/app/auth/oauth-service.spec.ts

@@ -52,7 +52,10 @@ export class OauthService {
 	) {
 		this.claims$ = this.claims.asObservable();
 		this.isAuthenticated$ = this.isAuthenticated.asObservable();
-		this.name$ = this.claims$.pipe(map(claims => claims.displayName || claims.name));
+		this.name$ = this.claims$.pipe(
+			filter(claims => !!claims),
+			map(claims => claims.displayName || claims.name)
+		);
 	}
 
 	logout(): void {

src/app/auth/oauth.service.ts

@@ -25,7 +25,7 @@ describe('HomeComponent', () => {
 							currentLang: 'en'
 						}
 					},
-					{provide: OauthService, useValue: {logout: jest.fn()}}
+					{provide: OauthService, useValue: {logout: jest.fn(), isAuthenticated$: of(false)}}
 				],
 				schemas: [NO_ERRORS_SCHEMA],
 				declarations: [HomeComponent]
@@ -73,7 +73,7 @@ describe('HomeComponent', () => {
 		});
 	});
 
-	describe('logout access', () => {
+	describe('logout access while authenticated', () => {
 		beforeEach(async(() => {
 			TestBed.configureTestingModule({
 				imports: [ObliqueTestingModule],
@@ -85,7 +85,7 @@ describe('HomeComponent', () => {
 							currentLang: 'en'
 						}
 					},
-					{provide: OauthService, useValue: {logout: jest.fn()}},
+					{provide: OauthService, useValue: {logout: jest.fn(), isAuthenticated$: of(true)}},
 					{provide: ActivatedRoute, useValue: {data: of({logout: true})}}
 				],
 				schemas: [NO_ERRORS_SCHEMA],
@@ -103,9 +103,45 @@ describe('HomeComponent', () => {
 			expect(component).toBeTruthy();
 		});
 
-		it('should logout', () => {
+		it('should not logout', () => {
 			const oauth = TestBed.inject(OauthService);
 			expect(oauth.logout).toHaveBeenCalled();
 		});
 	});
+
+	describe('logout access while not authenticated', () => {
+		beforeEach(async(() => {
+			TestBed.configureTestingModule({
+				imports: [ObliqueTestingModule],
+				providers: [
+					{
+						provide: TranslateService,
+						useValue: {
+							onLangChange: new EventEmitter<LangChangeEvent>(),
+							currentLang: 'en'
+						}
+					},
+					{provide: OauthService, useValue: {logout: jest.fn(), isAuthenticated$: of(false)}},
+					{provide: ActivatedRoute, useValue: {data: of({logout: true})}}
+				],
+				schemas: [NO_ERRORS_SCHEMA],
+				declarations: [HomeComponent]
+			}).compileComponents();
+		}));
+
+		beforeEach(() => {
+			fixture = TestBed.createComponent(HomeComponent);
+			component = fixture.componentInstance;
+			fixture.detectChanges();
+		});
+
+		it('should create', () => {
+			expect(component).toBeTruthy();
+		});
+
+		it('should logout', () => {
+			const oauth = TestBed.inject(OauthService);
+			expect(oauth.logout).not.toHaveBeenCalled();
+		});
+	});
 });

src/app/home/home.component.spec.ts

@@ -1,7 +1,7 @@
 import {Component} from '@angular/core';
 import {TranslateService} from '@ngx-translate/core';
 import {ActivatedRoute} from '@angular/router';
-import {filter, map, startWith} from 'rxjs/operators';
+import {filter, map, startWith, switchMap} from 'rxjs/operators';
 import {Observable} from 'rxjs';
 import {OauthService} from '../auth/oauth.service';
 import {environment} from '../../environments/environment';
@@ -18,7 +18,13 @@ export class HomeComponent {
 	showWarning = environment.showWarning;
 
 	constructor(translate: TranslateService, route: ActivatedRoute, oauthService: OauthService) {
-		route.data.pipe(filter(data => data.logout)).subscribe(() => oauthService.logout());
+		oauthService.isAuthenticated$
+			.pipe(
+				filter(isAuthenticated => isAuthenticated),
+				switchMap(() => route.data),
+				filter(data => data.logout)
+			)
+			.subscribe(() => oauthService.logout());
 		this.lang$ = translate.onLangChange.pipe(
 			map(lang => lang.lang),
 			startWith(translate.currentLang)

src/app/home/home.component.ts

@@ -4,6 +4,7 @@ import {LogLevel} from 'angular-auth-oidc-client';
 export const environment = {
 	production: true,
 	showWarning: true,
+	stage: 'a',
 	host: 'https://codegen-service-a.bag.admin.ch',
 	eiamSelfAdmin:
 		'https://sts-a.pts.admin.ch/_pep/myaccount?returnURL=https%3A%2F%2Fwww.covidcode-a.admin.chCURRENT_PAGE&language=LANGUAGE',