From f3e940f9c6380b55a3c57960da31b152588eebb0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tristan=20Bouli=C3=A8re?=
 <108473857+tbouliere-datasolution@users.noreply.github.com>
Date: Thu, 14 Mar 2024 17:56:08 +0100
Subject: [PATCH] fix: use a prefix (icm_) for internal token oauth storage
 (#1601)

---------

Co-authored-by: Silke <s.grueber@intershop.de>
---
 .../specs/account/login-user.b2c.e2e-spec.ts  |  4 +--
 .../core/services/token/token.service.spec.ts |  2 +-
 src/app/core/services/token/token.service.ts  | 28 +++++++++++++++++--
 src/app/core/utils/instance-creators.ts       | 12 ++++++--
 4 files changed, 38 insertions(+), 8 deletions(-)

diff --git a/e2e/cypress/e2e/specs/account/login-user.b2c.e2e-spec.ts b/e2e/cypress/e2e/specs/account/login-user.b2c.e2e-spec.ts
index cb60e8db6c..68bd8ab757 100644
--- a/e2e/cypress/e2e/specs/account/login-user.b2c.e2e-spec.ts
+++ b/e2e/cypress/e2e/specs/account/login-user.b2c.e2e-spec.ts
@@ -44,7 +44,7 @@ describe('Returning User', () => {
       });
 
       cy.getAllLocalStorage().then(
-        localStorage => expect(localStorage[Cypress.config('baseUrl')].access_token).to.not.be.empty
+        localStorage => expect(localStorage[Cypress.config('baseUrl')].icm_access_token).to.not.be.empty
       );
     });
 
@@ -61,7 +61,7 @@ describe('Returning User', () => {
       });
 
       cy.getAllLocalStorage().then(
-        localStorage => expect(localStorage[Cypress.config('baseUrl')].access_token).to.be.undefined
+        localStorage => expect(localStorage[Cypress.config('baseUrl')].icm_access_token).to.be.undefined
       );
     });
   });
diff --git a/src/app/core/services/token/token.service.spec.ts b/src/app/core/services/token/token.service.spec.ts
index 4451569971..8e75595e59 100644
--- a/src/app/core/services/token/token.service.spec.ts
+++ b/src/app/core/services/token/token.service.spec.ts
@@ -26,7 +26,7 @@ describe('Token Service', () => {
   when(oAuthService.configure(anything())).thenResolve();
   when(oAuthService.events).thenReturn(of(undefined));
 
-  when(instanceCreators.getOAuthServiceInstance(anything())).thenReturn(instance(oAuthService));
+  when(instanceCreators.getOAuthServiceInstance(anything(), anything())).thenReturn(instance(oAuthService));
 
   beforeEach(() => {
     TestBed.configureTestingModule({
diff --git a/src/app/core/services/token/token.service.ts b/src/app/core/services/token/token.service.ts
index c3296334b2..02bc2878b5 100644
--- a/src/app/core/services/token/token.service.ts
+++ b/src/app/core/services/token/token.service.ts
@@ -1,6 +1,13 @@
 import { HttpHeaders } from '@angular/common/http';
 import { Injectable, Injector } from '@angular/core';
-import { AuthConfig, OAuthInfoEvent, OAuthService, OAuthSuccessEvent, TokenResponse } from 'angular-oauth2-oidc';
+import {
+  AuthConfig,
+  OAuthInfoEvent,
+  OAuthService,
+  OAuthStorage,
+  OAuthSuccessEvent,
+  TokenResponse,
+} from 'angular-oauth2-oidc';
 import { BehaviorSubject, Observable, filter, first, from, map, noop, switchMap, take } from 'rxjs';
 
 import { FetchTokenOptions, GrantType } from 'ish-core/models/token/token.interface';
@@ -9,13 +16,30 @@ import { ApiTokenService } from 'ish-core/utils/api-token/api-token.service';
 import { InstanceCreators } from 'ish-core/utils/instance-creators';
 import { whenTruthy } from 'ish-core/utils/operators';
 
+function storageFactory(): OAuthStorage {
+  const prefix = 'icm_' as const;
+  if (!SSR) {
+    return {
+      getItem(key: string): string {
+        return localStorage.getItem(`${prefix}${key}`);
+      },
+      removeItem(key: string): void {
+        return localStorage.removeItem(`${prefix}${key}`);
+      },
+      setItem(key: string, data: string): void {
+        return localStorage.setItem(`${prefix}${key}`, data);
+      },
+    };
+  }
+}
+
 @Injectable({ providedIn: 'root' })
 export class TokenService {
   private oAuthService: OAuthService;
   private serviceConfigured$ = new BehaviorSubject<boolean>(false);
 
   constructor(private apiService: ApiService, private apiTokenService: ApiTokenService, parent: Injector) {
-    this.oAuthService = InstanceCreators.getOAuthServiceInstance(parent);
+    this.oAuthService = InstanceCreators.getOAuthServiceInstance(parent, storageFactory);
 
     this.apiService
       .constructUrlForPath('token', {
diff --git a/src/app/core/utils/instance-creators.ts b/src/app/core/utils/instance-creators.ts
index b9039e9447..0a65b85826 100644
--- a/src/app/core/utils/instance-creators.ts
+++ b/src/app/core/utils/instance-creators.ts
@@ -1,9 +1,15 @@
 import { Injector } from '@angular/core';
-import { OAuthService } from 'angular-oauth2-oidc';
+import { OAuthService, OAuthStorage } from 'angular-oauth2-oidc';
 
 export class InstanceCreators {
-  static getOAuthServiceInstance(parent: Injector): OAuthService {
-    const injector = Injector.create({ providers: [{ provide: OAuthService }], parent });
+  static getOAuthServiceInstance(parent: Injector, storageFactory?: () => OAuthStorage): OAuthService {
+    const injector = Injector.create({
+      providers: [
+        ...(storageFactory ? [{ provide: OAuthStorage, useFactory: storageFactory }] : []),
+        { provide: OAuthService },
+      ],
+      parent,
+    });
     return injector.get(OAuthService);
   }
 }