Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: token behavior improvements #1421

Merged
merged 3 commits into from
Jun 16, 2023
Merged

feat: token behavior improvements #1421

merged 3 commits into from
Jun 16, 2023

Conversation

Eisie96
Copy link
Contributor

@Eisie96 Eisie96 commented Apr 21, 2023
edited
Loading

PR Type

[ ] Bugfix
[ x ] Feature
[ ] Code style update (formatting, local variables)
[ ] Refactoring (no functional changes, no API changes)
[ ] Build-related changes
[ ] CI-related changes
[ ] Documentation content changes
[ ] Application / infrastructure changes
[ ] Other:

What Is the Current Behavior?

The new token api is introduced with the PWA version 3.2 (#1156). Since then, we are dealing with some issues, which needed to be addressed.

  • The ICM token functionality is split into multiple files. The configuration of the OAuth service (identity-provider) is executed in a different place then fetching the token (user.service.ts). This can lead to a runtime issue, when the oAuthService wants to fetch a new token, although the whole service is not yet configured.
  • The PWA can now be initialized with two different oAuthService combination. (Auth0 and default ICM token behavior). Right now all configurations are sharing just one oAuthService instance. This can lead to unneccary side effects (overriden configuration)
  • The anonymous user token is fetched everytime no apiToken is available. This is not necessary. The token is only needed, when a new basket should be created.

Issue Number: Closes #1374

What Is the New Behavior?

The OauthConfigurationService is replaced by the TokenService. The service will inject it's own OAuthService instance and is responsible for it's configuration and fetching token mechanism. All identity provider are not relying on the internal ICM token behavior anymore.

The anonymous user token behavior is adapted. It will only be fetched, when an anoymous user will create a basket. The functionality is included in the ApiTokenService intercept method.

Does this PR Introduce a Breaking Change?

The identity provider needs to be adapted. These providers are not responsible anymore to configure the oAuthService for fetching ICM tokens.

When a identity provider needs a OAuthService (e.g. auth0-identity-provider), then it has to inject the dependency with a complete new OAuthService instance. Otherwise it could lead to unnecassary side effects. (e.g. during configuration)

  @Injectable({ providedIn: 'root' })
  export class Auth0IdentityProvider implements IdentityProvider {
    private oauthService: OAuthService;
  
    constructor(
      parent: Injector,
    ) {
      const injector = Injector.create({
        providers: [{ provide: OAuthService }],
        parent,
      });
  
      this.oauthService = injector.get(OAuthService);
    }
}

[ x ] Yes
[ ] No

Other Information

AB#85534

@Eisie96 Eisie96 self-assigned this Apr 21, 2023
@Eisie96 Eisie96 force-pushed the refactor/token-behavior-improvement branch 2 times, most recently from b6e2d96 to cd78a16 Compare May 12, 2023 13:27
@Eisie96
Copy link
Contributor Author

Eisie96 commented May 15, 2023

@tbouliere-datasolution

Hello Tristan, could you have a look on this PR? We have improved the token handling in the PWA and need some further feedback from you. :)

@Eisie96 Eisie96 requested review from shauke and SGrueber May 15, 2023 07:32
@tbouliere-datasolution
Copy link
Contributor

Hi @Eisie96
I haven't tested it thoroughly, but doesn't the following function

intershop-pwa/src/app/core/services/token/token.service.ts

Lines 92 to 101 in 11fd815

private setApiTokenCookie$() {
return this.oAuthService.events.pipe(
filter(event => event instanceof OAuthSuccessEvent && event.type === 'token_received'),
map(() =>
this.apiTokenService.setApiToken(this.oAuthService.getAccessToken(), {
expires: new Date(this.oAuthService.getAccessTokenExpiration()),
})
)
);
}
force an anonymous token ?

Won't this invalidate the sso token when this function is called?

@shauke shauke added this to the 4.1 milestone May 22, 2023
@Eisie96
Copy link
Contributor Author

Eisie96 commented May 26, 2023

Hi @Eisie96 I haven't tested it thoroughly, but doesn't the following function

intershop-pwa/src/app/core/services/token/token.service.ts

Lines 92 to 101 in 11fd815

private setApiTokenCookie$() {
return this.oAuthService.events.pipe(
filter(event => event instanceof OAuthSuccessEvent && event.type === 'token_received'),
map(() =>
this.apiTokenService.setApiToken(this.oAuthService.getAccessToken(), {
expires: new Date(this.oAuthService.getAccessTokenExpiration()),
})
)
);
}

force an anonymous token ?
Won't this invalidate the sso token when this function is called?

Thank you for your response!

The linked function will not fetch an anonymous user token. It will only set the apiToken within the api-token.service.ts to use them for all ICM request. The anonymous user token will only be called, when no apiToken is available (here not the case) and the basket request will be fetched.

shauke
shauke requested changes Jun 12, 2023
View reviewed changes
Copy link
Collaborator

@shauke shauke left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Problem with anonymous apiToken cookie from ICM in Hybrid Approach

When switching back from an ICM rendered page in Hybrid Approach where an anonymous apiToken cookie was set without a basket, the PWA tries to fetch the basket for that cookie and fails (REST error).
This results an disabled "Add to Cart" buttons in the whole PWA.

Other than this the rework looks good and worked with SSO and Punchout tests as expected.

@shauke shauke force-pushed the refactor/token-behavior-improvement branch from cd78a16 to 5a93e0e Compare June 16, 2023 11:02
shauke
shauke previously approved these changes Jun 16, 2023
View reviewed changes
@shauke shauke changed the title Refactor/token behavior improvement feat: token behavior improvements Jun 16, 2023
Eisie96 and others added 3 commits June 16, 2023 17:32
@Eisie96 @shauke
feat: improve token endpoint handling
979732e 
* own service, which is responsible for all token handling with the ICM
* rename ICMTokenEndpoint Service to TokenService and moved it files to core/services folder
* create utility class to instantiate custom oauthService instance
* adapt documentation for new authentication behavior

closes: #1374
@Eisie96 @shauke
feat: fetch anonymous user token only on basket creation when no apiT…
330a36f 
…oken is available
@shauke
fix: handle failing basket fetching for anonymous ICM apiToken withou…
7faf780 
…t an assigned basket

* issue that occurs with the Hybrid Approach
* failing basket request needs to reset the loading state
@shauke shauke force-pushed the refactor/token-behavior-improvement branch from 5a93e0e to 7faf780 Compare June 16, 2023 15:34
@shauke
Copy link
Collaborator

shauke commented Jun 16, 2023

Fixed Hybrid Approach issue that was independent from the token behavior improvements. Had the same problems before.

@shauke shauke merged commit a55751f into develop Jun 16, 2023
@shauke shauke deleted the refactor/token-behavior-improvement branch June 16, 2023 18:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shauke shauke shauke approved these changes

@SGrueber SGrueber Awaiting requested review from SGrueber

Assignees

@Eisie96 Eisie96

Labels
None yet
Projects
None yet
Milestone
4.1
Development

Successfully merging this pull request may close these issues.

SSO becames a mess since 3.2.0
3 participants
@Eisie96 @tbouliere-datasolution @shauke