UNPKG

scrivito

Version:

Scrivito is a professional, yet easy to use SaaS Enterprise Content Management Service, built for digital agencies and medium to large businesses. It is completely maintenance-free, cost-effective, and has unprecedented performance and security.

www.scrivito.com

Scrivito/scrivito_sdk_js

120 lines (101 loc) 3.23 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
import { AuthorizationProvider, RequestFailedError } from 'scrivito_sdk/client'; import { parseErrorResponse } from 'scrivito_sdk/client/parse_error_response'; import { Verification, VerificationForChallenge, Verificator, fetch as fetchVerificatorFunction, } from 'scrivito_sdk/client/verificator_functions'; import { onReset, promiseAndFinally, registerAsyncTask, } from 'scrivito_sdk/common'; export const ERROR_CODE_CLIENT_VERIFICATION_REQUIRED = 'client_verification_required'; export interface Challenge { verificator: Verificator; data: unknown; } interface CurrentComputation { challenge: Challenge; promise: Promise<Verification>; } let computation: CurrentComputation | undefined; let verification: Verification | undefined; export const PublicAuthentication: AuthorizationProvider = { async authorize( request: (authorization: string | undefined) => Promise<Response> ): Promise<Response> { const response = await request(currentAuthorization()); if (response.status === 401) { // response.text is a macrotask in firefox. // it needs to be registered explicitly, to work with flushPromises. const responseText = await registerAsyncTask(() => response.clone().text() ); const { details, code } = parseErrorResponse(responseText); if (code === ERROR_CODE_CLIENT_VERIFICATION_REQUIRED) { if (!isChallenge(details)) { throw new RequestFailedError('verification without challenge'); } verification = await computeVerification(details); return this.authorize(request); } } return response; }, // integration test support currentState(): string | null { const authorization = currentAuthorization(); if (authorization) { return `Authorization: ${authorization}`; } if (computation) { const challenge = computation.challenge; return `Pending computation: ${challenge.verificator.id} with ${String( challenge.data )}`; } return null; }, }; async function computeVerification( challenge: Challenge ): Promise<Verification> { if (!computation) { // note that further request's challenges are ignored (intentionally) const { verificator, data } = challenge; const promise = (async () => { const compute: VerificationForChallenge = await fetchVerificatorFunction( verificator.id, verificator.url ); return new Promise<Verification>((resolve) => { compute(data, (result: Verification) => resolve(result)); }); })(); computation = { challenge: { verificator, data }, promise: promiseAndFinally<Verification>(promise, () => { computation = undefined; }), }; } return computation.promise; } function isChallenge(maybeChallenge: object): maybeChallenge is Challenge { return !!(maybeChallenge as Challenge).verificator; } function currentAuthorization(): string | undefined { if (!verification) return; if (verification.expiresAfter < new Date()) { verification = undefined; return; } return verification.authorization; } onReset(() => { computation = undefined; verification = undefined; });