Merge branch 'main' into translations

Author: NatLibFi-JoonaKupe

package-lock.json

@@ -36,6 +36,7 @@
     "@fortawesome/free-regular-svg-icons": "^6.7.2",
     "@fortawesome/free-solid-svg-icons": "^6.7.2",
     "@fortawesome/react-fontawesome": "^0.2.2",
+    "@natlibfi/ekirjasto-opds-feed-parser": "2.0.1",
     "@nypl/design-system-react-components": "^0.7.2",
     "@nypl/dgx-svg-icons": "^0.3.12",
     "@theme-ui/color": "^0.16.2",
@@ -58,7 +59,6 @@
     "next-i18next": "^15.4.3",
     "next-transpile-modules": "^10.0.1",
     "node-fetch": "^2.6.13",
-    "opds-feed-parser": "^0.1.0",
     "react": "^18.3.1",
     "react-dom": "^18.2.0",
     "react-hook-form": "^7.53.1",

package.json

@@ -2,30 +2,37 @@ import React from "react";
 import BasicAuthHandler from "./BasicAuthHandler";
 import BasicTokenAuthHandler from "./BasicTokenAuthHandler";
 import CleverAuthHandler from "./CleverAuthHandler";
+import EkirjastoAuthHandler from "./EkirjastoAuthHandler";
 import SamlAuthHandler from "./SamlAuthHandler";
 import {
   ClientBasicMethod,
   ClientBasicTokenMethod,
+  ClientEkirjastoMethod,
   ClientSamlMethod
 } from "interfaces";
 import {
   BasicAuthType,
   CleverAuthType,
   CleverAuthMethod,
   SamlAuthType,
-  BasicTokenAuthType
+  BasicTokenAuthType,
+  EkirjastoAuthType,
+  EkirjastoMethod
 } from "../types/opds1";
 import track from "../analytics/track";
 import ApplicationError from "../errors";
 
 type SupportedAuthTypes =
+  | typeof EkirjastoAuthType
   | typeof BasicAuthType
   | typeof BasicTokenAuthType
   | typeof SamlAuthType
   | typeof CleverAuthType;
 
 type SupportedAuthHandlerProps = {
-  [key in SupportedAuthTypes]: key extends typeof BasicAuthType
+  [key in SupportedAuthTypes]: key extends typeof EkirjastoAuthType
+    ? EkirjastoMethod
+    : key extends typeof BasicAuthType
     ? ClientBasicMethod
     : key extends typeof BasicTokenAuthType
     ? ClientBasicTokenMethod
@@ -44,6 +51,7 @@ export const authHandlers: {
     method: SupportedAuthHandlerProps[key];
   }>;
 } = {
+  [EkirjastoAuthType]: EkirjastoAuthHandler,
   [BasicAuthType]: BasicAuthHandler,
   [BasicTokenAuthType]: BasicTokenAuthHandler,
   [SamlAuthType]: SamlAuthHandler,
@@ -62,6 +70,9 @@ const AuthenticationHandler: React.ComponentType<AuthHandlerWrapperProps> = ({
 }) => {
   const _AuthHandler = authHandlers[method.type];
 
+  if (method.type === EkirjastoAuthType && typeof method !== "string") {
+    return <_AuthHandler method={method as ClientEkirjastoMethod} />;
+  }
   if (method.type === BasicTokenAuthType && typeof method !== "string") {
     return <_AuthHandler method={method as ClientBasicTokenMethod} />;
   } else if (method.type === BasicAuthType && typeof method !== "string") {

src/auth/AuthenticationHandler.tsx

@@ -0,0 +1,48 @@
+/** @jsxRuntime classic */
+/** @jsx jsx */
+import { jsx } from "theme-ui";
+import * as React from "react";
+import { ClientEkirjastoMethod } from "interfaces";
+import LoadingIndicator from "components/LoadingIndicator";
+import Stack from "components/Stack";
+import useUser from "components/context/UserContext";
+import useLoginRedirectUrl from "auth/useLoginRedirect";
+import { clientOnly } from "components/ClientOnly";
+
+/**
+ * The Ekirjasto Auth handler sends you off to an external website to complete
+ * auth.
+ */
+const EkirjastoAuthHandler: React.FC<{ method: ClientEkirjastoMethod }> = ({
+  method
+}) => {
+  const { token, signOut } = useUser();
+  const { authSuccessUrl } = useLoginRedirectUrl();
+
+  // Get link for strong authentication
+  const authenticationStartHref = method.links?.find(
+    link => link.rel === "tunnistus_start"
+  )?.href;
+
+  //Create link with redirect
+  const urlWithRedirect = `${authenticationStartHref}&redirect_uri=${encodeURIComponent(
+    authSuccessUrl
+  )}`;
+
+  // Start login
+  React.useEffect(() => {
+    if (!token && urlWithRedirect) {
+      window.location.href = urlWithRedirect;
+      console.log(urlWithRedirect);
+    }
+  }, [token, signOut, urlWithRedirect]);
+
+  return (
+    <Stack direction="column" sx={{ alignItems: "center" }}>
+      <LoadingIndicator />
+      Logging in with EkirjastoAuthentication...
+    </Stack>
+  );
+};
+
+export default clientOnly(EkirjastoAuthHandler);

src/auth/EkirjastoAuthHandler.tsx

@@ -8,6 +8,7 @@ import { Text } from "components/Text";
 import LoadingIndicator from "components/LoadingIndicator";
 import useLogin from "auth/useLogin";
 import { isSupportedAuthType } from "./AuthenticationHandler";
+import { EKIRJASTO_AUTH_TYPE } from "utils/constants";
 
 export default function Login(): React.ReactElement {
   const { initLogin } = useLogin();
@@ -20,9 +21,17 @@ export default function Login(): React.ReactElement {
   );
 
   // Automatically redirect user to first supported auth method
+  // Unless there is ekirjasto authentication, then redirect to that
   React.useEffect(() => {
     if (supportedAuthMethods.length > 0) {
-      initLogin(supportedAuthMethods[0].id);
+      const ekirjastoAuth = supportedAuthMethods.find(
+        method => method.type === EKIRJASTO_AUTH_TYPE
+      );
+      if (ekirjastoAuth) {
+        initLogin(ekirjastoAuth.id);
+      } else {
+        initLogin(supportedAuthMethods[0].id);
+      }
     }
   }, [supportedAuthMethods, initLogin]);
 

src/auth/Login.tsx

@@ -0,0 +1,26 @@
+import ApplicationError, { ServerError } from "errors";
+import fetchWithHeaders from "../dataflow/fetch";
+
+/**
+ * Fetch bearer (circulation) token for authenticating user
+ */
+export async function fetchEAuthToken(
+  url: string | undefined,
+  token: string | undefined
+) {
+  if (!url) {
+    throw new ApplicationError({
+      title: "Incomplete Authentication Info",
+      detail: "No URL or Token was provided for authentication"
+    });
+  }
+
+  const response = await fetchWithHeaders(url, `Bearer ${token}`, {}, "POST");
+  const json = await response.json();
+
+  if (!response.ok) {
+    throw new ServerError(url, response.status, json);
+  }
+
+  return json;
+}

src/auth/ekirjastoFetch.ts

@@ -1,10 +1,14 @@
 import * as React from "react";
 import Cookie from "js-cookie";
-import { AuthCredentials, OPDS1 } from "interfaces";
+import { AppAuthMethod, AuthCredentials, OPDS1 } from "interfaces";
 import { IS_SERVER } from "utils/env";
 import { NextRouter, useRouter } from "next/router";
 import { generateCredentials } from "utils/auth";
-import { SAML_LOGIN_QUERY_PARAM } from "utils/constants";
+import {
+  EKIRJASTO_AUTH_TYPE,
+  EKIRJASTO_TOKEN_PARAM,
+  SAML_LOGIN_QUERY_PARAM
+} from "utils/constants";
 
 /**
  * This hook:
@@ -16,16 +20,31 @@ import { SAML_LOGIN_QUERY_PARAM } from "utils/constants";
  *    if finds a token, it extracts it and sets it as the current
  *    credentials.
  */
-export default function useCredentials(slug: string | null) {
+export default function useCredentials(
+  slug: string | null,
+  authMethods: AppAuthMethod[] | null
+) {
   const router = useRouter();
+
+  // Since we don't actually call the login function anywhere, we need to put the authentication url
+  // in somehow, so we fetch it here and take it to getCredentialsState function
+  const ekirjastoMethod = authMethods?.find(
+    method => method.type === EKIRJASTO_AUTH_TYPE
+  );
+  let authenticationUrl;
+  if (ekirjastoMethod) {
+    authenticationUrl = ekirjastoMethod.links?.find(
+      link => link.rel === "authenticate"
+    )?.href;
+  }
   const [credentialsState, setCredentialsState] = React.useState<
     AuthCredentials | undefined
-  >(getCredentialsCookie(slug));
+  >(getCredentialsCookie(slug, authenticationUrl));
   // sync up cookie state with react state
   React.useEffect(() => {
-    const cookie = getCredentialsCookie(slug);
+    const cookie = getCredentialsCookie(slug, authenticationUrl);
     if (cookie) setCredentialsState(cookie);
-  }, [slug]);
+  }, [authenticationUrl, slug]);
 
   // set both cookie and state credentials
   const setCredentials = React.useCallback(
@@ -60,7 +79,7 @@ export default function useCredentials(slug: string | null) {
 }
 
 /**
- * COOKIE CREDENDIALS
+ * COOKIE CREDENTIALS
  */
 /**
  * If you pass a librarySlug, the cookie will be scoped to the
@@ -70,31 +89,69 @@ function cookieName(librarySlug: string | null): string {
   const AUTH_COOKIE_NAME = "CPW_AUTH_COOKIE";
   return `${AUTH_COOKIE_NAME}/${librarySlug}`;
 }
-
+/**
+ * When using ekirjasto authentication, we don't use scoping to a particular library
+ * @returns ekirjasto cookie name
+ */
+function cookieNameEkirjasto(): string {
+  const AUTH_COOKIE_NAME = EKIRJASTO_TOKEN_PARAM;
+  return AUTH_COOKIE_NAME;
+}
+/**
+ * Get credentials from cookies.
+ * We assume the token is in access_token cookie, and that it is
+ * of the Ekirjasto Authentication type
+ *
+ * @param librarySlug Library slug, that is useful if we have multiple libraries
+ * @param authenticationUrl AuthenticationUrl where we make refresh requests
+ * @returns Ekirjasto credentials if access_token is available, otherwise undefined
+ */
 function getCredentialsCookie(
-  librarySlug: string | null
+  librarySlug: string | null,
+  authenticationUrl: string | null
 ): AuthCredentials | undefined {
-  const credentials = Cookie.get(cookieName(librarySlug));
-  return credentials ? JSON.parse(credentials) : undefined;
+  if (librarySlug === "ekirjasto") {
+    // Get access token, for ekirjasto login credentials
+    const accessToken = Cookie.get(cookieNameEkirjasto());
+    // Create ekirjasto authentication credentials
+    const authCredentials: AuthCredentials = {
+      token: `Bearer ${accessToken}`,
+      methodType: OPDS1.EkirjastoAuthType,
+      authenticationUrl: authenticationUrl ? authenticationUrl : undefined
+    };
+    // Return the credentials
+    return authCredentials ? authCredentials : undefined;
+  } else {
+    const credentials = Cookie.get(cookieName(librarySlug));
+    return credentials ? JSON.parse(credentials) : undefined;
+  }
 }
 
 function setCredentialsCookie(
   librarySlug: string | null,
   credentials: AuthCredentials
 ) {
-  Cookie.set(cookieName(librarySlug), JSON.stringify(credentials));
+  if (librarySlug === "ekirjasto") {
+    Cookie.set(cookieNameEkirjasto(), JSON.stringify(credentials));
+  } else {
+    Cookie.set(cookieName(librarySlug), JSON.stringify(credentials));
+  }
 }
 
 function clearCredentialsCookie(librarySlug: string | null) {
-  Cookie.remove(cookieName(librarySlug));
+  if (librarySlug === "ekirjasto") {
+    Cookie.remove(cookieNameEkirjasto());
+  } else {
+    Cookie.remove(cookieName(librarySlug));
+  }
 }
 
 export function generateToken(username: string, password?: string) {
   return generateCredentials(username, password);
 }
 
 /**
- * URL CREDENTIALS
+ * URL CREDENTIALS, NOT USED WITH EKIRJASTO
  */
 function getUrlCredentials(router: NextRouter) {
   /* TODO: throw error if samlAccessToken and cleverAccessToken exist at the same time as this is an invalid state that shouldn't be reached */

src/auth/useCredentials.ts

@@ -7,7 +7,7 @@ import { IS_SERVER } from "utils/env";
 /**
  * Extracts the redirect url stored in the browser url bar and returns
  * a version including the origin (fullSuccessUrl) or a version that is
- * just a path (successPath).
+ * just a path (successPath), or a path for special authentication handling (authSuccessUrl)
  */
 export default function useLoginRedirectUrl() {
   const { buildMultiLibraryLink } = useLinkUtils();
@@ -33,8 +33,14 @@ export default function useLoginRedirectUrl() {
     ? ""
     : `${window.location.origin}${successPath}`;
 
+  // get the url where we redirect after authentication
+  const authSuccessUrl = IS_SERVER
+    ? ""
+    : `${window.location.origin}/api/authsuccess`;
+
   return {
     fullSuccessUrl,
-    successPath
+    successPath,
+    authSuccessUrl
   };
 }